Audit Annual Plan

Evaluate the adequacy and effectiveness of controls implemented in research labs to ensure compliance with federal and state requirements as well as the Campus Chemical Hygiene Plan. This audit will include an evaluation of biosafety practices.

Evaluate the adequacy and effectiveness of controls implemented to ensure compliance with regulatory requirements related to foreign collaborations, foreign support including financial interests and donations, and foreign talent programs.

Evaluate the adequacy and effectiveness of controls implemented over the Campus Equity, Diversity, and Inclusion Program.

Evaluate the adequacy and effectiveness of controls implemented to ensure research projects that are subject to export control regulations comply with recordkeeping, reporting, and security requirements.

Evaluate the adequacy and effectiveness of controls implemented as part of the Campus Respiratory Protection Program to ensure compliance with Federal and state requirements.

Evaluate the adequacy and effectiveness of controls implemented as part of the Campus Lockout/Tagout and Machine Guarding Programs to ensure compliance with Federal and state requirements.

Evaluate the adequacy and effectiveness of IT security controls implemented by the Engineering and Applied Science Academic Division as part of Campus' program for managing cybersecurity including prevention of potential ransomware attacks.

Perform penetration and vulnerability tests to evaluate the adequacy and effectiveness of controls over selected Campus websites. We will use Canaudit, Inc. to perform these tests.

Evaluate controls implemented within the Building Management System to ensure appropriate logical access and authorized actions. This may include penetration and vulnerability tests by Canaudit, Inc.

Evaluate the adequacy and effectiveness of controls implemented to ensure operations in the facility comply with laws, regulations, and internal policies.

Evaluate whether FY22 gross operating income is fairly stated in The Athenaeum FY2022 Summary P&L Statement. We will also evaluate the adequacy and effectiveness of IT controls as appropriate.

Evaluate the adequacy and effectiveness of controls over the cost estimation processes to ensure compliance with the Prime Contract and internal requirements.

Evaluate the adequacy and effectiveness of controls implemented to ensure appropriate response in the event of a disaster, including the resumption of critical business, to ensure compliance with federal, state, Prime Contract, and other internal requirements.

Evaluate the adequacy and effectiveness of controls implemented to ensure hazardous materials tracking, storage, recordkeeping, and reporting comply with federal, state, Prime Contract, and other internal requirements.

Evaluate the adequacy and effectiveness of controls implemented in research labs to ensure compliance with federal, state, Prime Contract, and other internal requirements.

Evaluate the adequacy and effectiveness of controls implemented over the affiliate onboarding and offboarding processes including compliance with vaccination mandate.

Evaluate the adequacy and effectiveness of controls implemented to ensure foreign collaborations comply with laws and regulations.

Evaluate the adequacy and effectiveness of processes and procedures implemented to grant internal and external users' access to JPL's Flight Mission Network.

Perform penetration and vulnerability tests to evaluate the adequacy and effectiveness of controls over JPL's Oracle database and applications. We will use Canaudit, Inc. to perform these tests.

Evaluate the adequacy and effectiveness of controls implemented to ensure JPL user's logical access is reviewed and updated, if required, when there is a change in job position.

Evaluate the adequacy and effectiveness of the EVM processes for a selected project to ensure compliance with Prime Contract requirement and internal requirements.

Evaluate the adequacy and effectiveness of controls implemented over the management of selected pressure vessel systems to ensure compliance with laws, regulations, and Prime Contract and internal requirements.