Hero Panel

Office of Internal Audit Services

  • Office of Internal Audit Services

    The Office of Internal Audit Services (OIAS) is responsible for providing internal audit services to the executive branch departments of Michigan state government.  They provide objective, independent assurance and consulting activities that are designed to add value and improve the State of Michigan's operations.

What We Do panel

2018 Accomplishments

Michigan Security Accreditation Program (MiSAP)

  • Michigan Security Accreditation Program (MiSAP)

    OIAS worked with state departments to implement leading pratices to remediate information technology (IT) control deficiencies within the state's IT processes and systems.  These leading practices helped support the state's cybersecurity and related control objectives.

Internal Control Evaluation (ICE) Program

  • Internal Control (ICE) Program

    OIAS led a coprehensive reengineering of the state's ICE practices, including identifying leading practices in private and public sector organizations.  The goal of the improved ICE process was to create greater enterprise risk management capability through identification of key processes, risks and controls, ann aligning evaluation results with key departmental outcomes and strategies.

Top-Down Risk Assessment

  • Top-Down Risk Assessment

    OIAS introducted the new Top Down Risk Assessment (TDRA), one of the essential first steps in the ICE process.  TDRA enables a department's senior executive team to identify its most significant risks so that management can prioritize its risk mitigation activities and ICE efforts accordingly.

Remediating Material Weaknesses

  • Remediating Material Weaknesses

    OIAS worked with departments to remediate internal control deficiencies, leading to the remediation of 56 material weaknesses during FY18.  The remediation of material weaknesses has been one of OIAS' most important priorities.

Independent Review of OIAS

  • Independent Review of OIAS

    Pricewaterhouse Coopers noted in its January 2018 External Quality Assessment (EQA) that OIAS generally conforms (the highest rating available) with 10 of the 11 Institute of Internal Auditors standards, in comparison to 10 of the 11 standards for the 2012 assessment.  OIAS was also recognized as consistently implementing several attributes of excellence in the profession of Internal Auditing.

Flint Integrity Oversight Monitoring

  • Flint Integrity Oversight Monitoring

    OIAS was an important contributor to the City of Flint recovery efforts.  OIAS performed a proactive review of state and city activities to ensure prevention and detection of fraud, waste, and abuse related to funds dedicated to the remediation program.  As of June 2018, 62 percent of all expenditures related to the Flint Water Emergency were subject to audit by the Office of the Auditor General, and no instances of malfeasance, waste, or abuse were identified.

Rick Lowe Wins Internal Auditor of the Year

Rick Lowe Wins Internal Auditor of the Year

  • State Chief Internal Auditor, Rick Lowe, Wins Internal Auditor of the Year Award

    Rick Lowe with Office of Internal Audit Services (OIAS) Team Members

    (Pictured Left to Right: Paul Jacokes, John Juarez, Rhoda Henderson-Fields, Rick Lowe, Sherri Washabaugh, Fran Thelen, Kevin Vennard)


    We would like to congratulate Rick Lowe, Chief Internal Auditor for winning the 2019 Internal Auditor of the Year Award. The honor was awarded by the Institute of Internal Auditors (IIA) earlier this March at their spring conference. The award recognizes leadership, exceptional achievement in business or a significant contribution to the internal audit community, including a desire to work with others to foster lifelong learning.

    Rick has nearly 30 years of experience in various leadership roles in the areas of audit, internal control and risk management.  He has worked with all State of Michigan executive branch departments to improve internal audit, risks management and internal control practices to improve the State’s enterprise risk management capabilities.