WILLIAM G. HOLLAND Iles Park Plaza |
SYNOPSIS
|
ENVIRONMENTAL PROTECTION AGENCY
FINANCIAL AND COMPLIANCE AUDIT
(In Accordance with the Single Audit Act of 1984 and OMB Circular
A-128)
For The Two Years Ended June 30, 1996
EXPENDITURE STATISTICS | FY 1996 |
FY 1995 |
FY 1994 |
|
$238,484,424 $136,507,504 $37,540,160
$41,561,799 $49,266,384 $101,976,920 $24,964,403 |
$279,767,046 $171,706,960 $39,300,170
$32,603,334 $91,158,590 $108,060,086 $24,980,008 |
$299,701,683 $162,388,089 $33,735,489
$15,764,647 $107,064,897 $137,313,594 $24,653,791 |
SELECTED ACTIVITY MEASURES | FY 1996 |
FY 1995 |
FY 1994 |
|
2,800 4,530 |
2,929 4,560 |
3,015 5,914 |
AGENCY DIRECTOR(S) | |||
During Audit Period: Mary
Gade Currently: Mary Gade |
Per diems exceeded allowable rates
Airline tickets not used
Purpose of travel not properly stated
Equipment items not located
Internal control weaknesses |
FINDINGS,
CONCLUSIONS, AND INADEQUATE REVIEW OF EMPLOYEE TRAVEL VOUCHERS The Agency's procedures over the review and approval of travel expenditures were not sufficient to ensure that travel expense reimbursements were in compliance with the Travel Regulations. We noted the following: Agency employees claimed per diems ranging from $35 per day to $114 per day for out-of-country travel based on published federal rates. These rates exceeded the maximum allowable per diems established in the State Travel Regulations. State Regulations do not provide rates for meal per diems specifically for out-of-country travel. We could find no documentation that Agency employees requested exceptions to the maximum allowable rates, for travel "outside the State of Illinois" prior to the travel. Employees were reimbursed for incorrect per diem or meal allowances. In some instances, errors by employees in the preparation of their travel vouchers resulted in underpayment of allowable per diems. In other instances, travel vouchers included claims for full per diems when only partial per diems were allowable. We also found out-of-state per diems were claimed for in-state travel and per diems were not reduced when meals were provided by the conference sponsors. An employee reported the use of only half of a round trip airplane ticket that had been direct billed and paid by the Agency. The employee stated he lost the return trip ticket but did not report the loss to the Agency so that a refund could be requested. The Agency did not match the employee's travel voucher to the direct bill invoice voucher. As a result, the Agency paid for a ticket that was not used. The Travel Regulations require the reporting of direct billed expenses on travel vouchers. At least 6 unused, valid airline tickets remained attached to travel vouchers. In all instances, the tickets had been charged to the Agency's credit card. After discovery during the audit, the tickets were returned to the travel agent for credit. Travel vouchers did not always include the purpose of travel as required. On some vouchers the purpose stated on the travel voucher did not agree with the supporting documentation. (Finding 1, page 9) We recommended the Agency establish effective controls over travel and require more effective review and approval of travel vouchers prior to reimbursement. We also recommended the Agency collect any overpayments previously made to staff. The Agency responded that it accepted our recommendation and described specific steps it would take to improve its controls over travel expenses. INADEQUATE PROCEDURES TO ENSURE PROPERTY RECORDS WERE COMPLETE AND ACCURATE The Agency had inadequate procedures to ensure all property transactions were properly reflected in the property reports, and the reports were not filed on a timely basis. A total of 80 equipment items were tested to verify the item was at the location noted in the property listing. Eleven items costing $6,364 could not be located, and seven items costing $8,416 were found at a location other than the location noted in the property listing. These eighteen items were various pieces of office furniture and office equipment. A total of 25 equipment items were tested to verify that removal of the item from the property listing was adequately supported by documentation. Three items costing $13,598 were deleted from the property listing without supporting documentation. The deficiencies noted above were the result of inadequate enforcement of State Property Act provisions and CUSAS procedures. The lack of adequate internal controls has resulted in misstatements in the Agency's property records. Also, inaccurate recordkeeping increases the risk that equipment could be lost or stolen due to lack of accountability. As of June 30, 1996 and 1995, the Agency had equipment totaling $24,964,403 and $24,980,008, respectively. (Finding 5, page 17) We recommended the Agency strengthen controls over property as required by the State Property Control Act by improving the reconciliation process, ensuring quarterly reports are prepared on a timely basis, developing adequate procedures for the transfer of equipment to ensure proper reporting of its location and implementing other controls over deletions/dispositions of equipment. The Agency responded that it accepted our recommendation and noted that a work group has been formed to develop improved procedures and controls over IEPA property. The Agency further noted most of the group's recommendations have already been implemented. COMPUTER SECURITY DEFICIENCIES The Agency had not effectively or consistently secured all of its computer systems. A review of the Agency's computer security adminis-tration procedures revealed the following significant weaknesses:
These weaknesses can result in unauthorized access and misuse of the Agency's information systems. (Finding 9, page 22) We recommended the Agency formally issue its Data Security Standards and Procedures Manual, and perform a detailed review of its existing minicomputer's security features and implement changes necessary to comply with Agency security policies for other systems. We also recommended that a formal on-going computer security awareness program should be developed, and that the Agency's utilization of mainframe security software should be reviewed and revised as needed to ensure users have appropriate access capabilities to Agency information. The Agency responded that it accepted and partially implemented our recommendations. The Agency also stated that it has either taken or will take the following corrective actions:
OTHER FINDINGS The remaining findings and recommendations are less significant and have been given attention by the Agency. We will review progress towards the implementation of our recommendations during the Agency's next audit. The responses to our findings and recommendations were provided by Mary Gade, Director. AUDITORS' OPINION Our auditors state the June 30, 1996 and June 30, 1995 combined financial statements of the Agency are fairly presented.
WGH:JTD:pp SPECIAL ASSISTANT AUDITORS Our special assistant auditors were Sikich Gardner & Co, LLP. |