Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Computer Networks

Fiscal Year 2014 Internal Audit Annual Report

advertisement 
FISCAL YEAR 2014
INTERNAL AUDIT ANNUAL
REPORT
Andrew S. Groover, M.Ed., CPA, CIA, CICA, CISA, CFE
Director of Internal Audits
October 28, 2014
TEXAS WOMAN’S UNIVERSITY
OFFICE OF INTERNAL AUDITS
TEXAS WOMAN'S UNIVERSITY
MEMBERS OF THE BOARD OF REGENTS
Sue Schrier Bancroft, Chair and Presiding Officer
Mary Pincoffs Wilson, Vice Chair and Assistant Presiding Officer
Lola Chriss
Anna Maria Farias, Esq.
Debbie Gibson
Ann Scanlon McGinity, Ph.D.
Nancy Painter Paup
George R. Schrader
Melissa D. Tonn, M.D.
Candace Henslee (Student Regent)
OFFICERS OF THE UNIVERSITY
Carine Feyten, Ph.D., Chancellor and President
Robert Neely, Ph.D., Provost and Vice President for Academic Affairs
Brenda Floyd, Ed.D., Vice President for Finance & Administration
Monica Mendez-Grant, Ed.D., Vice President for Student Life
Gary Ray, M.Ed., Vice President for Enrollment Services
OFFICE OF INTERNAL AUDITS
Andrew S. Groover, M.Ed., CPA, CIA, CICA, CISA, CFE
Director of Internal Audits
TEXAS WOMAN’S UNIVERSITY
OFFICE OF INTERNAL AUDITS
TABLE OF CONTENTS
I.
Compliance with House Bill 16: Posting the Internal Audit Plan, Internal Audit
Annual Report, and Other Audit information on Internet Web site ................... 1-9
II.
Planned Work Related to the Proportionality of Higher Education Benefits ............ 9
III.
Internal Audit Plan for Fiscal Year 2014 ............................................................. 9-10
IV.
Consulting Services and Non-Audit Services Completed...................................... 10
V.
External Quality Assurance Review ................................................................. 10-14
VI.
Internal Audit Plan for Fiscal Year 2015 ........................................................... 15-16
VII. External Audit Services Procured in Fiscal Year 2014 .......................................... 16
VIII. Reporting Suspected Fraud and Abuse ................................................................ 17
October 28, 2014
Members of the Board of Regents, Texas Woman's University
Dr. Carine Feyten, Chancellor and President, Texas Woman's University
Ms. Kate McGrath, Governor’s Office of Budget, Planning, and Policy
Mr. Ed Osner, Legislative Budget Board
Internal Audit Coordinator, State Auditor’s Office
Mr. Ken Levine, Sunset Advisory Commission
A report on the activity of Texas Woman's University's Office of Internal Audits for fiscal
year 2014 follows. This report fulfills the requirements of Texas Government Code
(Texas Internal Auditing Act), Sections 2102.009 and 2102.0091. The report provides
information on the audit plan, audits completed, external quality assurance review, and
other internal auditing activities.
For further information about the contents of this report, please contact our Office at
940-898-3260 or by email at agroover@twu.edu.
Andrew S. Groover, M.Ed., CPA, CIA, CICA, CISA, CFE
Director of Internal Audits
Internal Audit Annual Report for Fiscal Year 2014
I.
Compliance with House Bill 16: Posting the Internal Audit Plan, Internal
Audit Annual Report, and Other Audit information on Internet Web site
The Office of Internal Audits has posted the Fiscal Year 2015 approved audit plan and
the Fiscal Year 2014 Internal Audit Annual Report on the Office of Internal Audits website
- http://www.twu.edu/internal-audits/. The following provides a detailed summary of
deficiencies related to the Fiscal Year 2014 Audit Plan and the current implementation
status of the recommendations.
Audit
Number
14-01
Audit Name
Investments
Audit
Report
Date
12/17/2013
Follow-up
Audit Report
Date*
8/18/2014
Recommendation(s)
Status
1. Compliance with
Section 2256.003 (b) of
the PFIA should be
improved.
I
2. Compliance with
Section 2256.005 (b)
(3) of the PFIA should
be improved.
I
3. The Annual Tracking
Report for Investment
Reporting by Higher
Education Institutions
should be submitted to
the State Auditor's
Office by December 31
each year in
compliance the
requirements of the
State Auditor’s Office.
I
4. Management should
ensure that question
#2 (as required by the
State Auditor’s Office)
is updated to include
whether or not the
University uses
directed brokerage or
directed commission,
commission recapture,
or similar
arrangements.
I
Page 1
Comments
Follow-up
completed.
Responsible
Party
Dr. Brenda
Floyd
Kelly
McCullar
Internal Audit Annual Report for Fiscal Year 2014
1. Compliance with
Code of Federal
Regulations (CFR)
Title 45 section 46.115
- IRB Records should
be improved.
14-02
Institutional
Review Board
1/22/2014
7/9/2014
I
Dr. Robert
Neely
Dr. Jennifer
Martin
2. Consent forms
should meet the
minimum standards
required by the Guide
to Writing a Consent
Form.
I
3. Management should
consider backing up
IRB documents in an
electronic format.
S
Follow-up
completed.
Dr.
Chandad
Prasad
Tracy
Lindsay
1. Management should
improve compliance
with section 7 A of the
Aramark contract
related to mandatory
ID photo badging and
background checks
conducted by TWU's
Department of Public
Safety.
14-03
Contracted
Services
5/6/2014
2. Management should
improve compliance
with section 11 of the
Aramark contract
related to Licenses,
Permits, and Taxes.
3. The Aramark
contract should
specifically include a
requirement that
Aramark provide
evidence to TWU that
Aramark employees
have taken and passed
the ServSafe Food
Handler Program
within their first week of
employment.
Page 2
Follow-up
in
progress.
Dr. Monica
MendezGrant
Beth Lewis
Internal Audit Annual Report for Fiscal Year 2014
1. Management should
comply with TWU’s
Discretionary Funds
Guidelines or expand
the Guidelines to
include additional
expenditure categories.
14-04
Discretionary
Funds
2/24/2014
8/27/2014
2. Management should
annually review the
utilization of
Discretionary Funds to
make budget
adjustments where
necessary.
Management should
also consider
implementing a
maximum carryover
percentage to allow
flexibility, but also to
ensure carryover
amounts are minimal in
relation to budgeted
amounts.
S
Dr. Brenda
Floyd
Follow-up
completed.
Pam Wilson
Vanna Parr
I
1. The OFA should
improve the feedback
process by providing
an automated
feedback mechanism
on the OFA website.
14-05
Financial Aid
4/24/2014
2. The OFA should
periodically review
access listings to web
based applications to
ensure that access is
appropriate.
3. Management should
comply with TWU
Policy 3.30 - Staff
Employee
Performance
Management and
Evaluations.
Page 3
Follow-up
in
progress.
Gary Ray
Governor
Jackson
Internal Audit Annual Report for Fiscal Year 2014
4. Compliance with
Code of Federal
Regulations (CFR)
Title 34 section
668.43(a)(11)(ii) –
Institutional
Information, section
668.41(c)(2)(ii) –
Reporting and
Disclosure of
Information, and
section 668.42(c)(3) –
Financial Assistance
Information should be
improved.
5. The OFA should
work with the Office of
Technology to improve
the Colleague access
listing by providing a
detail description of the
functions of the
mnemonics specific to
Financial Aid as well as
deactivating
mnemonics that are no
longer being utilized.
6. The OFA should
work with Human
Resources to develop
a solution to reduce
employee turnover and
improve retention.
7. The OFA should
comply with TWU
Policy 3.45 - Training
and Development.
14-06
Department of
Communication
Sciences and
Disorders
6/23/2014
1. The SpeechLanguage & Hearing
Clinic should ensure
that all client files
contain the required
clinic forms.
Page 4
Estimated
follow-up
start date January
2015.
Dr. Robert
Neely
Dr. Gay
James
Internal Audit Annual Report for Fiscal Year 2014
2. Communication
Sciences and
Disorders should
comply with the TWU
Cash Receipts Policy.
3. Management should
develop a process to
ensure former
employees
assignments are
terminated timely.
4. Management should
develop a process to
ensure that access to
Anatomy.TV is
terminated when
students graduate or
are no longer in the
program.
5. Communication
Sciences and
Disorders should
comply with the
minimum syllabi
requirements.
6. Management should
consider backing up
client files in an
electronic format.
7. Communication
Sciences and
Disorders should
ensure all hyperlinks
and information on the
website are kept
current.
8. Management should
comply with TWU
Policy 3.45 – Training
and Development.
9. Management should
comply with TWU
Policy 9.09 Authentication.
Page 5
Dr. Erika
Armstrong
Internal Audit Annual Report for Fiscal Year 2014
10. Data should be
backed up on the
network drive to ensure
continuity. Also, the
Department of
Communication
Sciences and
Disorders network
drive access listing
should be periodically
reviewed to ensure
appropriate access.
11. Management
should formalize the
reconciliation process
for Communication
Sciences and
Disorders budget
accounts.
12. Clinic fees
assessed should agree
to the SpeechLanguage & Hearing
Clinic Fee Appeal
Notice approved by the
Dean of Health
Sciences. Also, all
discounts offered to
clients should be
documented and
approved by the Dean
of Health Sciences.
1. Conference Services
should ensure that
Release Forms are
obtained from persons
who agree to be
included in marketing
materials.
14-07
Conference
Services
6/9/2014
2. Conference Services
should ensure all
information on the
website is current.
Also, Conference
Services should work
with the Office of
Technology to
implement online
Page 6
Estimated
follow-up
start date December
2014.
Dr. Monica
MendezGrant
David
Sweeten
Internal Audit Annual Report for Fiscal Year 2014
reservation forms.
3. Management should
comply with TWU
Policy 7.01 – Access
Key Control.
4. Conference Services
should comply with the
TWU Cash Receipts
Policy and the TWU
Credit Card
Acceptance and
Security Policy.
1. Client Services
should ensure swipe
card access listings
are periodically
reviewed to ensure
appropriate access.
2. Client Services
should comply with
TWU Policy 9.01 Computer & Software
Acceptable Use.
14-09
Client Services
7/14/2014
3. Client Services
should comply with the
TWU Policy 3.45 –
Training and
Development.
4. The Client Services
network drive access
listing should be
periodically reviewed to
ensure appropriate
access.
5. Client Services
should ensure
hyperlinks and
information on the
website is kept current.
6. Client Services
should comply with
TWU Policy 7.01 –
Access Key Control.
Page 7
Estimated
follow-up
start date January
2015
Dr. Robert
Neely
Robert
Placido
Dennis
Hoebee
Internal Audit Annual Report for Fiscal Year 2014
7. Client Services
should ensure that
New Equipment
Sheets are completed
properly and
maintained or
discontinue use of the
form.
14-10
Family
Educational
Rights and
Privacy Act
(FERPA)
8/22/2014
1. Management should
mandate that FERPA
training be completed
by all faculty members
including adjunct
faculty.
Estimated
follow-up
start date February
2015
Gary Ray
Robert
Lothringer
1. Management should
comply with the TWU
Cash Receipts Policy.
2. Management should
ensure that data is
backed up on the
network drive to ensure
continuity.
14-11
Printing and
Mailing
Services
9/11/2014
3. Management should
comply with TWU
Policy 3.45 – Training
and Development.
4. Management should
comply with TWU
Policy 3.30 - Staff
Employee
Performance
Management and
Evaluations.
5. Management should
formalize the
reconciliation process
for Printing and Mailing
Services budget
accounts.
Page 8
Estimated
follow-up
start date March
2015
Dr. Brenda
Floyd
Pam Wilson
Carrie
Gartman
Internal Audit Annual Report for Fiscal Year 2014
6. Management should
recycle, sell or dispose
of equipment,
machinery and
supplies that are
obsolete or not being
utilized.
7. Management should
comply with the TWU
Procurement Card
Guidelines.
8. Management should
comply with TWU
Policy 7.01 – Access
Key Control.
I - Implemented - Recommendation is implemented and in place.
S- Substantially Implemented - Recommendation is near completion with most aspects in
place.
P - Partially Implemented - Recommendation is in the initial stages with some aspects in
place.
N - Not Implemented - No action taken by management.
II.
Planned Work Related to the Proportionality of Higher Education Benefits
An audit of Benefits Paid Proportional By Fund has been conducted and is currently in the
draft report stage.
III.
Internal Audit Plan for Fiscal Year 2014
Report
Number
14-01
14-02
14-03
14-04
14-05
Report
Date
12/17/2013
1/22/2014
5/6/2014
2/24/2014
4/24/2014
14-06
6/23/2014
14-07
6/9/2014
14-08
N/A
14-09
14-10
14-11
7/14/2014
8/22/2014
9/11/2014
14-12
N/A
Report Title
Complete
Investments
Institutional Review Board
Contracted Services
Discretionary Funds
Financial Aid
Department of Communication Sciences and
Disorders
Conference Services
PCI/DSS (Payment Card Industry/Data Security
Standard)
Client Services
FERPA
Printing & Mailing Services
Benefits Paid Proportional By Fund
Page 9
Y
Y
Y
Y
Y
Y
Y
Draft Report
Stage
Y
Y
Y
Draft Report
Stage
Internal Audit Annual Report for Fiscal Year 2014
The following are deviations from the FY 2014 audit plan.
Life Safety Code – This audit was not conducted as there were recent prior reviews and
re-inspections conducted by the State Fire Marshall.
Tuition and Fees – Not completed due to time constraints and turnover in the Bursar’s
Office. This audit will be included on the FY 2015 audit plan.
Information Technology Governance – Development and implementation of the new IT
Governance structure and policy was not completed until June 2014. Now that the
structure and policy are in place, the audit will be completed as part of the FY 2015
audit plan.
Benefits Paid Proportional By Fund – Added to the FY 2014 audit plan per directive
from Governor Rick Perry.
IV.
Consulting Services and Non-audit Services Completed
No consulting services or non-audit services were performed or completed during
fiscal year 2014.
V.
External Quality Assurance Review (Peer Review)
SEE PAGES BELOW
Page 10
Internal Audit Annual Report for Fiscal Year 2014
Page 11
Internal Audit Annual Report for Fiscal Year 2014
Page 12
Internal Audit Annual Report for Fiscal Year 2014
Page 13
Internal Audit Annual Report for Fiscal Year 2014
Page 14
Internal Audit Annual Report for Fiscal Year 2014
VI.
Internal Audit Plan for Fiscal Year 2015
The fiscal year 2015 audit plan was prepared using risk assessment techniques that
identify the individual audits to be conducted during the year. The risk factors included:
- Years since last audit
- Statutory Requirements/Government
Regulations
- Loss/Litigation potential
- Materiality/Size
- Cost savings/Revenue potential
- Prior recommendations
- Multiple campus locations
- Complexity/Changes/Technology
- Visibility/Public Image
- Other concerns
The audits were chosen from high, medium and low risk areas, with greater emphasis
given to the higher risk areas. This allows for broad audit coverage of campus areas,
while concentrating on areas of higher risk. As a result, the following 13 areas were
chosen for audit and approved by the TWU Board of Regents on August 15, 2014.
Assistant
Director Director Auditor I
30
325
0
300
5
0
30
0
350
30
325
0
30
300
0
300
5
0
300
5
0
20
200
0
25
0
250
20
200
0
25
0
250
10
0
150
25
0
250
Audit
Colleague
Information Technology Governance
Research Grants
Tuition and Fees
Texas Adminitrative Code 202
Clery Act
College of Nursing
Institutional Research and Data Management
Fitness & Recreation
Marketing & Communication
Graduate School
JAMP (Joint Admissions Medical Program).
Intercultural Services
Annual internal audit report
Internal quality assurance
Follow-up audits
Investment Reports Review
Special Projects
Administrative
Professional Development
Holidays
Vacation
Sick Leave
TOTAL
Page 15
Total
355
305
380
355
330
305
305
220
275
220
275
160
275
1145
1365
1250
3760
40
120
150
5
120
100
40
128
132
100
0
5
150
0
120
40
40
128
132
100
0
5
150
35
120
156
40
128
96
100
40
130
450
40
360
296
120
384
360
300
935
715
830
2480
2080
2080
2080
6240
Internal Audit Annual Report for Fiscal Year 2014
There are no audits in the Fiscal Year 2015 Audit Plan that relate to proportionality of
benefits. This audit was commenced during Fiscal Year 2014 and is currently in the
draft report stage.
The audit of Texas Administrative Code 202 is included in the Fiscal Year 2015 Audit
Plan above.
Risk areas ranked as “high” but not scheduled to be audited during fiscal year 2015.

























VII.
Property and Surplus
Oracle – Human Resources module
Cash & Cash Receipts
Construction
Oracle – Financial module
Teaching & Learning with Technology
Athletics
Environmental Safety & Health
Travel
Bonds
Public Safety (Police)
Procurement Cards
Red Flags Rule (FTC)
Time and Effort Reporting
Vehicles
PCI/DSS
Building Maintenance
Scholarships
Accounts Receivable
Admissions
Admissions Processing
Payroll
Purchasing/Cash Disbursements/Accounts Payable
Telecommunications
Lab Safety
External Audit Services Procured in Fiscal Year 2014
No external audit services were procured during fiscal year 2014.
Page 16
Internal Audit Annual Report for Fiscal Year 2014
VIII.
Reporting Suspected Fraud and Abuse
Actions taken to implement the requirements of:
Fraud Reporting. Article IX, Section 7.09. Fraud Reporting, General Appropriations
Act (83rd Legislature, Conference Committee Report).

TWU has placed a link on the TWU homepage that states “Report Fraud,
Waste, or Abuse in Texas”. This link takes the user directly to the State
Auditor’s Office webpage for reporting fraud, waste, and abuse. The Office of
Internal Audits has also paced the same link on its webpage.

TWU has also incorporated into its “Fraud and Fraudulent Activities” policy
information on how to report suspected fraud involving state funds to the
State Auditor’s Office. This information includes a link to the State Auditor’s
Office website http://sao.fraud.state.tx.us.
Texas Government Code, Section 321.022, Coordination of Investigations.

TWU has procedures incorporated into its “Fraud and Fraudulent Activities”
policy to ensure that the State Auditor’s Office is notified of any fraud, waste,
or abuse of state funds received by the University.
Page 17
Download
advertisement