FISCAL YEAR 2015
INTERNAL AUDIT ANNUAL
REPORT
Andrew S. Groover, M.Ed., CPA, CIA, CICA, CISA, CFE
Director of Internal Audits
October 23, 2015
TEXAS WOMAN’S UNIVERSITY
OFFICE OF INTERNAL AUDITS
TEXAS WOMAN'S UNIVERSITY
MEMBERS OF THE BOARD OF REGENTS
Mary Pincoffs Wilson, Chair and Presiding Officer
Anna Maria Farias, Esq., Vice Chair and Assistant Presiding Officer
Debbie Gibson
Vic Lattimore
Ann Scanlon McGinity, Ph.D.
Nancy Painter Paup
Nolan E. Perez, M.D.
George R. Schrader
Melissa D. Tonn, M.D.
Neftali Gomez (Student Regent)
CHANCELLOR AND PRESIDENT
Dr. Carine Feyten, Ph.D.
OFFICE OF INTERNAL AUDITS
Andrew S. Groover, M.Ed., CPA, CIA, CICA, CISA, CFE
Director of Internal Audits
Roy Mak, CIA, CISA, CICA
Assistant Director of Internal Audits
Maria D. Marroquin, CFE
Staff Auditor
TEXAS WOMAN’S UNIVERSITY
OFFICE OF INTERNAL AUDITS
TABLE OF CONTENTS
I.
Compliance with Texas Government Code, Section 2102.015: Posting the Internal
Audit Plan, Internal Audit Annual Report, and Other Audit Information on
Internet Web site .............................................................................................. 1-7
II.
Compliance with the Benefits Proportionality Audit Requirements for Higher
Education Institutions ....................................................................................... 7-8
III.
Internal Audit Plan for Fiscal Year 2015 .................................................................. 8
IV.
Consulting Services and Non-Audit Services Completed........................................ 8
V.
External Quality Assurance Review ................................................................... 8-12
VI.
Internal Audit Plan for Fiscal Year 2016 ........................................................... 13-14
VII. External Audit Services Procured in Fiscal Year 2015 .......................................... 14
VIII. Reporting Suspected Fraud and Abuse ................................................................ 15
October 23, 2015
Members of the Board of Regents, Texas Woman's University
Dr. Carine Feyten, Chancellor and President, Texas Woman's University
Kara Belew, Governor’s Office of Budget, Planning, and Policy
Ed Osner, Legislative Budget Board
Internal Audit Coordinator, State Auditor’s Office
Ken Levine, Sunset Advisory Commission
A report on the activity of Texas Woman's University's Office of Internal Audits for fiscal
year 2015 follows. This report fulfills the requirements of Texas Government Code
(Texas Internal Auditing Act), Sections 2102.009 and 2102.0091. The report provides
information on the audit plan, audits completed, external quality assurance review, and
other internal auditing activities.
For further information about the contents of this report, please contact our Office at
940-898-3260 or by email at agroover@twu.edu.
Andrew S. Groover, M.Ed., CPA, CIA, CICA, CISA, CFE
Director of Internal Audits
Internal Audit Annual Report for Fiscal Year 2015
I. Compliance with Texas Government Code, Section 2102.015: Posting the
Internal Audit Plan, Internal Audit Annual Report, and Other Audit Information
on Internet Web site
The Office of Internal Audits has posted the Fiscal Year 2016 approved audit plan and
the Fiscal Year 2015 Internal Audit Annual Report on the Office of Internal Audits website
http://www.twu.edu/internal-audits/. The following provides a detailed summary of
deficiencies related to the Fiscal Year 2015 Audit Plan and the current implementation
status of the recommendations. Quarterly updates can be obtained by reviewing the
quarterly Finance and Audit Committee agenda at
http://www.twu.edu/regents/broadcast.asp. Details are located within the agendas under
report item “Quarterly Status Report of the Office of Internal Audits”.
Audit
Number
15-01
15-02
Audit Name
JAMP (Joint
Admissions Medical
Program)
Institutional Research
and Data Management
Audit
Report
Date
Follow-up
Audit
Report
Date*
9/22/2014
N/A
12/5/2014
7/13/2015
Recommendation(s)
NONE
1. IRDM should
provide a feedback
mechanism for data
requesters to
determine
satisfaction levels.
2. Compliance with
TWU Policy 3.30 Staff Employee
Performance
Management and
Evaluations should
be improved.
3. Compliance with
TWU Policy 3.45 –
Training and
Development should
be improved.
4. IRDM should
ensure that job
descriptions are
reviewed and
updated as
prescribed by Human
Resources.
5. IRDM should
ensure that the
official TWU
academic degree
inventory agree with
Page 1
Status
Comments
N/A
Responsible Party
N/A
I
S
Dr. Robert Neely
I
Follow-up
audit
completed.
Dr. Michael Stankey
Dr. Mark Hamner
S
I
Internal Audit Annual Report for Fiscal Year 2015
the degree inventory
listed in the Texas
Higher Education
Coordinating Board
website.
1. The IT Strategic
Plan should be
enhanced to include
specific actions and
measurable
performance metrics.
15-03
15-04
Information Technology
Governance
Fitness and Recreation
1/15/2015
1/28/2015
8/27/2015
9/23/2015
Follow-up
audit
completed.
N
1. Management
should ensure that
Release Forms are
obtained from all
persons who agree to
be included in
marketing materials.
2. Management
should revise the
current application for
student employment
to exclude questions
related to citizenship
status.
3. Compliance with
TWU’s Procurement
Card Guidelines
should be improved.
4. Compliance with
the TWU Cash
Receipts Policy and
the TWU Credit Card
Acceptance and
Security Policy
Page 2
The Office
of
Technology
is currently
awaiting
the
completion
of the TWU
Strategic
Plan to
ensure that
the
updated
Office of
Technology
Strategic
Plan is
properly
aligned.
Once the
TWU
Strategic
Plan is
completed
in the Fall
of 2016,
the Office
of
Technology
Strategic
Plan will be
updated.
Dr. Robert Neely
Dr. Robert Placido
I
Dr. Monica MendezGrant
I
I
S
Follow-up
audit
complete.
Dr. Heather Speed
Michelle Reeves
Karrie Fletcher
Internal Audit Annual Report for Fiscal Year 2015
should be improved.
5. Compliance with
TWU Policy 2.28 Procedures for
Student Travel & OffCampus Activities
should be improved.
6. Management
should work with DPS
to ensure the
functionality of the
panic button at the
front desk of the
Fitness and
Recreation center.
7. Management
should work with
Property Control to
ensure all capital and
controlled assets are
properly tagged.
Also, management
should ensure
Property Transfer
forms are completed
when capital or
controlled assets are
transferred to another
department.
8. Compliance with
TWU Policy 3.45 –
Training and
Development should
be improved.
9. Management
should ensure that
swipe card access
listings are
periodically reviewed
to ensure appropriate
access.
10. Management
should change the
combination to the
safe when there is
turnover in positions
that require entry to
the safe.
11. Management
should formalize the
reconciliation process
for Fitness and
Recreation budget
accounts.
12. Management
should ensure that
job descriptions are
reviewed and
updated as
prescribed by Human
Resources.
13. Compliance with
TWU Policy 7.01 –
Access Key Control
should be improved.
Page 3
I
I
I
S
I
I
I
I
I
Internal Audit Annual Report for Fiscal Year 2015
15-05
15-06
15-07
Clery Act
Research Grants
Marketing and
Communication
3/24/2015
3/26/2015
5/7/2015
10/8/2015
N/A
14. Access to the
TWU Fitness and
Recreation Twitter
account should be
immediately revoked
when employees with
access are
terminated.
1. Management
should publicize its
emergency response
and evacuation
procedures in
conjunction with at
least one test per
calendar year to
enhance compliance
with 34 CFR 668.46
(g) (6) (ii).
NONE
1. Management
should ensure that
Release Forms are
obtained from all
persons who agree to
be included in
marketing materials.
Also, management
should develop and
communicate
guidelines for the
University related to
the process and
requirements for
Release Forms.
2. Management
should formalize the
reconciliation process
for Marketing and
Communication
budget accounts.
3. Management
should comply with
TWU Policy 3.30 –
Staff Employee
Performance
Management and
Evaluations.
4. Data should be
backed up on the
network drive to
ensure continuity.
5. Access to TWU
Marketing and
Communication web
based applications
should be periodically
reviewed to ensure
appropriate access.
Page 4
I
I
Follow-up
completed.
N/A
B.J. Crain
Elizabeth Pauley
N/A
Estimated
follow-up
audit start
date –
December
2015
Cindy Pollard
Amanda Simpson
Yolanda Franklin
Internal Audit Annual Report for Fiscal Year 2015
6. Management
should ensure that
job descriptions are
reviewed and
updated as
prescribed by Human
Resources.
7. Management
should comply with
TWU Policy 7.01 –
Access Key Control.
15-09
College of Nursing
7/16/2015
8. Management
should develop a
process to ensure
former employees
assignments are
terminated timely.
9. Management
should comply with
TWU’s Procurement
Card Guidelines.
10. Management
should ensure all
hyperlinks and
information on the
website are kept
current.
1. Compliance with
the TWU Cash
Receipts Policy
should be improved.
2. Compliance with
TWU’s Procurement
Card Guidelines
should be improved.
3. Compliance with
TWU Policy 3.45 –
Training and
Development should
be improved.
4. Swipe card access
listings should be
periodically reviewed
to ensure appropriate
access.
5. The reconciliation
process for College of
Nursing budget
accounts should be
formalized.
6. Job descriptions
should be reviewed
and updated as
prescribed by Human
Resources.
7. Compliance with
TWU Policy 7.01 –
Access Key Control
should be improved.
8. Access to Group
One and SurScan
accounts should be
immediately revoked
when employees with
access are
Page 5
Estimated
follow-up
audit start
date –
January
2016
Dr. Robert Neely
Dr. Anita Hufft
Internal Audit Annual Report for Fiscal Year 2015
15-10
15-11
Graduate School
Tuition and Fees
6/12/2015
9/18/2015
terminated.
9. All hyperlinks and
information on the
website should be
kept current.
10.Compliance with
TWU Policy 9.09 –
Authentication should
be improved.
11.Data should be
backed up on the
network drive to
ensure continuity.
Also, the College of
Nursing network drive
access listing should
be periodically
reviewed to ensure
appropriate access.
12.Compliance with
TWU Policy 2.17 Centers or Institute Policy & Guidelines
should be improved.
13.Compliance with
the requirements for
Faculty Annual
Performance Review
as stated in the
Faculty Handbook
should be improved.
14.Compliance with
TWU Policy 3.30 –
Staff Employee
Performance
Management and
Evaluations should
be improved.
1. Compliance with
the TWU Cash
Receipts Policy
should be improved.
2. Job descriptions
should be reviewed
and updated as
prescribed by Human
Resources.
3. All hyperlinks and
information on the
website should be
kept current.
4. The Graduate
School network drive
access listing should
be periodically
reviewed to ensure
appropriate access.
1. Management
should ensure that
access to the tuition
and fees rate tables
in Colleague is
appropriate.
2. Management
should ensure that
access to modify
Page 6
Estimated
follow-up
audit start
date –
December
2015
Dr. Robert Neely
Dr. Larry LeFlore
B.J. Crain
Estimated
follow-up
audit start
date –
March 2016
Pam Wilson
Carolyn Whitlock
Glen Ray
Annie Philips
Internal Audit Annual Report for Fiscal Year 2015
tuition exemptions in
Colleague is
appropriate.
3. Compliance with
Texas Education
Code section 54.501
– Laboratory Fees
related to Lab Fees
for Biology should be
improved. Also, the
Lab Fees Instruction
Kinesiology account
should be corrected.
4. Compliance with
Texas Education
Code 54, section
54.5132 –
International
Education Fee should
be improved.
I - Implemented - Recommendation is implemented and in place.
S- Substantially Implemented - Recommendation is near completion with most aspects in
place.
P - Partially Implemented - Recommendation is in the initial stages with some aspects in
place.
N - Not Implemented - No action taken by management.
II. Compliance with the Benefits Proportionality Audit Requirements for Higher
Education Institutions
In compliance with Rider 8, page III-39, General Appropriations Act (84th Legislature,
Conference Committee Report), the Office of Internal Audits will conduct and complete an
audit of Benefits Paid Proportional By Fund by August 31, 2016. We will utilize the
methodology approved by the State Auditors’ Office which is as follows:
1. Ensuring that (a) payments for benefits that are paid from appropriated funds are
made proportionately from the same source as the related salaries and (b)
salaries paid from General Revenue funds are related to positions authorized for
General Revenue funds.
2. Reviewing salary expense transfers and refunds of expenditure transactions to
verify that, if the higher education institution reduced salary expenditures from
General Revenue, it also made a corresponding reduction in benefit
expenditures from General Revenue.
3. Disclosing in the audit report (a) the aggregate dollar amount of all instances of
noncompliance with the proportionality requirements identified during the audit,
regardless of materiality, and (b) the status of any resulting reimbursement
payments to the Comptroller of Public Accounts.
As required by the State Auditors’ Office, we will include in the audit report a statement
certifying that the audit incorporated the methodology prescribed by the SAO.
Page 7
Internal Audit Annual Report for Fiscal Year 2015
In response to Governor Perry’s letter dated May 29, 2014 requesting that internal
auditors for higher education institutions conduct work to determine whether
“proportionality is being applied according to the established guidelines”, the Office of
Internal Audits conducted an audit of Benefits Paid Proportional By Fund (Report #1410, dated November 14, 2014). The audit scope covered fiscal years 2011, 2012, and
2013. The Office of Internal Audits certifies that the work performed included the
above State Auditors Office approved methodology for all three fiscal years.
III. Internal Audit Plan for Fiscal Year 2015
Report
Number
15-01
15-02
15-03
15-04
15-05
15-06
15-07
15-08
15-09
15-10
15-11
15-12
Report Date
9/22/2014
12/5/2014
1/15/2015
1/28/2015
3/24/15
3/26/2015
5/8/2015
9/9/2015
7/16/2015
6/12/2015
9/18/2015
N/A
Report Title
Complete
JAMP (Joint Admissions Medical Program)
Institutional Research and Data Management
Information Technology Governance
Fitness and Recreation
Clery Act
Research Grants
Marketing and Communication
Texas Administrative Code 202 (TAC 202)
College of Nursing
Graduate School
Tuition and Fees
Career Services
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Draft Report
Stage
The following are deviations from the FY 2015 audit plan.
Colleague – Not completed due to time constraints. This area is included in FY 2016 audit
plan.
Intercultural Services – Not completed due to the restructure of the area. The area was
renamed Diversity, Inclusion, and Outreach and includes International Education and the Terry
Scholar Program. Diversity, Inclusion, and Outreach is included in the FY 2016 audit plan.
Career Services – Audit conducted in place of Intercultural Services.
IV. Consulting Services and Non-audit Services Completed
No consulting services or non-audit services were performed or completed during
fiscal year 2015.
V. External Quality Assurance Review (Peer Review)
SEE PAGES BELOW
Page 8
Internal Audit Annual Report for Fiscal Year 2015
Page 9
Internal Audit Annual Report for Fiscal Year 2015
Page 10
Internal Audit Annual Report for Fiscal Year 2015
Page 11
Internal Audit Annual Report for Fiscal Year 2015
Page 12
Internal Audit Annual Report for Fiscal Year 2015
VI. Internal Audit Plan for Fiscal Year 2016
The fiscal year 2016 audit plan was prepared using risk assessment techniques that
identify the individual audits to be conducted during the year. The risk factors included:
- Years since last audit
- Statutory Requirements/Government
Regulations
- Loss/Litigation potential
- Materiality/Size
- Cost savings/Revenue potential
- Prior recommendations
- Multiple campus locations
- Complexity/Changes/Technology
- Visibility/Public Image
- Other concerns
The audits were chosen from high, medium and low risk areas, with greater emphasis
given to the higher risk areas. This allows for broad audit coverage of campus areas,
while concentrating on areas of higher risk. As a result, the following 13 areas were
chosen for audit and approved by the TWU Board of Regents on August 14, 2015.
Assistant
Director Director
50
325
45
0
150
0
40
0
45
300
45
300
40
0
40
0
300
10
40
250
35
225
35
0
200
10
Audit
Colleague
Property & Surplus
Benefits Paid Proportional By Fund
Ethics Program
Investments (Public Funds Investment Act)
Scholarships
Academic College, School or Department
Diversity, Inclusion, and Outreach
Office of Student Life
Office of Academic Affairs and Provost
Office of Enrollment Services
Budget Office
Facilities Development Projects
Annual internal audit report
Internal quality assurance
Follow-up audits
Investment Reports Review
Special Projects
Administrative
Professional Development
Holidays
Vacation
Sick Leave
TOTAL
Page 13
Staff
Auditor
0
300
150
250
0
0
250
250
0
0
0
225
0
Total
375
345
300
290
345
345
290
290
310
290
260
260
210
1065
1420
1425
3910
40
150
150
5
100
162
40
112
156
100
0
5
125
0
100
46
40
112
132
100
0
5
125
35
100
30
40
112
108
100
40
160
400
40
300
238
120
336
396
300
1015
660
655
2330
2080
2080
2080
6240
Internal Audit Annual Report for Fiscal Year 2015
Risk areas ranked as “high” but not scheduled to be audited during fiscal year 2016.




























Cash & Cash Receipts
Oracle – Human Resources module
Environmental Safety & Health
Oracle – Financial module
Athletics
Procurement Cards
Red Flags Rule (FTC)
Travel
Bonds
Construction
Payroll
PCI/DSS
Public Safety (Police)
Purchasing/Cash Disbursements/Accounts Payable
Telecommunications
TAC 202
Accounts Receivable
Admissions
Admissions Processing
Automotive Services
Building Maintenance
Financial Aid
Information Technology Governance
Lab Safety
Multihazard Emergency Operations Plan Safety and Security
Research Grants
Student Health Services
Teaching & Learning with Technology
There are no audits in the Fiscal Year 2016 Audit Plan that address expenditure
transfers, capital budget controls, or any other limitation or restriction in the General
Appropriations Act. There are also no audits in the Fiscal Year 2016 Audit Plan that
address contract management and other requirements of Senate Bill 20 (84th
Legislature). We will consider these in future audit plans. However, we do plan on
including the contract management requirement of Senate Bill 20 in the Fiscal Year
2017 Audit Plan.
Texas Administrative Code 202 was audited as part of the Fiscal Year 2015 Audit Plan.
Routine audits of Texas Administrative Code 202 will be conducted as required by
statute.
VII. External Audit Services Procured in Fiscal Year 2015
No external audit services were procured during fiscal year 2015.
Page 14
Internal Audit Annual Report for Fiscal Year 2015
VIII. Reporting Suspected Fraud and Abuse
Actions taken to implement the requirements of:
Fraud Reporting. Article IX, Section 7.09, page IX-37. Fraud Reporting, General
Appropriations Act (84th Legislature, Conference Committee Report).

TWU has placed a link on the TWU homepage that states “Report Fraud,
Waste, or Abuse in Texas”. This link takes the user directly to the State
Auditor’s Office webpage for reporting fraud, waste, and abuse. The Office of
Internal Audits has also paced the same link on its webpage.

TWU has also incorporated into its “Fraud and Fraudulent Activities” policy
information on how to report suspected fraud involving state funds to the
State Auditor’s Office. This information includes a link to the State Auditor’s
Office website http://sao.fraud.state.tx.us.
Texas Government Code, Section 321.022, Coordination of Investigations.

TWU has procedures incorporated into its “Fraud and Fraudulent Activities”
policy to ensure that the State Auditor’s Office is notified of any fraud, waste,
or abuse of state funds received by the University.
Page 15