Internal Audit Report - Cuyahoga County, Ohio
Internal Audit ReportCuyahoga County, OhioDepartment of Internal AuditingGeneral Operations AuditCuyahoga County Sheriff’s OfficeJanuary 1, 2011 – August 31, 2013Director of Internal Auditing: Cory A. Swaisgood, CPAStaff Auditors: Jeremy Hejnal, CIAKim Seeley, CPA, CIARelease Date: 06/02/2017
Audit Report HighlightsBackgroundThe Office’s mission as caretaker of thepublic's safety is dedicated tomaintaining the trust and respect ofthose served by resolutely andaggressively enforcing the law andcommitting to the efficient andeffective delivery of safety services. Asagents of the community, the Sheriffstrives to provide appropriate custodialcare along with programs that supportthe physical, spiritual and constitutionalneeds of individuals committed to theircustody. The Sheriff’s Office consists ofthe following departments to supportthe Office’s operations: Fiscal Civil Commissary IT Corrections Employee Relations Law Enforcement Motor Pool PayrollWhy This Audit Was DoneThe purpose of this audit was to reviewthe general operations of the Sheriff’sOffice. We were notified by the Sheriffand the Auditor of State ofreconciliation issues in the Civil Divisionof the Sheriff’s Office in 2013. Withapproval by the Sheriff at the time, wedecided to address other risks withinthe Office and review the Office’soperational procedures and financialcondition.123Sheriff’s Office – General Operations Audit July 2016201712Total Recoveries 604Total Cost Savings 25,175What We FoundWe performed audit procedures on the general operations of the Sheriff’s Office(Office) for the period January 1, 2011 through August 31, 2013. We found controlweaknesses, financial transaction discrepancies, and instances of non-complianceduring the audit. The following is a list of the most noteworthy issues we identified: We found the Office was not accurately and timely remitting 20% of forfeitedmonies and proceeds from the sale of forfeited property to the Prosecutor’sOffice in accordance with court orders. We determined the Office potentiallyowed the Prosecutor’s Office approximately 72,900 from court cases between2009 and 2013. Due to inconsistent data maintained by both offices, all partiesagreed on a middle number of 36,450. The Office issued a check to theProsecutor’s Office during the audit. Although the Office had a written internal control policy on the law enforcementdiscretionary funds, certain Ohio Revised Code (ORC) requirements were notincluded in the policy. The Office is required to have a written internal controlpolicy addressing ORC regulations on law enforcement discretionary funds. Thepolicy reviewed during the audit was outdated and lacked approval from theSheriff. We noted the Sheriff’s travel policy was not followed nor was it strictly enforcedfor purchases (reimbursement or credit card charges) made by law enforcementpersonnel for extraditions and duty-related travel. Expenses exceeded the perdiem amount in some cases, and supporting documentation was not maintainedin other cases. The Sheriff’s travel policy was not enforced on 10 extraditions orduty-related travel transactions out of 40 tested from 2011 to 2013. 175 waspaid in excess of travel policy limits for food/beverage/tolls. During review of buy-and-maintenance monies in the Sheriff’s Narcotics Unit,we noted discrepancies and control weaknesses in the way these funds werehandled. Buy money was used by the Office to conduct drug buys withconfidential informants. Maintenance money was used for extraditions andemergency supplies. The Office used monies from the Law Enforcement TrustFund (LETF) and Furtherance of Justice3 (FOJ) to fund buy-and-maintenanceactivity. We found that LETF and FOJ funds were comingled, resulting inerroneous deposits totaling 4,454 of FOJ money in the LETF bank account. Nominimum or maximum cash balances were established for buy-and-maintenancemoney.The total overpayments identified the County could potentially recover.The amount the County could save by implementing recommendations. Cost savings are a result of policy changes that could reduce expenses.LETF and FOJ funds are established by the ORC and can be used for law enforcement activities and expenses incurred by the Sheriff for official duties, respectively.
AuAudit Report HighlightsSheriff’s Office – General Operations Audit2017What We RecommendedWe made recommendations to theOffice focused on resolvingweaknesses noted above. We maderecommendations for proceduraland systematic changes in theOffice.These recommendations werecommunicated to the Office duringthe course of the audit. We noticedimprovements in the operations ofthe Office during the audit, asrecommendations were acceptedand implemented by the Office.Based on their responses webelieve corrective action has beenor will be taken to mitigate the riskswe identified during this audit. TheOffice has formed an agreementwith a company to develop formalwritten policies for the Office.Management responses areincluded at the end of eachrecommendation in the report. Wewill perform follow-up procedureswithin 12 months of the auditrelease date to confirm the findingswere addressed to mitigate risksidentified during the audit.July 20166 2017We made the following recommendations to improve the operations of the Sheriff’sOffice: In accordance with court orders, the Office should disburse 20% of forfeitedmonies and sale proceeds to the Prosecutor’s Office more frequently than oncea year, e.g. every deposit. In addition, the Office and Prosecutor's Office shouldimprove communication on forfeited monies and agree on and authorize a memoof understanding regarding the split in forfeited monies. The Office should revise their written internal control policy to comply with allapplicable ORC sections. Once drafted, the policy should be reviewed andapproved by the Sheriff and/or the Chief Community Safety and ProtectionOfficer. The Office should review and update the Sheriff’s current travel policy. Thepolicy should include procedures on how expense reports, credit card charges,receipts, and verification of per diem rates in the travel policy are reconciled bythe Fiscal Department. Consequences should be formalized for instances whenemployees exceed their established per diem rate. The policy should state thatan employee will not be reimbursed for any amounts over the per diem limit. Ifany employee charges over the per diem rate on the Office’s credit card, theOffice should be reimbursed for the excess amount within a defined period oftime (e.g. 30 days) or other corrective actions should be taken. The Office should develop a formal written policy and procedure manual on allLETF and FOJ buy-and-maintenance money. Internal controls recommended inthe audit report for this finding should be implemented, such as establishingmaximum and minimum balances in the buy-and-maintenance accounts. Inaddition, all monies in the buy-and-maintenance safe should be deposited intothe correct bank account (LETF or FOJ) in a timely manner when the logs areclosed out. The only money in the safe should consist of the current balance forbuy-and-maintenance money.
CUYAHOGA COUNTYDEPARTMENT OF INTERNAL AUDITINGINTERNAL AUDIT REPORTCuyahoga County Sheriff’s OfficeCover LetterJuly 8, 2016To: Sheriff Clifford Pinkneyand the current management of the Cuyahoga County Sheriff’s Office:The Department of Internal Auditing (DIA) has conducted an audit over the financial operationsand general accounting of the Cuyahoga County Sheriff’s Office (referred to within this report as“the Office”1), for the period of January 1, 2011 through August 31, 2013. The audit objectiveswere to determine whether: controls in place are adequate to safeguard assets from abuse,errors, and loss; revenue transactions and department funds are properly supported, recordedand deposited in their entirety in a timely manner and in accordance with all governing laws andregulations; and expenditures are properly approved and recorded.To accomplish our objectives, we focused on operational controls of the Office, the majorrevenue and expenditure cycles as well as specific compliance mandates. Interviews withmanagement and staff along with general walk-throughs of each revenue and expenditure cyclewere conducted in order to document the controls in place. In addition, substantive testingmethods utilized included analytical procedures, tests of detail using sampling methods as wellas confirmation of bank account balances.Our audit procedures disclosed internal control weaknesses relating to the Department’srevenue and expenditure cycles, asset safeguarding, and recordkeeping. Instances of noncompliance with Federal regulations, Ohio Revised Code requirements, and County policies werealso identified. This report provides the details of our findings.We conducted this performance audit in accordance with generally accepted governmentauditing standards. Those standards require that we plan and perform the audit to obtainsufficient, appropriate evidence to provide a reasonable basis for our findings and conclusionsbased on our audit objectives. We believe the evidence obtained provides a reasonable basis forour findings and conclusions.1For clarification, we will reference the Cuyahoga County Sheriff’s Office as “Office” within this report, and we willreference the Sheriff’s position as “Sheriff” within this report.Release Date: xx/xx/2017
The Department of Internal Auditing would like to express our appreciation to the staff of theOffice and interrelated departments that assisted throughout the process for their courtesy andcooperation during this audit. A draft report was provided to the Sheriff for comment and theirresponse is included.Respectfully,Cory A. Swaisgood, CPADirector of Internal AuditingCc:Audit CommitteeCuyahoga County CouncilSharon S. Jordan, Chief of StaffRobert Triozzi, Law DirectorFrank Bova, Chief Community Safety and Protection OfficerSheriff's Office – General OperationsPage 2 of 68
ContentsGlossary . 5Report Details . 6Purpose . 6Audit Objective . 6Scope . 6Methodology . 7Background . 7Commendable Practices . 8Non-Compliance Findings . 9Social Security Administration . 9County’s Schedule of Expenditures of Federal Awards . 10Prosecutor's Split of Forfeited Monies . 11Use of Proceeds from Sale of Forfeited Property . 13Written Internal Control Policy . 14Furtherance of Justice Bond . 17Inventory Reporting . 17Deposit of Public Monies - Warrants & Records. 18Records Retention Schedule . 19Internal Control Findings. 21Policy and Procedure Manual . 21Purchasing Procedures. 22Travel and Reimbursement Policy . 24Organizational Chart . 27Job Descriptions . 28Computer Controls . 29Directory Access . 30Cash and Physical Security . 31Payroll Analysis . 33Payroll FAMIS Reconciliation . 37Bank Reconciliations . 38Reconciling Revenues and Expenditures to FAMIS . 41Chargeback Monitoring. 42Internal Controls on Federal Programs . 46Task Forces and Federal Agreements . 48Contract and MOU Maintenance . 51Miscellaneous Revenue . 53Discretionary Funds Expenditure Approval . 55Buy/Maintenance Money . 56Inventory Control . 63Sheriff's Office – General OperationsPage 3 of 68
Firearm Storage. 66Impact Unit Evidence Control . 67Warrants & Records Identification Review . 67Sheriff's Office – General OperationsPage 4 of 68
GlossaryBEAST-Barcoded Evidence Analysis Statistical Tracking. An evidence managementsystem utilized by the Unit to track property and evidence within theProperty Rooms.Systems-The Sheriff’s Computer Information Technology DepartmentLETF-Law Enforcement Trust Fund. This fund must be established under OhioRevised Code (ORC) Section 2933.43 by each County Sheriff to receiveproceeds from the sale of forfeited property and contraband seized duringlaw enforcement activities. Funds may be used for law enforcementactivities and in accordance with ORC Section 2981.13.DLEF-Drug Law Enforcement Fund. Auditor of State Bulletins 86-16 and 87-18address the creation of a DLEF. These funds are from mandatory drug finesimposed pursuant to ORC Section 2925.03. These funds are required to bepaid into a fund to subsidize the County’s law enforcement efforts thatpertain to drug offenses.FESA-Federal Equitable Sharing Agreement. An account utilized by the Sheriff todeposit funds from federal cases, like fines, to use for law enforcementpurposes.FOJ-Furtherance of Justice Fund. This is funded from the County’s general fundnot to exceed one-half of the Sheriff’s annual salary at the beginning of thefiscal year as provided by ORC Section 325.071. These funds are used toprovide for expenses the Sheriff incurs in the performance of the Sheriff’sofficial duties and in the furtherance of justice.Sheriff's Office – General OperationsPage 5 of 68
Report DetailsPurposeThe purpose of this audit was to review the operations of the Sheriff’s Office (referred to withinthis report as “the Office”). The Department of Internal Audit (DIA) was notified by the Sheriffand the Auditor of State of reconciliation issues in the Civil Division of the Sheriff’s Office in 2013.DIA, with approval by the Sheriff, decided to address other risks within the Office and review theOffice’s operational procedures and financial condition.DIA evaluated processes for compliance with existing policies, laws, and professional standards.We performed substantive tests on financial transactions and reconciliations. The audit includedreview and evaluation of procedures, practices and controls as deemed necessary.Audit ObjectiveOur (DIA) main audit objectives include: Determine whether controls are in place, and if controls do exist, determine if they areadequate to effectively and efficiently achieve the County’s and the Office’s goals. Assets are safeguarded from abuse, errors, and loss. Revenue transactions are properly supported, recorded, and deposited in their entiretyin a timely manner and in accordance with all governing laws and regulations. Expenditures are properly approved, recorded, and in accordance with all governing lawsand regulations. Reporting information is timely accomplished, accurate and in accordance with allgoverning laws and regulations.ScopeTo accomplish our objectives, we focused on the operational controls of the Office, the majorrevenue and expenditure cycles, as well as specific compliance mandates during the period ofJanuary 1, 2011 through August 31, 2013. Interviews with management and staff along withgeneral walk-throughs of each revenue and expenditure cycle were conducted in order todocument the controls in place and their operation. In addition, substantive testing methods willinclude analytical procedures, test of details using sampling methods, as well as confirmation oftransactions and/or assets.Sheriff's Office – General OperationsPage 6 of 68
MethodologyIn order to accomplish the audit objectives DIA performed the following: Conducted interviews with management and staff. Conducted general walk-throughs of each operational unit within the Office. Witnessed and documented procedures and controls in place. Observed procedures in place for receipts and expenditures. Conducted substantive and controls tests on the revenue and expenditure cycles. Conducted compliance tests on local, state, and federal regulations. Reviewed and substantively tested bank reconciliations for accuracy. Sent third party confirmations to verify bank balances and receivables.BackgroundThe Office’s mission as caretaker of the public's safety is dedicated to maintaining the trust andrespect of those served by resolutely and aggressively enforcing the law and committing to theefficient and effective delivery of safety services. As agents of the community, the Sheriff strivesto provide appropriate custodial care along with programs that support the physical, spiritual andconstitutional needs of individuals committed to their custody. Further, every effort will be madeto assist the inmates in their custody to understand and take responsibility for their involvementin the justice system.The Office consists of the following divisions: Fiscal Civil Commissary Computer Information Technology Corrections Employee Relations Law Enforcement Motor Pool Payroll Personnel/Human Resources (Transferred under County Executive as of report date)Our audit procedures disclosed internal control weaknesses relating to the Office’s cashcollection process, revenue cycle, furlough program, asset safeguarding, recordkeeping, andreporting. Non-compliance with federal regulations and the Ohio Revised Code as well asCuyahoga County Policies was also identified. This report provides the details of our findings. Thefindings are grouped into two categories: noncompliance findings begin on page 9 and internalcontrol findings begin on page 21. If a finding fits into both categories, DIA labeled it as anoncompliance finding. The most significant findings are: Prosecutor’s Split of Forfeited Monies(page 11); Written Internal Control Policy (page 14); Travel and Reimbursement Policy (page24); Chargeback Monitoring; (page 42); and Buy/Maintenance Money (page 56).Sheriff's Office – General OperationsPage 7 of 68
Commendable PracticesThe Office’s personnel should be commended for the work performed before, during, and afterthe audit. DIA noticed improvements in the operations throughout the audit as ourrecommendations were accepted and implemented quickly by the Office. DIA would like to thankthe Sheriff and his administrative staff for their help and cooperation.While findings discussed in this report may not, individually, or in the aggregate, significantlyimpair operations of the Office, they do present issues that, if addressed, may result in increasedefficiency and/or reduction of risks.Sheriff's Office – General OperationsPage 8 of 68
Non-Compliance FindingsSocial Security AdministrationThe Personal Responsibility and Work Opportunity Act of 1996 section 203 provides guidance tolocal institutions on reporting inmates receiving social security benefits to the Social SecurityAdministration (SSA). This section states, in part:The institution shall provide to the Commissioner, on a monthly basis and in amanner specified by the Commissioner, the names, social security account numbers,dates of birth, and confinement commencement dates. The Commissioner shall payto any such institution, with respect to each inmate of the institution who is eligiblefor a benefit under this title for the month preceding the first month throughoutwhich such inmate is in such institution and becomes ineligible for such benefit as aresult of the application of this subparagraph, 400 within 30 days after the datesuch individual becomes an inmate of such institution, or 200 if the institutionfurnishes such information after 30 days after such date but within 90 days aftersuch date.Systems is responsible for submitting these reports to SSA on a monthly basis. Upon receipt, SSAfunds are recorded into the Office's general fund. DIA noted the Office lacks effective controls toassure the funds requested from SSA were accurately recorded in the County's financial system(FAMIS). The report submitted by Systems is not compared to the receipt posted in FAMIS. InMarch of 2012 the Office received a payment of 22,186 from SSA. Per Systems support, thepayment should have been 22,400 for 56 inmates.DIA also noted the SSA funds recorded in the Office’s general fund are not appropriated duringthe year. As a result, all SSA funds received are transferred into the County's general fund at yearend. DIA contacted SSA and was informed there are no restrictions on the use of the incentivefunds. The agency of confinement (Sheriff's Office) may use the funds for any reason. During theaudit period (1/1/11-8/31/13) the Office received 856,186.23 in payments from SSA; none ofwhich was appropriated and used by the Office.The law states the confining institution is to receive the money. There is no restriction placedupon the institution on what they may do with the money once it is received. Without a formalpolicy on how SSA funds should be budgeted, the Office continues to lose much needed revenue.RecommendationDIA recommends the Office appropriate a portion, if not all, of the SSA receipts in theOffice's annual budget.Sheriff's Office – General OperationsPage 9 of 68
We also recommend that Systems provide a copy of the submitted report to the Office's FiscalDepartment on a monthly basis. The Fiscal Department should agree the amount received by SSAwith FAMIS.Management's ResponseWhen these revenues are received they are deposited into index code SH350579 subobject1015. These funds are not appropriated. The Chief Community Safety and Protection Officerand Sheriff previously had discussions with the Office of Budget & Management (OBM) to getthese funds appropriated in the Sheriff’s budget, however, that has never come to fruition.OBM’s response is as follows; “The Cuyahoga County Sheriff’s Department (CCSD) currently hasa 100M general fund budget, which includes the SSA funding source”. The Business ServicesManager has not seen anything which shows the breakout of the SSA funds as part of the CCSDappropriated budget.In 2016, the Chief Community Safety and Protection Officer, the Sheriff, and Business ServicesManager had several conversations with the OBM regarding this matter. Currently we have noplans to revisit this subject.County’s Schedule of Expenditures of Federal AwardsAccording to the Federal Office of Management and Budget’s (OMB) Circular No. A-133, “Theauditee (County) shall prepare a Schedule of Expenditures of Federal Awards (SEFA) for theperiod covered by the auditee's financial statements. The schedule shall list individual Federalprograms by Federal agency.” A federal program is defined as: All Federal awards to a non-Federal entity assigned a single number in the Catalog ofFederal Domestic Assistance (CFDA). When no CFDA number is assigned, all Federal awards from the same agency made forthe same purpose should be combined and considered one program. A cluster program, which means a grouping of closely related programs that sharecommon compliance requirements. The types of clusters of programs are research anddevelopment, student financial aid, and other clusters as defined by OMB in thecompliance supplement or as designated by a State for Federal awards the State providesto its subrecipients that meet the definition of a cluster of programs.The Office is in charge of monitoring over 1.5 million of federal grants awarded to the Office onan annual basis. Having effective monitoring and key controls in place is crucial to the Office'sdaily operations. Without the appropriate controls in place, the Office is at risk ofmisappropriating funds and/or noncompliance with federal and state laws. Furthermore, theOffice could lose future funding for grants if not properly monitored.DIA compared all federal funds, noted by the Office, to the County’s 2014 SEFA, as audited by theAuditor of State. The Northern Border Initiative grant and United States Marshals Service FederalInmates funds were not included on the County’s SEFA in the 2014 Auditor of the State’s audit.Sheriff's Office – General OperationsPage 10 of 68
The CFDA could not be identified for either grant but should still be included on the list sent tothe Fiscal Office.The County’s Fiscal Office (Fiscal Office) or Sheriff's Office does not have adequate policies andprocedures in place to assure OMB Circular A-133 is followed. No formal review is performed ofall federal funds sent to the Fiscal Office to be included on the County’s SEFA. The County is atrisk of underreporting their federal expenditures and not meeting Federal Single Auditrequirements.RecommendationDIA recommends the Fiscal Office and Sheriff's Office develop adequate policies and procedureson reporting federal programs. The policies and procedures should list necessary procedures thatneed to be completed prior to submitting a schedule of federal awards to the Auditor of theState’s Office. On an annual basis, the Fiscal Office should send notification to each Countyagency with the definition of a federal award. The Fiscal Office should request the agency providea list of all federal funds and they should review these lists to assure all federal programs areincluded on the County’s SEFA. If uncertainty exists, the Sheriff’s Office or Fiscal Office shouldconfirm with the grantor agencies whether the funds should be considered federal funds underOMB Circular No. A-133.Management's ResponsePreviously the County’s Fiscal Office has sent a spreadsheet with a list of federal funds/grantsfor the Sheriff’s Department to review. The Sheriff’s Department already tracks all grantfunds/federal funds and can provide the information upon request. The CCSD grant coordinatorkeeps meticulous records of all grant reporting and management, which is always availableupon requests.W
maximum and minimum balances in the buy-and-maintenance accounts. In addition, all monies in the buy-and-maintenance safe should be deposited into the correct bank account (LETF or FOJ) in a timely manner when the logs are closed out. The only money in the safe should consist of the current balance for buy-and-maintenance money.
CHAPTER 12 Internal Audit Charters and Building the Internal Audit Function 273 12.1 Establishing an Internal Audit Function 274 12.2 Audit Charter: Audit Committee and Management Authority 274 12.3 Building the Internal Audit Staff 275 (a) Role of the CAE 277 (b) Internal Audit Management Responsibilities 278 (c) Internal Audit Staff .
INTERNAL AUDIT Example –Internal audit report [Short Client Name] Internal Audit Report Rev. [Rev Number] STEP ONE: Audit Plan Process to Audit (Audit Scope): Audit Date(s): Lead Auditor: Audit #: Auditor(s): Site(s) to Audit: Applicable Clauses of [ISO 9001 or AS9100] S
GTAG Global Technology Audit Guides HoA Head of Agency HoIA Head of Internal Audit IA Internal Audit / Internal Auditor IA-CM Internal Audit Capability Model IAS Internal Audit Service . Audit, the Code of Ethics for Internal Auditors and the Auditing Standards. The only way
AUDIT OF DEKALB COUNTY DATA CENTER PHYSICAL SECURITY AUDIT REPORT NO. 2018-007-IT John Greene Chief Audit Executive FINAL REPORT What We Did In accordance with the Office of Independent Internal Audit's (OIIA) Annual Audit Plan, we conducted a performance audit of the DeKalb County Data Center Physical Security.
Cuyahoga 000318 Menlo Park Academy September 30 Community School Cuyahoga 012030 Near West Intergenerational School September 30 Community School Cuyahoga 008278 Noble Academy-Cleveland September 30 Community School Cuyahoga 019220 North Shore High Schoo
The University of Texas MD Anderson Cancer Center Internal Audit Annual Report for FY2022 . Page . 1. of . 22. Table of Contents . I. Compliance with Texas Government Code, Section 2102.015: Posting the Internal Audit Plan, Internal Audit Annual Report, and Other Audit information on Internet Website II. Internal Audit Plan for Fiscal Year 2022
audit committee and internal audit is fundamental to internal audit's success. 1.2. Securing the appropriate resources for internal audit to meet expectations In many organisations, the audit committee is responsible for approving the internal audit budget, and this approval is typically based on management's recommendation.
An internal audit must be planned in advance and a schedule created for each internal audit process. The Management Meetings can be used to plan the audit and to record the results of each internal audit process. When planning the internal audit, consideration to following criteria shall be included when planning an internal audit:
