Florida Department of Corrections
Michael D. Crews, Secretary
|
FDC Inspector
General Annual Report 2011-12 |
Bureau of Internal Audit
Mission
The mission of the Bureau of Internal Audit is to support the Secretary and the Department by ensuring that:
- Goals are met.
- Resources are used consistent with laws, regulations, and policies.
- Resources are safeguarded against waste, loss, and misuse.
- Reliable data is obtained, maintained, and fully disclosed.
Goals
The Bureau of Internal Audit’s primary purpose is to proactively assist management in successfully meeting the Department's mission and protecting its resources. To that end, the Bureau of Internal Audit has four key goals:
- Perform quality audits, reviews, studies, and investigations;
- Report results to management in a timely manner;
- Ensure Department resources are used efficiently; and
- Provide adequate audit/review coverage to mitigate risks.
Bureau Organization and Responsibilities
The Bureau of Internal Audit comprises three sections: (1) Audit, (2) Information Technology and (3) Contract Review. These sections report to the Bureau Chief, a Certified Internal Auditor who functions as the Director of Auditing. The Bureau of Internal Audit conducts compliance, performance, and information technology audits and contract reviews pursuant to section 20.055, Florida Statutes. Audits are conducted in accordance with the current International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). Audits involving information technology (IT) are also conducted in accordance with Information Systems Auditing Standards as published by the Information Systems Audit and Control Association (ISACA).
The internal audit staff possesses accounting and auditing experience, as well as information technology auditing and forensic experience. Staff members are required to maintain professional proficiency through continuing education and training. Staff are active in professional associations, including the National Association of Inspectors General, the IIA, ISACA, Infraguard, the American Institute of Certified Public Accountants, and the Association of Government Accountants.
During this reporting period, the Bureau of Internal Audit participated in two enterprise audits and one survey initiated by the Office of the Chief Inspector General. The Bureau of Internal Audit also assisted the Bureau of Investigations in multiple ongoing investigations.
A Risk Based Program
To ensure the Bureau of Internal Audit provides adequate coverage of its responsibilities and provides adequate support to management, the Bureau of Internal Audit conducts a comprehensive annual risk assessment of all Department activities.
The risk assessment helps ensure the OIG remains responsive to management issues and concerns and ensures those activities judged to have the greatest risk are scheduled for review. The results of this risk assessment drive the annual audit plan which is submitted to the Inspector General and the Secretary for approval, and is used to guide the audit and review activities of the Bureau of Internal Audit during the next fiscal year.
Compliance/Performance Audit Section
This section employs an audit supervisor and five auditors. Staff includes two Certified Government Audit Professionals (CGAP) and a Certified Public Accountant (CPA).
Information Technology Audit Section
This audit section employs a Certified Information Systems Auditor (CISA), who is also a Certified Security Manager (CISM) and a Certified Government Audit Professional (CGAP). This section conducts information technology audits and reviews and provides technical and analytical support for audits, contract reviews, and investigations.
Audits Completed by Compliance/Performance/IT
During Fiscal Year 2011-12, the Compliance/Performance Audit and Information Technology Audit sections completed five audits, two follow-up audits, and seven reviews. The compliance, performance, information technology audit reports, reviews, and surveys, as well as those reports required by the Office of the Chief Inspector General and the Agency for Enterprise Information Technology, are listed by issue date:
| FY 2011-12 Audit Reports and Reviews | ||
| Report Number | Project Title | Report Issue Date |
|---|---|---|
| A11011 | Acquisition of Contractual Services Audit | 7/15/2011 |
| R12005 | Calhoun Correctional Institution Employee Benefit Trust Fund Review | 9/12/2011 |
| R12007 | Review of Big Bend All Stars Bank Account | 9/20/2011 |
| A12010F | Follow-up of Auditor General's Report #2011-167 (State of Florida – Compliance and Internal Controls over Financial Reporting) | 9/29/2011 |
| R12009 | Review of Lowell Reception Center Bus Barn and 2nd Bachelor Office Quarters. | 10/13/2011 |
| A11016 | Audit of Phoenix Houses of Florida, Inc. – Contract #C2626 | 12/13/2011 |
| R12020 | Transition House, Inc. – COPS Payments | 12/19/2011 |
| R12019 | Review of Nurse Time Records | 4/4/2012 |
| R12044 | Review of AEIT Risk Assessment | 4/16/2012 |
| A12015F | Follow-up to Enterprise Audit of Organizational Ethics | 4/23/2012 |
| A11015 | Department of Corrections Recycling Program | 4/24/2012 |
| A12017 | Enterprise Audit of Contract Monitoring | 4/25/2012 |
| R11017 | Review of Department of Corrections Fleet | 4/27/2012 |
| A12040 | Employee Benefit Trust Fund Audit – Jackson Correctional Institution | 6/22/2012 |
| Source: Bureau of Internal Audit | ||
Contract Management Review Section
The Contract Management Review (CMR) Section employs an audit supervisor and three auditors. Staff includes a Certified Internal Auditor (CIA) and a Certified Inspector General Auditor (CIGA).
In Fiscal Year 2011-12, the CMR section completed four reviews. These included reviews on contracts and vendors providing equipment maintenance, victim notification services, and meals to Gadsden county jail inmates.
No findings were reported in the review of the Gadsden County Jail meal program, a program in which the Department provides meals to assist a local county jail. Other reviews indicated weaknesses in monitoring.
The CMR unit was instrumental in assisting the Office of Community Corrections in formalizing a contract amendment that provided approximately $330,000 in cost savings to the Department.
CMR projects completed in Fiscal Year 2011-12 are listed below:
| FY 2011-12 CMR Reports and Reviews | ||
| Report Number | Project Title | Report Issue Date |
|---|---|---|
| CMR11009 | Appriss, Inc. | 11/30/2011 |
| CMR11010 | Ring Power Systems | 4/24/2012 |
| CMR12002 | Pantropic | 6/20/2012 |
| CMR12004 | Gadsden County Jail Meals | 6/21/2012 |
| Source: Bureau of Internal Audit | ||
Selected Bureau Reports with System-Wide Impact
The Bureau of Internal Audit views its audit/contract review mandate as an opportunity to not only identify site specific deficiencies and problems with a statewide impact, but also to identify areas that are well designed and are meeting management's goals. Reports with statewide impact conducted by the Bureau of Internal Audit in Fiscal Year 2011-12 included:
Audit of Department of Corrections Recycling Program
Overall, the Department’s Recycling Initiative has been implemented throughout the Department. This is evident through the volume of recyclable materials that were disposed of during fiscal year ending June 30, 2011. Some internal controls have been established to ensure the recycling operation is being performed in accordance with applicable authority, including Florida Statutes, Florida Administrative Code, and Department Procedures 203.013, Recycling Proceeds, and 604.603, Recycling Initiative.
Some of the control points of the program include the completion of necessary forms by the appropriate signing authority, and transmission of proceeds from the sale of recyclable materials sent directly to the Department’s Bureau of Finance and Accounting.
However, the following weaknesses warranting management’s attention were identified:
|
Finding 1: |
Gulf States (C2534) and Newark (C2536) were deducting monies from the Department’s recycling proceeds that are not prescribed in the contracts. |
|
Finding 2: |
The monitoring of the contracts was insufficient to allow for proper management. |
|
Finding 3: |
Gulf States had not furnished the Department with written verification of insurance coverage. |
Enterprise Audit of Contract Monitoring
Overall, we found the policies and procedures governing contract management in compliance with state laws, rules, and other regulatory requirements. We also recognized best practices the Department employs in regards to contract management. Specifically, we found the Department’s Contract Advisories and the Contract Manager User Guide to be enhancements to the Department’s policies and procedures. However, we identified two issues warranting management’s attention in order to improve the effectiveness of contract management and to be in compliance with applicable guidelines:
|
Finding 1: |
The Bureau of Procurement and Supply had not recently provided contract manager training as required by DC Procedure 205.013, Contract Management and Monitoring. |
|
Finding 2: |
In addition, not all of the Department’s contract managers had received contract manager training by the Department of Financial Services as required by Chief Financial Officer Memorandum No. 4 (09-10) and Chapter 287.057(14), Florida Statutes. |
Jeffery T. Beasley
Inspector General
David Folsom
Deputy Inspector General
Ken Sumpter
Chief of Investigations
Paul Strickland
Chief of Internal Audit
Florida Department of Corrections
Office of Inspector General
501 South Calhoun Street
Tallahassee, Florida 32399-2500
(850) 488-9265
|
FDC Inspector
General Annual Report 2011-12 |
