Office of Enterprise Technology
Internal Control and Compliance Audit
Financial Audit Division Report 09-35
Released November 13, 2009
Except for equipment, the Office of Enterprise Technology generally had adequate internal controls to ensure that it safeguarded its financial assets, complied with finance-related legal requirements and produced reliable financial data. The office’s controls over equipment were not adequate due to several weaknesses.
Except as noted in this report, the office generally complied with finance-related legal requirements over its financial activities for the items tested.
- The Office of Enterprise Technology did not adequately assess its business risks or monitor the effectiveness of its internal controls, as required by state policy.
- The Office of Enterprise Technology lacked effective controls over equipment and did not accurately track equipment in its inventory records.
- The Office of Enterprise Technology allowed some employees to have incompatible and unnecessary access to the state’s accounting and payroll systems and the office’s accounts receivable subsystem.
- The Office of Enterprise Technology did not ensure key procedures were performed to assure the accuracy of its payroll transactions.
- The Office of Enterprise Technology did not adequately safeguard its receipts.
- The Office of Enterprise Technology did not adequately segregate responsibilities for payments made outside the regular state payment process.
Audit Objectives and Scope
- Internal controls
|July 1, 2006, through April 30, 2009
- Computing and telecommunication services revenues
- Payroll expenses
- Computer and system services and communication expenses