Department of Management and Budget
The State’s Payment Processing
Internal Controls and Compliance Audit
Financial Audit Division Report 15-10
Released April 24, 2015
The state’s internal controls over its payment process were generally adequate; however, there were some weaknesses, as explained in the findings.
- Although the Department of Management and Budget had internal controls for its payment process that were generally adequate, the department did not adequately document who is responsible for certain payment process controls, how the controls are to be performed, and how department management will periodically review the consistent performance of the controls and evaluate the controls for effectiveness.
- The Department of Management and Budget did not adequately monitor when authorized employees viewed or changed data files containing not public data.
- The Department of Management and Budget did not sufficiently restrict employee access to some data files. This is a repeat finding.
- The Department of Management and Budget did not adequately ensure that warrants were not lost or inappropriately diverted prior to mailing.
- The Department of Management and Budget authorized some wire transfer transactions without adequate authorization from the requesting agency.
The objective of our audit of the Department of Management and Budget’s payment process was to answer the following question:
- Did the Department of Management and Budget have adequate internal controls to ensure that its payment process safeguarded state resources; complied with legal requirements and management authorizations; created reliable financial data; and protected not public information?