MCSD Audit for 07-08 released

The Office of the NYS Comptroller released the “Internal Controls Over Selected Financial Operations” for our school district yesterday August 11th, 2009. This audit may be an eye opener for some, but no surprise for us. Many of these issues have been brought up at board meetings with the usual “we’ll get back to you”, or “it was a misunderstanding that has been resolved”.

Definition of what a Board Member should be:

School Board members are responsible for setting a “tone at the top”
that, by example, reflects their commitment to upholding the public’s
trust
. This demeanor is the foundation of an internal control
environment based on standards and rules that all District staff, as
well as Board members, are expected to follow in safeguarding District
resources.

Here are the results of the Audit:

  • The Board needs to improve its oversight of District operations. Three Board members, including the Board President, had not taken the required fiscal oversight training at the time of our audit. This does not set the proper “tone at the top,” which contributed to the weaknesses we found in the District’s internal controls over purchasing, claims processing, payroll, and information technology.

No kidding…

  • District officials failed to comply with competitive bidding requirements and the District’s own purchasing policies when procuring goods and services. District officials did not use competitive bidding for four purchases totaling $49,273, and did not obtain quotations for seven purchases totaling $30,123.
  • District officials also have not established adequate polices and procedures for processing District claims and have not provided sufficient oversight over the claims audit function. We found exceptions with 16 claims totaling $16,260. These weaknesses place the District at an increased risk of paying more than necessary for goods and services, making payments for unauthorized purchases, making inaccurate or excessive payments, paying for non­business related and/or inappropriate purchases, or paying for goods or services that have not actually been received.
  • District officials have not established policies or procedures for preparing and disbursing payrolls, or for maintaining time records. We found that 17 payments totaling $16,288 were made without adequate time records and proper authorization. Additionally, the Board did not authorize certain appointments and conditions of employment. As a result of these weaknesses, the District cannot be assured that all payroll transactions are proper and necessary District expenses.
  • Finally, internal controls over information technology (IT) are not appropriately designed to adequately safeguard District assets. District officials have not developed formal IT security or disaster recovery plans. As a result, the District’s IT system and electronic data are at an increased risk of loss from system failure, and the District could incur costly disruptions to its business operations.

The purpose of the mandatory training is not to pass the test to meet requirements, it is to “properly fulfill all of (the) financial oversight, accountability, and fiduciary responsibilities, including developing claims processing and payroll policies and procedures and ensuring that purchases comply with competitive bidding requirements.”

Three Board members did not receive any of the mandated training, and cited the reason as busy schedules. The current Board President, who has been a Board member since 1995, had not received training since the legislation was enacted.

The Board members’ decisions not to comply with the law and obtain the required training demonstrates lack of commitment to improving governance skills and sets the wrong “tone at the top,” which could influence employee attitudes toward rules and regulations that are designed to safeguard District resources and taxpayer moneys. The failure to obtain necessary training also reduces the Board’s ability to properly fulfill all of their financial oversight, accountability, and fiduciary responsibilities, including developing claims processing and payroll policies and procedures and ensuring that purchases comply with competitive bidding requirements.

It also exacerbates lack of trust from taxpayers.

Other than the mandatory training,

“as of June 2009, all Board members have completed the required six hours of training”

the District’s response spins these issues into a nebulae of generic answers. Some of these findings are no-brainers. Why do we need an audit to spell out the obvious?

In the 2009-2020 school year District officials will require detailed time records from all employees…

If this will be a requirement, how have time records been tracked up to now?

In the 2008-2009 school year, District officials have taken measures to complete a draft of the District-wide security and disaster recovery plans. The formal security and recovery plans will be completed and distributed by December 2009.

Another vague answer. Does this mean there is nothing in place now to recover critical data – other than backup tapes that keep previous day’s employees/students work files- and are we understanding that the School District is not keeping archives of all employee emails for a predetermined amount of years, as required? emails which could be requested in the future?

The Board has the responsibility to initiate corrective action.
Pursuant to Section 35 of the General Municipal Law, Section 2116­a (3)(c) of the Education Law, and Section 170.12 of the Regulations of the Commissioner of Education, a written corrective action plan (CAP) that addresses the findings and recommendations in this report must be prepared and forwarded to our office within 90 days. To the extent practicable, implementation of the CAP must begin by the end of the next fiscal year.

The document can be found here.

Advertisements

One Response

  1. and the person who is supposed to be in charge of the money for the schools always seems so calm and sure of herself maybe she shouldn’t!

Comments are closed.

%d bloggers like this: