Edmeston Central School District Internal Controls Over Selected Financial Activities - Executive Summary The Edmeston Central School District (District) is governed by the Board of Education (Board) which comprises five elected members. The Board is responsible for the general management and control of the District’s financial and educational affairs. The Superintendent of Schools (Superintendent) is the chief executive officer of the District and is responsible, along with other administrative staff, for the day-to-day management of the District under the direction of the Board. One of the Board’s managerial responsibilities is the establishment of a system of internal controls designed to provide reasonable assurance that District assets are properly safeguarded from unauthorized use or disposition and are properly accounted for. Such a system reasonably ensures that the claims auditor is properly appointed and audits and approves all claims prior to payment being made; that cafeteria receipts are properly recorded and accounted for; and that computerized data and assets are safeguarded. A good system of internal controls should provide for the timely identification of errors and/or irregularities which may have occurred so that corrective action can be taken. Once established, the Board has the responsibility to monitor the controls periodically to ensure that they are operating properly. Scope and Objective The objective of our audit was to determine if internal controls over claims processing, cafeteria receipts and computer data were appropriately designed and operating effectively to safeguard District assets for the period July 1, 2005 through November 6, 2006. Our audit addressed the following related questions:
Audit Results We found that the Board did not appoint a claims auditor in accordance with SED regulations. We also found that the claims auditor did not conduct a thorough and deliberate audit of all claims, did not review and certify the warrants, and failed to report directly to the Board on the audit of claims. We found that the cafeteria manager did not ensure that cafeteria moneys were properly recorded or accounted for. Cafeteria moneys were not always properly recorded in the cafeteria computerized cash register system. In addition, the cafeteria manager did not reconcile moneys received as indicated in the computerized cash register system with the actual cash collected, nor did he follow-up on any variances between the two. Further, the cafeteria manager did not periodically review daily transactions, such as transfers between prepaid accounts. The Board has not established internal control policies and procedures to sufficiently address the safeguarding of computerized data and assets. Specifically, formal policies relating to user access, computer usage and remote access have not been adopted. We also found that there were no login restrictions and that two District employees used District owned laptop computers for personal purposes. Further, computer equipment is not physically secure and the Board has not developed a formal disaster recovery plan. Comments of District Officials The results of our audit and recommendations have been discussed with District officials and their comments, which appear in Appendix A, have been considered in preparing this report. District officials generally agreed with our recommendations and indicated they planned to initiate corrective action. |