The Harpursville Central School District (District) is governed by the Board of Education (Board) which comprises seven elected members. The Board is responsible for the general management and control of the District’s financial and educational affairs. The Superintendent of Schools (Superintendent) is the chief executive officer of the District and is responsible, along with other administrative staff, for the day-to-day management of the District under the direction of the Board.

District officials sometimes have proprietary interests in businesses located in or near the Districts in which they serve. Article 18 of the General Municipal Law relates to conflicts of interest of District officials. In general, this law is designed to prevent local officials from acting in circumstances in which their public responsibilities conflict with their personal business interests. Every District official has a responsibility to become knowledgeable about this law and to abide by it. As the elected body with oversight responsibilities for all District operations, the Board is responsible for ensuring that District officials adhere to the conflict of interest provisions of the General Municipal Law.

The District’s Business Office has four employees that perform all aspects of cash disbursements: payroll, accounts payable, journal entries, and bank reconciliations. The District utilizes a financial management system to perform its financial functions.

The Board appointed an employee of the Business Office as claims auditor to ensure every claim against the District represents an actual and necessary District expense. The employee also performs a variety of accounting and purchasing functions. District purchasing policies outline responsibilities for District purchasing activities to ensure every claim against the District represents an actual and necessary District expense.

The District’s information system comprises approximately 550 computers, 4 servers, and other hardware such as wiring closets, etc. The District is responsible for overseeing and protecting the access and use of its information systems.

Scope and Objective

The objective of our audit was to determine if internal controls over segregation of duties, information systems, conflicts of interest, and the processing and audit of claims were appropriately designed and operating effectively for the period July 1, 2004 through May 1, 2006. Concerning the Interest in Contracts finding, we expanded our scope back to June 4, 2004. Our audit addressed the following related questions:

• Are internal controls over purchasing adequate to prevent conflicts of interest and to safeguard District assets?
  
  
• Are duties in the Business Office adequately segregated among office personnel to ensure that District assets are safeguarded?
  
  
• Were claims properly authorized and supported before the claims auditor approved them for payment?
  
  
• Did District officials adequately design controls over the District’s information systems to ensure that District assets were safeguarded?

Audit Results

The internal controls over the District’s purchasing function were not adequate to detect and prevent conflicts of interest. Between June 4, 2004 and December 6, 2005 the Board contracted with and paid Don Snow Trucking Inc. $3,468. Board member Sharon Snow serves as the company’s Vice President and bookkeeper and her husband is the President of the company. Therefore, Sharon Snow had a prohibited conflict of interest in the contract between the District and Don Snow Trucking, Inc because she received a direct or indirect financial benefit as a result of the contract and as a member of the Board she had the power to negotiate, prepare, authorize or approve the contract.

The assignment of certain job duties in the District’s Business Office does not provide for an adequate segregation of duties (checks and balances) over financial transactions. Both the District Treasurer and the claims auditor perform duties that should be segregated. Moreover, we did not find any compensating controls to mitigate this lack of segregation of duties. Although our audit testing did not disclose errors or irregularities, the intermingling of these incompatible duties increases the risk that errors or irregularities could occur and remain undetected and uncorrected.

The claims auditor was not thoroughly auditing all claims presented for payment. Out of 133 claims tested, we found 58 claims (44 percent) did not have appropriate supporting documentation for various reasons, such as: confirming purchase orders, lack of quotes, lack of supporting documentation and/or lack of prior Board approval (where required.) There were 39 claims totaling $48,171 that included evidence that the actual invoices, goods or services were received prior to the purchase order or requisition approval dates. Nine of these 39 claims also lacked documentation showing proper supporting documentation that quotes were obtained and that the purchasing agent had authorized the purchases, both of which are required by the District’s procurement policy. We found another 19 claims, out of our sample of 133 claims, totaling $41,245 that also lacked proper supporting documentation. Included in these 133 claims were eight claims items totaling $32,637 that were made pursuant to contracts, which required Board approval. However, we could not find such Board approvals for the underlying contracts in the Board minutes.

The Board has not effectively addressed the safeguarding of computer data by establishing policies and procedures to do so. Computer data is a valuable asset that should be protected. In addition to its inherent value, sensitive computerized personal data can represent a potential liability if lost or compromised.

Comments of District Officials

The results of our audit and recommendations have been discussed with District officials and their comments, which appear in Appendix A, have been considered in preparing this report.