Skip to Content

Login    Subscribe    Site Index    Contact Us   google translate
Taxpayers' Guide to State and Local Audits

Audits of Local Governments and School Districts

Riverhead Fire District – Internal Controls Over Professional Services and Information Technology (2012M-106)


Released: August 24, 2012 -- [read complete report - pdf]

Purpose of Audit

The purpose of our audit was to examine the District's internal controls over professional services and information technology (IT) for the period January 1, 2010, to September 30, 2011.

Background

The Riverhead Fire District covers approximately 48 square miles in the Towns of Riverhead, Southampton, and Brookhaven, and serves approximately 22,000 residents. The District is governed by an elected five-member Board of Fire Commissioners. The District's adopted budget for 2011 was $4,504,104, funded primarily with real property taxes.

Key Findings

  • The Board did not develop adequate procedures for the procurement of professional services. As a result, District officials did not solicit competitive proposals for any of the nine professionals we tested, who were paid a total of $787,697.
  • The District paid three of the nine professionals $144,831 without written agreements or resolutions setting forth the rates of compensation, and paid four of the remaining six professionals a total of $301,860 for services based on agreements or Board resolutions with open-ended terms.
  • The Board has not adopted a computer use policy or a breach notification policy, and four individuals have access rights to perform duties that are incompatible with their job duties.
  • District officials provide unrestricted remote access to four service providers and two employees, and the District does not have a remote access policy or agreements to outline remote access rules.

Key Recommendations

  • Consider amending the District's procurement policy to include use of competitive methods when procuring professional services.
  • Ensure the District has written agreements or Board resolutions for all professional service providers.
  • Adopt a comprehensive computer use policy and a breach notification policy. Establish policies and procedures to ensure that a proper segregation of duties is maintained through the assignment of user access rights.
  • Review and revise user access rights to the financial software relative to employees' job descriptions to ensure that users have access only to necessary functions within the scope of their responsibilities.

Local Government and School Accountability Contact Information:

Phone: (518) 474-4037; Email: localgov@osc.state.ny.us
Address: Office of the State Comptroller, Division of Local Government and School Accountability
110 State Street, 12th Floor; Albany, NY 12236