#2022-001 ? Significant Deficiency ? Segregation of Duties Criteria Segregation of duties is critical to effective internal control because it reduces the risk of mistakes and inappropriate actions. Condition During the course of the audit, it was determined that the Finance Director has editing access to QuickBooks while also being responsible for opening the mail and recording/depositing checks received. Cause This condition is not uncommon for similar size organizations. Effect There is always the potential for errors or irregularities that would not be detected by employees in the normal course of performing their assigned functions. Questioned Costs None Perspective Information The Finance Director received and opened the mail daily. Identification as a repeat finding There was no similar finding in the prior year. Recommendation We recommend someone other than the Finance Director, preferably the CEO or another office staff, open the mail and record/scan the checks received into a check log. View of Responsible Official The Executive Administrative Assistant is now tasked with and responsible for opening the mail and recording the checks into a check log. The Executive Administrative Assistant will forward checks to the financial services team for additional action steps.
#2022-002 ? Significant Deficiency ? Authorization and Approval Criteria Authorization and approval are control activities that mitigate the risk of inappropriate transactions. They serve as fraud deterrents and enforce segregation of duties. Thus, the authorizer and the approver should generally be two separate people. Condition During the course of the audit, it was determined that the CEO's credit card charges are reconciled by the Finance Director and CEO, and then reviewed by the CEO. The charges are not being individually reviewed by the Board Treasurer and President, as is the policy with other payables/disbursements. Cause This condition is not uncommon for similar size organizations. Effect There is always the potential for errors or irregularities that would not be detected by employees in the normal course of performing their assigned functions. Questioned Costs None Perspective Information After reviewing credit card statements and receipts for FY 2022, it was noted that several charges on credit cards lacked supporting documentation. Identification as a repeat finding There was no similar finding in the prior year. Recommendation We recommend that all credit card charges are matched to a receipt and reviewed and approved by both the Board President and Board Treasurer, as is the policy with other payables/disbursements. This eliminates the risk associated with having the CEO issue approval over his own credit card charges. View of Responsible Official All credit card receipts will be submitted by the CEO or appropriate staff member to the financial services team. Credit card reconciliation documentation and appropriate receipts will be provided to the Board Treasurer for regular review.
#2022-003 ? Significant Deficiency ? Authorization and Approval Criteria Authorization and approval are control activities that mitigate the risk of inappropriate transactions. They serve as fraud deterrents and enforce segregation of duties. Thus, the authorizer and the approver should generally be two separate people. Condition During the course of the audit, no approval was noted on two entries selected. Cause This cause is human error which occurred during a change in personnel. Effect There is always the potential for errors or irregularities that would not be detected by employees in the normal course of performing their assigned functions. Questioned Costs None Perspective Information While testing journal entries, no approval was noted on two entries selected. These entries were made during the leadership of the interim CEO and before CAAP transitioned their systems fully online. All journal entries selected for testing that occurred after the new CEO started were properly approved and documented. H&M determined that as of December 31, 2021 this internal control issue had been corrected. Identification as a repeat finding There was no similar finding in the prior year. Recommendation Non-cash journal entries make it easy for organizations to overstate their revenue or understate their expenses with unsubstantiated accruals/deferrals. We recommend that all journal entries be authorized and approved by the CEO prior to entry. View of Responsible Official As noted, this is no longer an issue with internal controls having been corrected as of December 31, 2021. All non-recurring journal entries will be approved by the CEO.
#2022-004 ? Significant Deficiency ? Allowable Costs Community Service Block Grant, CFDA # 93.569 Criteria The Office of Management and Budget issuance of the Code of Federal Regulations (CFR) specifically states uniform administrative requirements, cost principles, and audit requirements for federal awards. CFR 200.430 states, ?Charges to Federal Awards for salaries and wages must be based on records that accurately reflect the work performed. These records must be supported by a system of internal control which provides reasonable assurance that the charges are accurate, allowable, and properly allocated.? Condition During the course of the audit, it was determined certain compensation payments were incorrectly allocated to a funding source which did not allow for that type of compensation. This administrative error was corrected. Cause The cause is the result of human error. Effect The potential effects of not reconciling contemporaneous time and effort reporting to allocated payroll expenses could include an over or understatement of compensation payments allocated to the federal grant. Questioned Costs Questioned costs amount to $27,727. Perspective Information This finding was consistent for the fiscal year. Identification as a repeat finding There was no single audit requirement in the prior year and therefore, this finding is not reported as a repeated finding. Recommendation We recommend maintaining weekly timesheets with CEO approval, itemized by time allocated per grant. The financial statement records should be supported by direct time allocated to the grant as indicated on the approved timesheets. View of Responsible Official CAAP will do its due diligence in appropriately allocating costs should similar costs be incurred.
#2022-001 ? Significant Deficiency ? Segregation of Duties Criteria Segregation of duties is critical to effective internal control because it reduces the risk of mistakes and inappropriate actions. Condition During the course of the audit, it was determined that the Finance Director has editing access to QuickBooks while also being responsible for opening the mail and recording/depositing checks received. Cause This condition is not uncommon for similar size organizations. Effect There is always the potential for errors or irregularities that would not be detected by employees in the normal course of performing their assigned functions. Questioned Costs None Perspective Information The Finance Director received and opened the mail daily. Identification as a repeat finding There was no similar finding in the prior year. Recommendation We recommend someone other than the Finance Director, preferably the CEO or another office staff, open the mail and record/scan the checks received into a check log. View of Responsible Official The Executive Administrative Assistant is now tasked with and responsible for opening the mail and recording the checks into a check log. The Executive Administrative Assistant will forward checks to the financial services team for additional action steps.
#2022-002 ? Significant Deficiency ? Authorization and Approval Criteria Authorization and approval are control activities that mitigate the risk of inappropriate transactions. They serve as fraud deterrents and enforce segregation of duties. Thus, the authorizer and the approver should generally be two separate people. Condition During the course of the audit, it was determined that the CEO's credit card charges are reconciled by the Finance Director and CEO, and then reviewed by the CEO. The charges are not being individually reviewed by the Board Treasurer and President, as is the policy with other payables/disbursements. Cause This condition is not uncommon for similar size organizations. Effect There is always the potential for errors or irregularities that would not be detected by employees in the normal course of performing their assigned functions. Questioned Costs None Perspective Information After reviewing credit card statements and receipts for FY 2022, it was noted that several charges on credit cards lacked supporting documentation. Identification as a repeat finding There was no similar finding in the prior year. Recommendation We recommend that all credit card charges are matched to a receipt and reviewed and approved by both the Board President and Board Treasurer, as is the policy with other payables/disbursements. This eliminates the risk associated with having the CEO issue approval over his own credit card charges. View of Responsible Official All credit card receipts will be submitted by the CEO or appropriate staff member to the financial services team. Credit card reconciliation documentation and appropriate receipts will be provided to the Board Treasurer for regular review.
#2022-003 ? Significant Deficiency ? Authorization and Approval Criteria Authorization and approval are control activities that mitigate the risk of inappropriate transactions. They serve as fraud deterrents and enforce segregation of duties. Thus, the authorizer and the approver should generally be two separate people. Condition During the course of the audit, no approval was noted on two entries selected. Cause This cause is human error which occurred during a change in personnel. Effect There is always the potential for errors or irregularities that would not be detected by employees in the normal course of performing their assigned functions. Questioned Costs None Perspective Information While testing journal entries, no approval was noted on two entries selected. These entries were made during the leadership of the interim CEO and before CAAP transitioned their systems fully online. All journal entries selected for testing that occurred after the new CEO started were properly approved and documented. H&M determined that as of December 31, 2021 this internal control issue had been corrected. Identification as a repeat finding There was no similar finding in the prior year. Recommendation Non-cash journal entries make it easy for organizations to overstate their revenue or understate their expenses with unsubstantiated accruals/deferrals. We recommend that all journal entries be authorized and approved by the CEO prior to entry. View of Responsible Official As noted, this is no longer an issue with internal controls having been corrected as of December 31, 2021. All non-recurring journal entries will be approved by the CEO.
#2022-004 ? Significant Deficiency ? Allowable Costs Community Service Block Grant, CFDA # 93.569 Criteria The Office of Management and Budget issuance of the Code of Federal Regulations (CFR) specifically states uniform administrative requirements, cost principles, and audit requirements for federal awards. CFR 200.430 states, ?Charges to Federal Awards for salaries and wages must be based on records that accurately reflect the work performed. These records must be supported by a system of internal control which provides reasonable assurance that the charges are accurate, allowable, and properly allocated.? Condition During the course of the audit, it was determined certain compensation payments were incorrectly allocated to a funding source which did not allow for that type of compensation. This administrative error was corrected. Cause The cause is the result of human error. Effect The potential effects of not reconciling contemporaneous time and effort reporting to allocated payroll expenses could include an over or understatement of compensation payments allocated to the federal grant. Questioned Costs Questioned costs amount to $27,727. Perspective Information This finding was consistent for the fiscal year. Identification as a repeat finding There was no single audit requirement in the prior year and therefore, this finding is not reported as a repeated finding. Recommendation We recommend maintaining weekly timesheets with CEO approval, itemized by time allocated per grant. The financial statement records should be supported by direct time allocated to the grant as indicated on the approved timesheets. View of Responsible Official CAAP will do its due diligence in appropriately allocating costs should similar costs be incurred.
#2022-001 ? Significant Deficiency ? Segregation of Duties Criteria Segregation of duties is critical to effective internal control because it reduces the risk of mistakes and inappropriate actions. Condition During the course of the audit, it was determined that the Finance Director has editing access to QuickBooks while also being responsible for opening the mail and recording/depositing checks received. Cause This condition is not uncommon for similar size organizations. Effect There is always the potential for errors or irregularities that would not be detected by employees in the normal course of performing their assigned functions. Questioned Costs None Perspective Information The Finance Director received and opened the mail daily. Identification as a repeat finding There was no similar finding in the prior year. Recommendation We recommend someone other than the Finance Director, preferably the CEO or another office staff, open the mail and record/scan the checks received into a check log. View of Responsible Official The Executive Administrative Assistant is now tasked with and responsible for opening the mail and recording the checks into a check log. The Executive Administrative Assistant will forward checks to the financial services team for additional action steps.
#2022-002 ? Significant Deficiency ? Authorization and Approval Criteria Authorization and approval are control activities that mitigate the risk of inappropriate transactions. They serve as fraud deterrents and enforce segregation of duties. Thus, the authorizer and the approver should generally be two separate people. Condition During the course of the audit, it was determined that the CEO's credit card charges are reconciled by the Finance Director and CEO, and then reviewed by the CEO. The charges are not being individually reviewed by the Board Treasurer and President, as is the policy with other payables/disbursements. Cause This condition is not uncommon for similar size organizations. Effect There is always the potential for errors or irregularities that would not be detected by employees in the normal course of performing their assigned functions. Questioned Costs None Perspective Information After reviewing credit card statements and receipts for FY 2022, it was noted that several charges on credit cards lacked supporting documentation. Identification as a repeat finding There was no similar finding in the prior year. Recommendation We recommend that all credit card charges are matched to a receipt and reviewed and approved by both the Board President and Board Treasurer, as is the policy with other payables/disbursements. This eliminates the risk associated with having the CEO issue approval over his own credit card charges. View of Responsible Official All credit card receipts will be submitted by the CEO or appropriate staff member to the financial services team. Credit card reconciliation documentation and appropriate receipts will be provided to the Board Treasurer for regular review.
#2022-003 ? Significant Deficiency ? Authorization and Approval Criteria Authorization and approval are control activities that mitigate the risk of inappropriate transactions. They serve as fraud deterrents and enforce segregation of duties. Thus, the authorizer and the approver should generally be two separate people. Condition During the course of the audit, no approval was noted on two entries selected. Cause This cause is human error which occurred during a change in personnel. Effect There is always the potential for errors or irregularities that would not be detected by employees in the normal course of performing their assigned functions. Questioned Costs None Perspective Information While testing journal entries, no approval was noted on two entries selected. These entries were made during the leadership of the interim CEO and before CAAP transitioned their systems fully online. All journal entries selected for testing that occurred after the new CEO started were properly approved and documented. H&M determined that as of December 31, 2021 this internal control issue had been corrected. Identification as a repeat finding There was no similar finding in the prior year. Recommendation Non-cash journal entries make it easy for organizations to overstate their revenue or understate their expenses with unsubstantiated accruals/deferrals. We recommend that all journal entries be authorized and approved by the CEO prior to entry. View of Responsible Official As noted, this is no longer an issue with internal controls having been corrected as of December 31, 2021. All non-recurring journal entries will be approved by the CEO.
#2022-004 ? Significant Deficiency ? Allowable Costs Community Service Block Grant, CFDA # 93.569 Criteria The Office of Management and Budget issuance of the Code of Federal Regulations (CFR) specifically states uniform administrative requirements, cost principles, and audit requirements for federal awards. CFR 200.430 states, ?Charges to Federal Awards for salaries and wages must be based on records that accurately reflect the work performed. These records must be supported by a system of internal control which provides reasonable assurance that the charges are accurate, allowable, and properly allocated.? Condition During the course of the audit, it was determined certain compensation payments were incorrectly allocated to a funding source which did not allow for that type of compensation. This administrative error was corrected. Cause The cause is the result of human error. Effect The potential effects of not reconciling contemporaneous time and effort reporting to allocated payroll expenses could include an over or understatement of compensation payments allocated to the federal grant. Questioned Costs Questioned costs amount to $27,727. Perspective Information This finding was consistent for the fiscal year. Identification as a repeat finding There was no single audit requirement in the prior year and therefore, this finding is not reported as a repeated finding. Recommendation We recommend maintaining weekly timesheets with CEO approval, itemized by time allocated per grant. The financial statement records should be supported by direct time allocated to the grant as indicated on the approved timesheets. View of Responsible Official CAAP will do its due diligence in appropriately allocating costs should similar costs be incurred.
#2022-001 ? Significant Deficiency ? Segregation of Duties Criteria Segregation of duties is critical to effective internal control because it reduces the risk of mistakes and inappropriate actions. Condition During the course of the audit, it was determined that the Finance Director has editing access to QuickBooks while also being responsible for opening the mail and recording/depositing checks received. Cause This condition is not uncommon for similar size organizations. Effect There is always the potential for errors or irregularities that would not be detected by employees in the normal course of performing their assigned functions. Questioned Costs None Perspective Information The Finance Director received and opened the mail daily. Identification as a repeat finding There was no similar finding in the prior year. Recommendation We recommend someone other than the Finance Director, preferably the CEO or another office staff, open the mail and record/scan the checks received into a check log. View of Responsible Official The Executive Administrative Assistant is now tasked with and responsible for opening the mail and recording the checks into a check log. The Executive Administrative Assistant will forward checks to the financial services team for additional action steps.
#2022-002 ? Significant Deficiency ? Authorization and Approval Criteria Authorization and approval are control activities that mitigate the risk of inappropriate transactions. They serve as fraud deterrents and enforce segregation of duties. Thus, the authorizer and the approver should generally be two separate people. Condition During the course of the audit, it was determined that the CEO's credit card charges are reconciled by the Finance Director and CEO, and then reviewed by the CEO. The charges are not being individually reviewed by the Board Treasurer and President, as is the policy with other payables/disbursements. Cause This condition is not uncommon for similar size organizations. Effect There is always the potential for errors or irregularities that would not be detected by employees in the normal course of performing their assigned functions. Questioned Costs None Perspective Information After reviewing credit card statements and receipts for FY 2022, it was noted that several charges on credit cards lacked supporting documentation. Identification as a repeat finding There was no similar finding in the prior year. Recommendation We recommend that all credit card charges are matched to a receipt and reviewed and approved by both the Board President and Board Treasurer, as is the policy with other payables/disbursements. This eliminates the risk associated with having the CEO issue approval over his own credit card charges. View of Responsible Official All credit card receipts will be submitted by the CEO or appropriate staff member to the financial services team. Credit card reconciliation documentation and appropriate receipts will be provided to the Board Treasurer for regular review.
#2022-003 ? Significant Deficiency ? Authorization and Approval Criteria Authorization and approval are control activities that mitigate the risk of inappropriate transactions. They serve as fraud deterrents and enforce segregation of duties. Thus, the authorizer and the approver should generally be two separate people. Condition During the course of the audit, no approval was noted on two entries selected. Cause This cause is human error which occurred during a change in personnel. Effect There is always the potential for errors or irregularities that would not be detected by employees in the normal course of performing their assigned functions. Questioned Costs None Perspective Information While testing journal entries, no approval was noted on two entries selected. These entries were made during the leadership of the interim CEO and before CAAP transitioned their systems fully online. All journal entries selected for testing that occurred after the new CEO started were properly approved and documented. H&M determined that as of December 31, 2021 this internal control issue had been corrected. Identification as a repeat finding There was no similar finding in the prior year. Recommendation Non-cash journal entries make it easy for organizations to overstate their revenue or understate their expenses with unsubstantiated accruals/deferrals. We recommend that all journal entries be authorized and approved by the CEO prior to entry. View of Responsible Official As noted, this is no longer an issue with internal controls having been corrected as of December 31, 2021. All non-recurring journal entries will be approved by the CEO.
#2022-004 ? Significant Deficiency ? Allowable Costs Community Service Block Grant, CFDA # 93.569 Criteria The Office of Management and Budget issuance of the Code of Federal Regulations (CFR) specifically states uniform administrative requirements, cost principles, and audit requirements for federal awards. CFR 200.430 states, ?Charges to Federal Awards for salaries and wages must be based on records that accurately reflect the work performed. These records must be supported by a system of internal control which provides reasonable assurance that the charges are accurate, allowable, and properly allocated.? Condition During the course of the audit, it was determined certain compensation payments were incorrectly allocated to a funding source which did not allow for that type of compensation. This administrative error was corrected. Cause The cause is the result of human error. Effect The potential effects of not reconciling contemporaneous time and effort reporting to allocated payroll expenses could include an over or understatement of compensation payments allocated to the federal grant. Questioned Costs Questioned costs amount to $27,727. Perspective Information This finding was consistent for the fiscal year. Identification as a repeat finding There was no single audit requirement in the prior year and therefore, this finding is not reported as a repeated finding. Recommendation We recommend maintaining weekly timesheets with CEO approval, itemized by time allocated per grant. The financial statement records should be supported by direct time allocated to the grant as indicated on the approved timesheets. View of Responsible Official CAAP will do its due diligence in appropriately allocating costs should similar costs be incurred.