Corrective Action Plans

Browse how organizations respond to audit findings

Total CAPs
58,759
In database
Filtered Results
19,256
Matching current filters
Showing Page
472 of 771
25 per page

Filters

Clear
Name of Contact Person: Rita Huck Corrective Action: The following are the procedures that we follow to segregate duties as much as possible: The Board reviews all claims and the warrants that are written to pay those claims on a monthly basis. The Business Manager signs and dates the list of c...
Name of Contact Person: Rita Huck Corrective Action: The following are the procedures that we follow to segregate duties as much as possible: The Board reviews all claims and the warrants that are written to pay those claims on a monthly basis. The Business Manager signs and dates the list of claims before they are given to the Board. The Administrative Assistant checks all warrant listings (claims and payroll) to make sure that there are no gaps in the warrant numbers. The Administrative Assistant types all purchase orders and checks in all ordered materials. The Business Manager pays all invoices. Once the warrants are printed, the Administrative Assistant attaches a copy of the warrant to each paid purchase order and prepares the warrants to be mailed the day after the Regular Board meeting. The Superintendent or Activities Clerk verify the Clerk’s reconciliation of the School District’s accounting records. They will review the revenues and disbursement amounts. The Superintendent currently verifies any transfers. The monthly beginning and ending balances are reconciled monthly by the Superintendent or Activities Clerk. The Board of Trustees receives an actual report of the budget quarterly. The report shows the original budget, what is spent to date, and the remaining balance. Included in this report is the actuals from the previous year to compare. All time sheets are reviewed and signed by each employee. The time sheets are then reviewed and signed by the supervisors before going to the Business Manager for payroll preparation. The Administrative Assistant reviews the payroll warrant list and the direct deposit listing. She also prepares all warrants to be distributed to employees on pay day. Someone other than the Business Manager reviews the bank statement and correspondence before the Business Manager reviews it. We do periodically review any bank accounts that are not controlled by the County Treasurer. The Activity accounts are reviewed by each sponsor and the Board of Trustees every month. The sponsors must sign off on their individual accounts monthly. Cash handling procedures: In the Business Manager’s office, we rarely deal with cash. We do receive checks that are receipted, recorded on a spreadsheet and deposited at the Yellowstone County Treasurer’s Office on a monthly basis. The lunch and activities cash and checks are receipted, recorded, and deposited daily at our local bank. Hand-drawn checks are not written from the District funds. Occasionally, a hand-drawn check is written on the activities accounts. There is a dual signature on those checks. We do not sign blank checks. Proposed Completion Date: Immediately.
Mangum Public Schools will comply with all requirements of the Davis-Bacon Act. The district will develop internal controls to ensure contracts used for construction with federal awards will require certified payroll reports from the contractor or subcontractor. These actions will be taken immedia...
Mangum Public Schools will comply with all requirements of the Davis-Bacon Act. The district will develop internal controls to ensure contracts used for construction with federal awards will require certified payroll reports from the contractor or subcontractor. These actions will be taken immediately and will be utilized for any future construction that meets the criteria of the Davis-Bacon Act to ensure we are compliant.
Youth Services Network, Inc. has implemented several compensating controls but simply cannot justify the expense of hiring additional staff to reach the standard of segregation of duties suggested.
Youth Services Network, Inc. has implemented several compensating controls but simply cannot justify the expense of hiring additional staff to reach the standard of segregation of duties suggested.
Management acknowledges noncompliance in the current fiscal year and has taken measures to improve internal controls over compliance. Management deposited the underfunded amount of $12,275 to the replacement reserve account on August 4, 2023.
Management acknowledges noncompliance in the current fiscal year and has taken measures to improve internal controls over compliance. Management deposited the underfunded amount of $12,275 to the replacement reserve account on August 4, 2023.
Elk City Public Schools will ensure that on all future construction contracts that deal with federal awards, will include requirements of the Davis-Bacon Act. Prevailing wages will be inserted into the language of the contract to be signed by contractors and subcontractors. All contracts will also...
Elk City Public Schools will ensure that on all future construction contracts that deal with federal awards, will include requirements of the Davis-Bacon Act. Prevailing wages will be inserted into the language of the contract to be signed by contractors and subcontractors. All contracts will also spell out weekly reporting requirements of certified wages paid by contractors and subcontractors. In addition, ECPS will ensure that Davis-Bacon information is posted at all job sites.
FINDING 2023-002 Finding Subject: COVID-19 – Emergency Connectivity Fund Program – Internal Controls Summary of Finding: An inventory sign-off was not present upon completion of entering an iPad purchase to ensure documentation was correct. Contact Person Responsible for Corrective Action: Jeremiah ...
FINDING 2023-002 Finding Subject: COVID-19 – Emergency Connectivity Fund Program – Internal Controls Summary of Finding: An inventory sign-off was not present upon completion of entering an iPad purchase to ensure documentation was correct. Contact Person Responsible for Corrective Action: Jeremiah Hruschak Contact Phone Number and Email Address: (260) 446-0100 ext.1006 / jhruschak@eacs.k12.in.us 1240 State Road 930 East New Haven, Indiana 46774-1732 Phone: (260) 446-0100 Fax: (260) 446-0107 INDIANA STATE BOARD OF ACCOUNTS 28 Views of Responsible Officials: East Allen County Schools concurs with finding. Description of Corrective Action Plan: Upon entry of all devices with the appropriate inventory detail, a sign off will take place by two officials to confirm all data are present and that only one device is assigned to each student. Anticipated Completion Date: Implementation will take place during next technology purchase and will be corrected by the 2023- 2024 / 2024-2025 audit cycle.
2023-009: Application Access Control – Significant Deficiency in internal controls over compliance over Recommendation: We recommend that the Housing Authority should review each employee’s access permissions within the “Housi...
2023-009: Application Access Control – Significant Deficiency in internal controls over compliance over Recommendation: We recommend that the Housing Authority should review each employee’s access permissions within the “Housing Pro” software and modify their access according to their job responsibilities. Action Taken: All employee access was reviewed and corrected so that only the two Deputy Directors have administrative access. Due Date of Completion: November 30, 2023 Responsible Official: Irene Murillo, Deputy Director
2023-001: Internal Controls over Federal Award – Reporting (VMS) - Significant Deficiency in Internal controls over compliance over reporting Recommendation: The Authority should establish a clearly documented review process wherein someone other than the preparer reviews the VMS report prior to sub...
2023-001: Internal Controls over Federal Award – Reporting (VMS) - Significant Deficiency in Internal controls over compliance over reporting Recommendation: The Authority should establish a clearly documented review process wherein someone other than the preparer reviews the VMS report prior to submission. Action Taken: The Authority will have a member of management review VMS submissions prior to submission. Due Date of Completion: February 2024 Responsible Official: Chris Herbert, Executive Director, Irene Murillo, Deputy Director, Carol Hensley, Assistant Deputy Director
Corrective action plan: To ensure compliance is being met with Risk Assessments, the Chief Information Security Officer (CISO) will implement regular compliance reviews, at the beginning of each quarter with Program Director level leadership. Any non-compliance will be addressed with the Program are...
Corrective action plan: To ensure compliance is being met with Risk Assessments, the Chief Information Security Officer (CISO) will implement regular compliance reviews, at the beginning of each quarter with Program Director level leadership. Any non-compliance will be addressed with the Program area by regularly sharing email reminders for reporting, training, and assistance from security. The reports will begin to be shared on July 31, 2024. Application Services, in collaboration with the CISO and the Information Technology (IT) Business Operations’ Policy, Planning, and Performance team, will establish and publish a process for the successful completion of Risk Assessments, including roles and responsibilities, processes, and procedures to ensure timely completion and ongoing compliance. The target implementation date for this document is January 15, 2025. Implementation date: January 15, 2025 Responsible persons: Leatha Marr, Director, IT Applications Services, and Vikram Muralidharan, Chief Information Security Officer
Corrective Action Plan: The University has implemented significant process enhancements in this area. The vendor has revised its services to include the paid-in-full letter process and has sent paid if full letters to all Perkins borrowers who were missed. Management will conduct a second level revi...
Corrective Action Plan: The University has implemented significant process enhancements in this area. The vendor has revised its services to include the paid-in-full letter process and has sent paid if full letters to all Perkins borrowers who were missed. Management will conduct a second level review to ensure that the University is in compliance with the requirements. Implementation Date: November 2023 Responsible Person: Lisa Davis, Director, Bursar Office
Corrective Action Plan: The University has implemented significant enhancements- in its process to grant user access. In addition, to address the specific exceptions noted by the State Auditor’s Office, access for all staff within the SIS has been restricted from disbursing aid. Access is now only g...
Corrective Action Plan: The University has implemented significant enhancements- in its process to grant user access. In addition, to address the specific exceptions noted by the State Auditor’s Office, access for all staff within the SIS has been restricted from disbursing aid. Access is now only granted to the batch user account. Implementation Date: 11/2023 Responsible Person: Scott Lapinski, Assistant Vice President for Enrollment Management/Director of Financial Aid
Corrective Action Plan: In the event that an employee transitions to another University department but needs to retain access for a period of time to facilitate knowledge transfer or to provide backstop support during the transition period, a date will be set for removing that access by setting an e...
Corrective Action Plan: In the event that an employee transitions to another University department but needs to retain access for a period of time to facilitate knowledge transfer or to provide backstop support during the transition period, a date will be set for removing that access by setting an expiration date on the authorization, when feasible. If an automated access expiration date is not available, a calendar meeting will be scheduled for at least 2 people authorized to remove that access to remind them to remove the access. Implementation Date: January 2024 Responsible Person: Diane Todd Sprague, Assistant Vice Provost for Scholarships and Financial Aid Corrective Action Plan: The University is currently in the process of replacing its current custom-developed, mainframe-based financial aid management system with a vendor-provided, cloud-based system. The current issue with the mainframe programming library not being under change control will be resolved with the implementation of the new financial aid management system. Implementation Dates: Rolling implementation starting February 2024 through August 2024 Responsible Person: Graham Chapman, Assistant Vice Provost and Director of Academic Information Systems
Corrective Action Plan: In response to the current finding of temporary access monitoring, the frequency of reviews for people that have temporary Financial Aid role assignments will be increased from an annual review to quarterly, for a period of two years. Staff training for access control and bus...
Corrective Action Plan: In response to the current finding of temporary access monitoring, the frequency of reviews for people that have temporary Financial Aid role assignments will be increased from an annual review to quarterly, for a period of two years. Staff training for access control and business owner training has taken place, to increase awareness that roles need timely removal when maintenance tasks are completed. Implementation Date: 1/29/24 Responsible Persons: Karen Krause, Office of Financial Aid Doug Bergere, Office of Information Technology
Corrective Action Plan: • The University has already implemented significant process enhancements in this area. • The University immediately reviewed all Financial Aid security access and removed any access not deemed immediately necessary to the employee’s job duties. • The University has developed...
Corrective Action Plan: • The University has already implemented significant process enhancements in this area. • The University immediately reviewed all Financial Aid security access and removed any access not deemed immediately necessary to the employee’s job duties. • The University has developed Financial Aid security classes based on employee positions. This will allow us to more easily monitor what access an employee has and ensure that it is appropriate to their job responsibilities. Implementation Date: September 2023 Responsible Persons: Kyle Phillips and Robert Hamilton
Corrective Action Plan: Through analysis of the exceptions identified in the audit, the University has developed a standard operating procedure to assign employee access based on the principle of least privilege as determined by individual roles. The university is engaged with a third-party vendor t...
Corrective Action Plan: Through analysis of the exceptions identified in the audit, the University has developed a standard operating procedure to assign employee access based on the principle of least privilege as determined by individual roles. The university is engaged with a third-party vendor to procure and implement an automated role-based access assignment process, to ensure that the University complies with this audit findings requirements. Implementation Date: June 2024 Responsible Person: Mr. Matthew Steimel, Director of Enterprise Applications
Corrective Action Plan: The user access has been limited to their specific job function. The university will verify user access was appropriately updated/removed. Access review procedures will be reviewed to ensure access is appropriately assigned in the future. To streamline and assure a consistent...
Corrective Action Plan: The user access has been limited to their specific job function. The university will verify user access was appropriately updated/removed. Access review procedures will be reviewed to ensure access is appropriately assigned in the future. To streamline and assure a consistent outcome regarding the approvals for security patches to be introduced to the production environment, the University will convert these normal changes to standard changes. A standard change is “A pre-authorized change that is low risk, relatively common and follows a procedure or work instruction. (ITIL v4 definition.)” Software patching and updates are standard change candidates. Not applying security patches in a timely manner introduces a greater risk to the University than processing these requests as a normal change. A standard change is pre-authorized and will address how IT is testing and/or validating whether the OS patches were successful in an available test environment prior to deployment to production. Test procedures will be documented as a requirement of the Standard Change Model. IT will document that outcome of the testing and/or validating of the OS patch as a Journal entry on the Standard Change prior to implementation. The Change Advisory Board (CAB) will review these changes/procedures on a regular basis to ensure we are in compliance. Policies, Standards and Procedures will be updated to meet any required changes. Implementation Date: January, 2025 Responsible Persons: Michael Dewey, Chief Technology Officer Amy Wilson, Director of Financial Aid and Scholarships
Corrective action plan: HHSC completed the correction of the rate prior to year-end close on August 25, 2023. General Ledger Cost Allocation Team will work with CFO Operations Support to develop a query to identify journal transactions that post in the CAPPS Financials general ledger module before t...
Corrective action plan: HHSC completed the correction of the rate prior to year-end close on August 25, 2023. General Ledger Cost Allocation Team will work with CFO Operations Support to develop a query to identify journal transactions that post in the CAPPS Financials general ledger module before the project start date. This query will be run monthly and any exceptions will be corrected. An additional review of the new fiscal year payroll projects will be performed by both Budget and the General Ledger Chartfield teams as part of annual fiscal year close coordination. Implementation date: August 31, 2024 Responsible person: Heather Nevill, Director, Fund Management
View Audit 296491 Questioned Costs: $1
Corrective action plan: The applicant's file date is the date HHSC or an HHSC agent receives an application that contains, at a minimum, the person's name, address and signature. A faxed or electronic signature, if using the online application available through YourTexasBenefits.com, is acceptable. ...
Corrective action plan: The applicant's file date is the date HHSC or an HHSC agent receives an application that contains, at a minimum, the person's name, address and signature. A faxed or electronic signature, if using the online application available through YourTexasBenefits.com, is acceptable. Access and Eligibility Services (AES) must determine eligibility and provide Form TF0001, Notice of Case Action, by the 45th day after the file date for an application requesting health care for children. Federal regulations at 42 CFR 435.912(c)(3) require that HHSC complete an eligibility determination within 90 days for individuals who are applying for Medicaid based on disability and within 45 days for all other applicants. HHSC has made significant investments in its eligibility workforce to address required application processing timeframes. In the last fiscal year, HHSC onboarded more than 2,100 eligibility staff, implemented workforce recruitment and retention initiatives, and augmented its training capacity by leveraging technology, strengthening the quality of the virtual learning products and scheduling, and standardizing On-the-Job Trainings. HHSC is working on cross-training eligibility advisor staff across all programs (SNAP, TANF, Medicaid, CHIP, MEPD). HHSC is actively reviewing existing application processing procedures to ensure all applications are reviewed and an eligibility determination is made within the required timelines. Implementation date: December 31, 2024 Responsible person: Gracie Perez – Interim Associate Commissioner, AES Operations
Corrective action plan: The HHSC Federal Funds Office will work with HHSC Accounting, Department of Family and Protective Services (DFPS), and Texas Workforce Commission (TWC) to strengthen oversight of the Social Services Block Grant (SSBG) post-expenditure report. As part of this oversight, HHSC w...
Corrective action plan: The HHSC Federal Funds Office will work with HHSC Accounting, Department of Family and Protective Services (DFPS), and Texas Workforce Commission (TWC) to strengthen oversight of the Social Services Block Grant (SSBG) post-expenditure report. As part of this oversight, HHSC will compile procedure documents, methodologies, data sources, and work documents from DFPS and TWC. The HHSC Federal Funds Office already has this documentation for HHSC. Implementation date: August 31, 2024 Responsible person: Racheal Kane, Director, Federal Funds
Corrective action plan: HHSC has made significant investments in its eligibility workforce to meet workload demands. In the last fiscal year, HHSC has onboarded more than 2,100 eligibility staff, implemented workforce recruitment and retention initiatives, and augmented its training capacity by leve...
Corrective action plan: HHSC has made significant investments in its eligibility workforce to meet workload demands. In the last fiscal year, HHSC has onboarded more than 2,100 eligibility staff, implemented workforce recruitment and retention initiatives, and augmented its training capacity by leveraging technology, strengthening the quality of the virtual learning products and scheduling, and standardizing On-the-Job Trainings. HHSC will also continue to create and share guidance and tips with staff to reinforce proper data entry in the eligibility determination system, including entries related to TANF. Implementation date: December 31, 2024 Responsible person: Gracie Perez – Interim Associate Commissioner, Access and Eligibility Services (AES) Operations
View Audit 296491 Questioned Costs: $1
Corrective action plan: HHSC is currently engaged in long-term planning related to improving FFATA reporting, which may involve the use of CAPPS-Financials, or a different system; with the choice of solution depending on a determination of overall effectiveness. While it may be potentially problemat...
Corrective action plan: HHSC is currently engaged in long-term planning related to improving FFATA reporting, which may involve the use of CAPPS-Financials, or a different system; with the choice of solution depending on a determination of overall effectiveness. While it may be potentially problematic for HHSC to commit to the specific designation of CAPPS-Financials as the improvement solution, actions will be taken to improve compliance. HHSC will implement a quality review of selected programs to assess FFATA compliance on an annual basis. Implementation date: September 1, 2025 Responsible person: Racheal Kane, Director, Federal Funds
Corrective action plan: To rectify the discrepancies in the EA Eligibility Application/Determination section of the IMPACT system, DFPS is implementing the following measures: 1. Research and Analysis: DFPS IT initiated research on 12/12/2023 to investigate the root cause of why the child became eli...
Corrective action plan: To rectify the discrepancies in the EA Eligibility Application/Determination section of the IMPACT system, DFPS is implementing the following measures: 1. Research and Analysis: DFPS IT initiated research on 12/12/2023 to investigate the root cause of why the child became eligible upon recertification. This research will be ongoing to comprehensively understand the underlying factors. 2. Database Audit: A database audit table was added in early October 2023 to expedite the identification of similar issues in the future. This enhancement aims to facilitate a quicker determination of the root cause for any inaccuracies related to EA eligibility. 3. Batch Analysis: The EA eligibility batch process will undergo a thorough analysis to ensure it accurately identifies children who should or should not be deemed EA eligible. Insights from this analysis will help optimize the batch process and prevent similar occurrences. 4. Project Review: A review of Project 65700, completed in August 2021, will be conducted to assess if any gaps in the re-certification batch allowed a child to be incorrectly considered EA eligible. The data fix performed during this project will also be scrutinized to ensure it adhered to accurate eligibility criteria. 5. Communication and Training: DFPS commits to ongoing communication and training for INV/AR staff regarding EA and the correct method of answering questions within the IMPACT system. This aims to enhance staff awareness and compliance with federal guidelines and internal policies. 6. Internal Quality Assurance: DFPS will strengthen its internal quality assurance reviews of cases eligible for EA. This proactive approach ensures ongoing compliance with federal guidelines and internal policies, thereby minimizing the likelihood of eligibility-related errors. 7. In Fiscal Year 2023, DFPS Investigations/Alternative Response personnel underwent supplementary training sessions and received revised policy and resource guides pertaining to Emergency Assistance (EA). These initiatives were implemented to address the concerns identified, specifically related to inaccuracies in responding to questions within the EA Eligibility Application/Determination. DFPS remains committed to these corrective actions to address the identified issues and continually improve the accuracy and reliability of the EA eligibility determination process. The effectiveness of these measures will be regularly assessed to uphold the integrity of the system and prevent improper payments. Citizenship: To rectify this situation and to ensure that a child that is not a U.S. citizen, qualified alien, or permanent resident does not receive EA benefits, DFPS is implementing the following measures: 1. DFPS Finance will work with program and IT to determine the best practices when answering citizenship and the Emergency Assistance (EA) eligibility questions and ensure the IMPACT system is reading the responses and applying the logic properly resulting in EA eligibility determination that is in compliance with United States Codes, Chapter 8 Aliens and Nationality, Chapter 14 – Restricting Welfare and Public Benefits of Aliens, §1611. 2. DFPS will review the list of non-citizens and update their eligibility if they are incorrectly deemed EA eligible. 3. DFPS will review the payments issued to non-citizens and process adjustments to ensure EA funds are used only for eligible activities. Implementation dates: IMPACT IT research begun on 12/12/2023 and will be ongoing to determine the root cause of the issue. Ongoing communication to staff. Citizenship: The first item will require a coordination with IT and programs and it’s completion date will be dependent on the efforts required to make the agreed upon changes. Item 2 and 3 is anticipated to be completed by May 31, 2024. Responsible persons: Jerome Green, CPI Deputy Director of Field; Citizenship: Scott Greer, Budget Director
View Audit 296491 Questioned Costs: $1
Corrective action plan: DSHS TVFC compliance site visits are now separated into two stages: Process & Documentation and Oversight & Verification. During 2023, internal controls and role assignments were established for each phase to ensure appropriate entry into PEAR, review activities, and follow-u...
Corrective action plan: DSHS TVFC compliance site visits are now separated into two stages: Process & Documentation and Oversight & Verification. During 2023, internal controls and role assignments were established for each phase to ensure appropriate entry into PEAR, review activities, and follow-up activities. These controls are in place and expected to be used throughout fiscal year 2024. Implementation date: February 20, 2024 Responsible person: Denise Reeder, MPH, MA, Immunization Section, Vaccine Operations Group Manager
View Audit 296491 Questioned Costs: $1
Corrective action plan: The OOG is creating materials for Grantees to clearly define and standardize terms in accordance with SLFRF Compliance and Reporting Guidance Version 5.0. Additionally, the OOG is updating internal processes to enforce Agency reporting of FSRs and Reconcilers on a monthly bas...
Corrective action plan: The OOG is creating materials for Grantees to clearly define and standardize terms in accordance with SLFRF Compliance and Reporting Guidance Version 5.0. Additionally, the OOG is updating internal processes to enforce Agency reporting of FSRs and Reconcilers on a monthly basis for all active grants. The OOG will ensure accuracy of Agency submissions by reconciling data between the eGrants Financial Status Reports (FSRs) and the Reconcilers. Should a variance exist, the OOG will document any changes made, and the reason therefore, with concurrence from the Agency. The OOG will update the reporting processes and institute new internal controls. For each reporting period, the ARPA Reporting Administrator will take the quarterly data provided for each grant and reconcile that information with the eGrants FSR data. The Public Safety Office (PSO) Grants Administration Director will verify the data. The PSO Executive Director will review and Administration Director will approve the reporting information prior to submission in to the ARPA Portal. Prior to final submission, the data will receive a quality assurance check. Implementation date: Full implementation by April 1, 2024 Responsible persons: Suzanne Johnson, Director of Administration and Aimee Snoddy, Executive Director Public Safety Office
Corrective action plan: The OOG updated and documented the Change Management Procedures for Portal systems for all Portals subsequent to TTIR. The OOG began using Super Clio (the internally developed Change Management tracking system) for new projects and Portals, subsequent to TTIR, in accordance w...
Corrective action plan: The OOG updated and documented the Change Management Procedures for Portal systems for all Portals subsequent to TTIR. The OOG began using Super Clio (the internally developed Change Management tracking system) for new projects and Portals, subsequent to TTIR, in accordance with the new Change Management Procedure. Please see attached Change Management Procedure for OOG Information Services Division Portal systems. TTIR is a portal system that was created for a limited purpose and will decommission in the summer of 2024. The OOG will include the TTIR decommissioning project under the Change Management Procedure and mandate use of Super Clio. OOG Management does not anticipate further changes will be done to TTIR code, hotfixes applied, or content changes will be made. Any exceptions to this will be documented, approved, and signed by Management and put in the TTIR Program file for future evidence. Implementation date: Full implementation March 1, 2024 Responsible persons: Suzanne Johnson, Director of Administration, and Lars Hjaltman, Director of Information Services Division
« 1 470 471 473 474 771 »