Summary

The operational audit for the fiscal year ended June 30, 2006, disclosed the following:

Finding No. 1:        The College had not obtained, or requested the food service contractor to provide, a required agreed upon procedures report attesting to the accuracy of financial data provided by the contractor.  Also, although the College is responsible for paying the contractor up to $20,000 for operating losses, the terms of the agreement did not include incentives for the contractor to limit operating costs.

Finding No. 2:       The College did not, for certain laboratory fees, document that the fees did not exceed unusual costs of services provided and were only charged to students that actually received the services.  Also, the College had not timely reevaluated the appropriateness of some laboratory fees.

Finding No. 3:       The College did not always obtain required documentation evidencing student Florida residency status for tuition purposes.  Also, College Rule 6HX14-4.02 was not specific as to which documents, in addition to a Florida driver’s license, must be at least one-year old for Florida residency verification.

Finding No. 4:       Contrary to Section 1013.23(4), Florida Statutes, the College amended an energy performance-based contract to eliminate the requirement for an annual reconciliation of actual to guaranteed energy cost savings.

Finding No. 5:       College policies and procedures did not provide for adequate monitoring of cellular telephone (cell phone) usage.  Also, the College did not report to the Internal Revenue Service the taxable value of cell phone services as income for employees who did not make an adequate accounting of the business use of their assigned cell phones.

Finding No. 6:       The College’s computer system security access controls needed enhancement to limit employee access capabilities to those necessary for the performance of their duties and to ensure that terminated employees’ access is fully removed.

Finding No. 7:       Although the College had developed an information technology disaster recovery plan, the plan had not recently been fully tested until after our inquiry.