Summary

Our operational audit for the fiscal year ended June 30, 2007, disclosed the following:

Revenues and Cash Collections

Finding No. 1:     The Board had not adopted a formal policy for granting exemptions to the requirement in Section 1009.285, Florida Statutes, that students pay the full cost of instruction when enrolled in the same undergraduate credit course more than twice.

Finding No. 2:     The University needed to improve controls over collections received outside of the Central Cashier’s Office.

Finding No. 3:     The University needed to further enhance controls relating to the OWL CARD program.

Finding No. 4:     The University needed to improve its controls over complimentary tickets for athletic events.

Personnel and Payroll Administration

Finding No. 5:     The University had not adequately documented why a severance arrangement was provided to a former employee, which was more beneficial than allowed by the former employee’s employment contract.  Also, the Board needed to revise it policies and procedures relating to severance clauses and payments.  In addition, severance payments to the former employee resulted in budget overexpenditures for the Concession Funds.

Procurement of Goods and Services

Finding No. 6:     Contrary to University policies, Student Government expenses were not always approved timely.  Also, a $6,000 payment was made to a contractor prior to the receipt of services.

Finding No. 7:     Purchasing card system controls did not always provide for timely approval and payment of charges, and adequate monitoring of credit limits.  Also, the University did not maintain records of cards issued, lost or stolen, or cancelled, necessary to ensure accountability for purchasing cards. 

Finding No. 8:     The University’s competitive procurement threshold exceeded the limit established by the Board of Governors.

Finding No. 9:     University records did not evidence the contractor’s compliance with the terms of an energy performance based‑agreement and Section 1013.23(4), Florida Statutes.

Finding No. 10: The University did not adequately monitor cellular telephone (cell phone) usage, and did not report to the Internal Revenue Service the value of cell phone services as income for employees who did not make an adequate accounting of the business use of their assigned cell phones.  In addition, the University paid certain taxes and fees for which it was exempt.

Finding No. 11: Travel expenses were not always adequately supported to demonstrate compliance with Section 112.061, Florida Statutes.  Also, the University paid certain taxes on travel expenses for which it was exempt.

Risk Management

Finding No. 12: The University needed to improve its procedures for determining insurable values for buildings, and the University had no written policies and procedures addressing the level of insurance coverage to be maintained or the method to be used to determine insurable values.

Record Systems and Reports

Finding No. 13: Contrary to law, several University Board members did not file, or did not timely file, their 2005 or 2006 calendar year statements of financial interests with the Florida Commission on Ethics.

Finding No. 14: The University needed to enhance its policies and procedures regarding the annual reporting of information for institutes and centers to the Board of Governors.

Pharmaceutical Operations

Finding No. 15: Records and control procedures relating to pharmaceutical inventory needed improvement. 

Tangible Personal Property

Finding No. 16: Adequate controls over tangible personal property had not been implemented.

Finding No. 17: Controls over property deletions needed improvement

Finding No. 18: Property purchased through trade‑in arrangements were not recorded at the proper value.

Information Technology

Finding No. 19: The University made payments to the Northwest Regional Data Center for information technology services without benefit of a written agreement.

Finding No. 20: The University did not timely update its disaster recovery plan for procedural changes, and did not timely test the plan. 

Finding No. 21: The University needed to improve its physical controls over the computer room.

Finding No. 22: Improvements could be made in the University’s information technology security control structure.  Also, improvements were needed in the University’s information technology security procedures.  Specific details of these improvements are not disclosed in this report to avoid any possibility of compromising University data and information technology resources.

The University's response is included as Appendix B of this report.