Summary

Our operational audit for the fiscal year ended June 30, 2008, disclosed the following:

Finding No. 1:             The District’s management of information technology (IT) access privileges needed improvement.

Finding No. 2:            Enhancements could be made to timely terminate the IT access privileges of former employees.

Finding No. 3:            The District’s IT program change controls needed improvement.

Finding No. 4:            The District’s security controls within the application and supporting IT environment needed improvement. 

Finding No. 5:            Improvements could be made in District procedures for timely obtaining background screenings and fingerprints for District and contractual personnel that have direct contact with students. 

Finding No. 6:            Internal controls over child care fee collections could be strengthened.

Finding No. 7:            The District did not provide employees a written statement to specify the purpose for collection of social security numbers (SSNs) for certain documents or timely certify compliance with the new SSN requirements to the Legislature, contrary to Section 119.071(5)(a), Florida Statutes.

Finding No. 8:            Enhancements could be made to ensure the adequacy of insurance coverage for charter schools sponsored by the District and design professionals.

Finding No. 9:            Instances were noted in which employees did not timely submit their time sheets for work performed beyond their regular assigned duties or certify the work performed on the time sheets.

Finding No. 10:         The District had not implemented a formal ongoing security awareness training program to protect IT resources.

Management’s response is included as Exhibit B.