REPORT DIGEST

ILLINOIS LAW ENFORCEMENT TRAINING AND
STANDARDS BOARD

COMPLIANCE EXAMINATION
FOR THE TWO YEARS ENDED JUNE 30, 2024

Release Date:  July 1, 2025

FINDINGS THIS AUDIT: 12

CATEGORY:  NEW -- REPEAT – TOTAL
Category 1:  0 -- 3 -- 3
Category 2:  2 -- 6 -- 8
Category 3:  0 -- 1 -- 1
TOTAL:  2 -- 10 -- 12

FINDINGS LAST AUDIT: 22

State of Illinois, Office of the Auditor
General
FRANK J. MAUTINO, AUDITOR GENERAL

To obtain a copy of the Report contact:
Office of the Auditor General, 400 West
Monroe, Suite 306, Springfield, IL
62704-9849
(217) 782-6046 or TTY (888) 261-2887

This Report Digest and Full Report are also
available on the worldwide web at
www.auditor.illinois.gov

SYNOPSIS

• (24-02) The Board did not maintain
sufficient controls over its equipment and
related fiscal records.

• (24-03) The Board had not established
adequate computer security controls.

• (24-10) The Board did not maintain
adequate internal controls to ensure each
officer completed the required trainings
within the mandated time frame.

INSUFFICIENT CONTROLS OVER EQUIPMENT

The Illinois Law Enforcement Training and
Standards Board (Board) did not maintain
sufficient controls over its equipment and
related fiscal records.

We noted several deficiencies and weaknesses
within the Board’s property control process.

Property Reporting

During testing, we noted the following
inaccuracies in the quarterly Agency Report
of State Property reports (Form C-15s) filed
with the Office of Comptroller
(Comptroller):

• The property additions, totaling $83,950,
were reported twice on the Board’s Form
C-15s submitted to the Comptroller for both
the third and fourth quarters in Fiscal Year
2024.

• Eight property deletions, totaling $4,415,
were reported twice on the Board’s Form
C-15s submitted to the Comptroller for both
third quarters in Fiscal Year 2023 and
Fiscal Year 2024.

• Seven property deletions, totaling $4,696,
were erroneously included on the Board’s
Form C-15 submitted to the Comptroller for
the fourth quarter in Fiscal Year 2024.

Due to the conditions noted above on Form
C-15s, we were unable to conclude whether
the Board’s population records to support
the property additions and deletions during
the examination period were sufficiently
precise and detailed under the Attestation
Standards promulgated by the American
Institute of Certified Public Accountants
(AT-C § 205.36) to test the Board’s property
additions and deletions.

Even given the population limitations noted
above which hindered our ability to conclude
whether the Board’s population records for
property additions and deletions were
complete and accurate, we performed testing
of equipment items added and deleted during
the examination period.

Additions and Deletions

During testing of 60 equipment items added
to the property records during the
examination period, we noted the following:

• For eight (13%) equipment items, totaling
$3,263, the Board was unable to provide
invoices. As a result, we were unable to
determine if the assets were recorded at
their proper values in the Board’s property
control records.

• For six (10%) equipment items, totaling
$10,776, delivery charges were not included
in the acquisition value of the equipment.

• 13 (22%) equipment items, totaling $4,990,
were added to the Board’s property records
between 26 and 2,818 days late after the
actual delivery date of the equipment.

• Five (8%) equipment items, totaling
$5,295, were not recorded at their proper
values in the Board’s property control
records.

During testing of nine equipment deletions,
we noted the following:

• One (11%) equipment item, amounting to
$41,000, was removed from the Board’s
property records 454 days late. (Finding 2,
pages 16-18). This finding has been reported
since 2012.

We recommended the Board strengthen its
controls over recording and reporting of its
State property and equipment transactions.
Furthermore, we recommended the Board
implement a corrective action plan to
identify and correct its accumulated
property and equipment errors.

Board officials accepted the finding and
indicated the Board acknowledged the
importance of accurate recording and
reporting of property and equipment
transactions.  Board officials also stated
the Board was in the process of reviewing
and enhancing its internal controls related
to property and equipment to ensure
compliance with applicable requirements.
Finally, Board officials stated the Board
would develop and implement a corrective
action plan to identify and address any
accumulated errors and improve ongoing
accuracy in reporting.

INADEQUATE COMPUTER SECURITY CONTROLS

The Board had not established adequate
computer security controls.

The Board utilizes the services of the
Department of Innovation and Technology
(DoIT) for its Central Time and Attendance
System (CTAS), Central Payroll System (CPS),
and Enterprise Resource Planning System
(ERP).  The Board is responsible for
complying with Complementary User Entity
Controls (CUECs) identified in DoIT’s System
and Organization Controls (SOC) reports.

During testing we noted the Board did not
obtain and review the Department of
Innovation and Technology’s System and
Organization Controls (SOC) reports.

Further, during testing of nine system
changes for the Board’s critical
applications, we noted the Board had not:

• Completed change request forms for nine
(100%) changes;

• Documented change approvals for nine
(100%) changes;

• Documented the user acceptance testing for
nine (100%) changes; and

• Implemented segregation of duties by not
having the same personnel developing and
deploying the changes for nine (100%)
changes. (Finding 3, pages 19-21)

We recommended the Board implement adequate
change management controls. Further, we
recommended the Board obtain DoIT’s SOC
reports and document their review, monitor
and document the operation of CUECs related
to the Board’s operations, either obtain and
review SOC reports for subservice
organizations or perform alternative
procedures to satisfy itself that the
existence of the subservice organization
would not impact its internal control
environment, and document the review of the
SOC reports and all significant issues with
subservice organizations to ascertain if a
corrective action plan exists and when it
will be implemented, any impact to the
Board, and any compensating controls.

Board officials accepted the finding and
indicated the SOC reports were received and
reviewed by the appropriate staff members
and any corresponding recommendations were
implemented in a timely fashion;
nevertheless, these actions
were not properly documented in accordance
with the standards stated above.  Board
officials further indicated  the Board’s IT
department has been in a state of expansion
during the audit period, beginning with
three members and soon being six at the
close of this fiscal year. Finally, Board
officials stated with only a single
developer on-staff at its disposal
throughout this audit period, the Board
agreed with the finding.

INADEQUATE CONTROLS OVER OFFICERS’ TRAINING

The Board did not maintain adequate internal
controls to ensure each officer completed
the required trainings within the mandated
time frame.

During testing of the newly appointed
officers’ training records, we noted seven
of 50 (14%) officers failed to complete the
required trainings within six months of
hiring. For these officers, the Board was
unable to provide copies of the waivers
issued extending the period for complying
with the training requirements. Due to this
condition, we were unable to conclude
whether the extensions were for good and
justifiable reasons. (Finding 10, pages
37-38)

We recommended the Board strengthen its
controls over officers’ training by ensuring
each officer timely complete trainings as
required by the Act.

Board officials accepted the finding and
indicated they would take all necessary
steps to implement the recommendations in a
timely manner.  Board officials further
indicated that to ensure officers complete
training on time, the Board would implement
a system of timely reminders and
notifications.  Finally, Board officials
stated officers will receive advance notice
of upcoming training deadlines, and follow-
up reminders will be sent to ensure
completion.

OTHER FINDINGS

The remaining findings pertain to voucher
processing weaknesses, inadequate controls
over awards and grants, inadequate controls
over vehicles, inadequate controls over
personal services, inadequate controls over
reconciliations, lack of required board
members, inadequate controls over
telecommunication devices, noncompliance
with Police Training Act, and weaknesses in
cybersecurity programs and practices. We
will review the Board’s progress towards the
implementation of our recommendations in our
next State compliance examination.

ACCOUNTANT’S OPINION

The accountants conducted a State compliance
examination of the Board for the two years
ended June 30, 2024, as required by the
Illinois State Auditing Act. The accountants
qualified their report on State compliance
for Findings 2024-001, 2024-002, and
2024-003.  Except for the noncompliance
described in these findings, the accountants
stated the Board complied, in all material
respects, with the requirements described in
the report.

This State compliance examination was
conducted by Roth & Co., LLP.

COURTNEY DZIERWA
Division Director

This report is transmitted in accordance
with Section 3-14 of the Illinois State
Auditing Act.

FRANK J. MAUTINO
Auditor General

FJM:vrb