REPORT DIGEST

 

ILLINOIS CRIMINAL JUSTICE INFORMATION AUTHORITY

 

 COMPLIANCE EXAMINATION

For the Two Years Ended:

June 30, 2005

 

Summary of Findings:

 

Total this audit                        3

Total last audit                        3

Repeated from last audit         2

 

 

Release Date:

March 2, 2006 

 

State of Illinois

Office of the Auditor General

WILLIAM G. HOLLAND

AUDITOR GENERAL

 

To obtain a copy of the Report contact:

Office of the Auditor General

Iles Park Plaza

740 E. Ash Street

Springfield, IL 62703

(217) 782-6046 or TTY (888) 261-2887

 

 

This Report Digest is also available on

the worldwide web at

http://www.state.il.us/auditor

 

 

 

 

 

 

 

 

SYNOPSIS

 

¨      The Authority has not developed a formal comprehensive disaster contingency plan to allow for timely continuance of critical computer services.

 

¨      The Authority did not maintain proper file documentation with respect to the reporting requirements stated in the Motor Vehicle Theft Prevention Grant documents.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

{Expenditures and Activity Measures are summarized on the reverse page.}

 


ILLINOIS CRIMINAL JUSTICE INFORMATION AUTHORITY

 COMPLIANCE EXAMINATION

For The Two Years Ended June 30, 2005

 

EXPENDITURE STATISTICS

FY 2005

FY 2004

FY 2003

·        Total Expenditures (All Funds)..............

$70,808,294

$63,314,065

$85,194,319

      OPERATIONS TOTAL............................

$4,425,675

$4,644,211

$6,096,139

            % of Total Expenditures......................

6.3%

7.3%

7.2%

 

 

 

 

            Personal Services................................

$1,998,332

$2,254,522

$2,496,342

               % of Operations Expenditures...........

45.2%

48.5%

41.0%

               Average No. of Employees(1).............

82

76

82

 

 

 

 

            Other Payroll Costs (FICA,

            Retirement).........................................

 

$600,820

 

$519,322

 

$598,899

               % of Operations Expenditures...........

13.6%

11.2%

9.8%

 

 

 

 

            Contractual Services............................

$102,564

$402,888

$705,074

               % of Operations Expenditures...........

2.3%

8.7%

11.6%

 

 

 

 

            All Other Operations Items..................

$1,723,959

$1,467,479

$2,295,824

               % of Operations Expenditures...........

38.9%

31.6%

37.6%

 

 

 

 

      GRANTS TOTAL....................................

$66,382,619

$58,669,854

$79,098,180

            % of Total Expenditures......................

93.7%

92.7%

92.8%

·         Cost of Property and Equipment.............

$6,142,869

$6,113,716

$5,565,055

(1)   Excludes contractual employees:  ’05 - 8; ’04 - 21; ’03 - 14.

 

SELECTED ACTIVITY MEASURES

FY 2005

FY 2004

FY 2003

·         Police Information Management System, Area-Wide Law Enforcement Radio Terminal System, or Automated Law Enforcement Communications System:

 

 

 

           Users

350

350

319

           User fees expended

$2,338,100

$2,029,200

$2,881,800

·         Cash Receipts (All Funds)

$67,023,203

$63,527,899

$69,409,295

                                                                      

 

 

 

 

AGENCY DIRECTOR(S)

      During Audit Period:  Lori Levin

      Currently:  Lori Levin

 

 



 

 

 

 

 

 

 

Failure to develop a formal comprehensive disaster contingency plan for its computer systems

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Documentation was missing from all 8 files

 

 

 

FINDINGS, CONCLUSIONS, AND RECOMMENDATIONS

 

DISASTER CONTINGENCY PLAN WEAKNESS

     

      The Authority has not developed a formal comprehensive disaster contingency plan to allow for timely continuance of service to police users, or the users of the local area network at the Authority. 

 

      The Authority has not identified key components of a contingency plan, such as a recovery site and procurement of replacement equipment and defined personnel assignments in the event of a disaster.  Furthermore, the Authority does not have an alternative power source to safeguard against data loss in the event of a power failure.  In the event of a major catastrophe, the Authority would be unable to fulfill its mission. This finding has been repeated since 1987.

 

      One of the Authority’s critical system applications is to provide local law enforcement officers the ability to retrieve information from their patrol cars relating to the current status of any driver’s license or vehicle in the State of Illinois.  The loss of computer services would make these services unavailable. (Finding 1, pages 8-10)

 

      We recommended the Authority develop a comprehensive disaster contingency plan to address issues relevant to the continuance of services to users.     

 

      Authority officials agreed with our recommendation and stated that they are exploring two possible options, but both options would require funding approval. (For previous agency response, see Digest Footnote 1.)

 

INADEQUATE MONITORING WITH REQUIREMENTS OF THE MOTOR VEHICLE THEFT PREVENTION TRUST FUND

 

      The Authority did not maintain proper file documentation with respect to the reporting requirements stated in the Motor Vehicle Theft Prevention Grant documents.  In addition, some grantees did not comply with the requirements set forth in the grant agreement.

 

     

      Our examination of 8 grants that had been finalized during the testing period revealed that Authority personnel did not maintain a statement from the grantee concerning the grantee’s annual audit requirement.  Documentation from the grantee was missing from all 8 files as follows:

 

·        4 of 8 files were missing a final performance report

 

·        4 of 8 files did not include a final inventory report

 

·        4 of 8 final fiscal reports were not date stamped upon receipt  (Finding 2, pages 11-12)

 

      We recommended that the Authority adequately monitor its grantees and maintain complete and accurate grant files with all of the necessary supporting documentation in accordance with the grant agreements. 

 

      Authority management accepted the finding and recommendation and stated that they will continue to monitor their grantees and maintain more complete and accurate grant files.

 

OTHER FINDING

 

      The remaining finding is less significant and is reportedly being given attention by Authority management.  We will review progress toward implementation of our recommendations in our next audit. 

 

      Authority responses to the recommendations were provided by Ted Miller, Associate Director, Fiscal Management.

 

 

 

 

 

 

 

AUDITORS’ OPINION

 

      We conducted a compliance attestation examination of the Illinois Criminal Justice Information Authority for the two years ended June 30, 2005 as required by the Illinois State Auditing Act.  We have not audited any financial statements of the Authority for the purpose of expressing an opinion because the Authority does not, nor is it required to, prepare financial statements.

 

 

 

____________________________________

WILLIAM G. HOLLAND, Auditor General

 

WGH:TLK:pp

 

 

SPECIAL ASSISTANT AUDITORS

     

      Our special assistant auditors were Duffner & Company, P.C.

 

 

DIGEST FOOTNOTES

 

#1 DISASTER CONTINGENCY PLAN WEAKNESS - Previous Agency Response

 

2003:     “Agree.  The Authority accepts this finding.  The majority of our past requests for funding for disaster recovery have not been approved.  At present, the Authority still relies a great deal on Hewlett Packard’s HP3000 platform to run its law enforcement applications.  This computing platform is expensive to operate and maintain and will soon become obsolete.  Additionally, it requires disaster recovery services that are costly and difficult to implement given the Authority’s budget.  During the audit period, the Information Systems Unit has been engaged in activities that will enhance the potential to implement disaster recovery solutions.  The activities described below will lead to complete replacement of the HP platform systems and should lead to operational savings that can significantly offset the costs of much needed business continuity and disaster recovery services for our systems.  Most of these efforts are scheduled to be completed by the end of FY 2004 and will lead to completely new law enforcement applications and improved service to police agencies.

 

              The objectives and current activities are as follows:

 

              Eliminate reliance on expensive and obsolete technologies.

              Improve the quality of application services to police and emergency services agencies.

              Reduce the overall costs of providing application services.

              Implement business continuity and disaster recovery services.

 

              Most activities to rewrite existing information systems to run on lower cost Windows-based platforms have been completed, and our users are currently being moved to the new ALERTS.Net and PIMS.Net systems, with ALECS to follow later in FY04.  In addition, the Authority has employed SunGuard Planning Solutions to assist in developing a network recovery plan.  This effort has resulted in the development of a recovery strategy that is currently under consideration.

 

              Additional funding and approval will be necessary to continue our current efforts.”