REPORT DIGEST

ILLINOIS HEALTH CARE
COST CONTAINMENT
COUNCIL

FINANCIAL AND COMPLIANCE AUDIT
For the Two Years Ended:
June 30, 1998

Summary of Findings:

Total this audit 3
Total last audit 3
Repeated from last audit 1


Release Date:
May 13, 1999


State of Illinois
Office of the Auditor General

WILLIAM G. HOLLAND
AUDITOR GENERAL

To obtain a copy of the Report contact:
Office of the Auditor General
Attn: Records Manager
Iles Park Plaza
740 E. Ash Street
Springfield, IL 62703
(217) 782-6046 or TDD (217) 524-4646

This Report Digest is also available on
the worldwide web at
http://www.state.il.us/auditor

SYNOPSIS

  • The Council did not approve vouchers totaling $219,945 within 30 days as required; approvals ranged from 4 to 303 days late.
  • The Council has not conducted a comprehensive test of its Disaster Recovery Plan. This finding has existed since 1992.
  • The Council did not prepare and submit its Service Efforts and Accomplishments Report on a timely basis.

 

 

 

{Expenditures and Activity Measures are summarized on the reverse page.}


ILLINOIS HEALTH CARE COST CONTAINMENT COUNCIL
FINANCIAL AND COMPLIANCE AUDIT
For The Two Years Ended June 30, 1998
EXPENDITURE STATISTICS

FY 1998

FY 1997

FY 1996

  • Total Expenditures (All Funds)

OPERATIONS TOTAL
% of Total Expenditures

Personal Services
% of Operations Expenditures

Average No. of Employees

Other Payroll Costs (FICA, Retirement)
% of Operations Expenditures

Contractual Services
% of Operations Expenditures

All Other Operations Items
% of Operations Expenditures


Special Studies Total
% of Total Expenditures

  • Cost of Property and Equipment

$1,253,859

$1,005,268
80%

$531,393
54%

20

$95,271
9%

$82,737
8%

$295,867
29%


$248,591
20%

$623,437

$1,239,811

$932,398
75%

$512,543
55%

20

$82,311
9%

$66,663
7%

$270,881
29%


$307,413
25%

$704,427

$1,210,798

$924,948
76%

$518,923
56%

20

$81,645
9%

$90,781
10%

$233,599
25%


$285,850
24%

$719,172
SELECTED ACTIVITY MEASURES

FY 1998

FY 1997

FY 1996

  • Special Studies Issued
  • Special Studies Receipts
  • Data Sets Issued
  • Data Sets Receipts

8
$36,690
97
$170,750

5
$35,000
139
$264,522

5
$53,500
166
$170,641
AGENCY DIRECTOR(S)
During Audit Period: Joseph A. Bonefeste
Currently: Joseph A. Bonefeste

 







Vouchers not approved within 30 days








No comprehensive test performed

























Four month delay in submitting the Report to the Comptroller’s Office

  

FINDINGS, CONCLUSIONS, AND RECOMMENDATIONS

UNTIMELY APPROVAL OF TRAVEL AND INVOICE VOUCHERS

The Council did not approve travel and invoice vouchers totaling $219,945 in a timely manner.

A total of 78 travel and invoice vouchers were not approved within 30 days as required by the Illinois Administrative Code. Approvals ranged 4 to 303 days late. (Finding 98-1, pages 14-15)

Council officials agreed with our recommendation to approve travel and invoice vouchers within 30 days in accordance with State regulations.

DISASTER RECOVERY DEFICIENCIES

The Council has not conducted a comprehensive test of the Disaster Recovery Plan to simulate the recovery of processing for the minicomputer and Local Area Network (LAN) systems.

The equipment is configured into various computer systems including minicomputers and local area networks (LANS), and the Department of Central Management Services’ mainframe systems. A variety of applications are maintained on these systems which contain critical, financially sensitive, or confidential data. These include the mission critical Uniform Billing Data and Intake systems which collect and track health care costs and other relevant patient care data from Illinois hospitals.

Disaster Recovery Plans should be tested at least annually or when changes occur in the information systems environment for the organization. Without an annual test of the Plan, there is no assurance that the Plan would function to meet the processing needs of the critical applications for the Council. (Finding 98-2, pages 16-17) This finding has been repeated since 1992.

Council officials agreed with our recommendation to perform a comprehensive test of the Disaster Recovery Plan to determine if the Plan functions as designed to meet the processing needs of the critical applications. (For previous agency responses, see Digest Footnote 1)

SERVICE EFFORTS AND ACCOMPLISHMENTS INFORMATION NOT REPORTED TIMELY

The Service Efforts and Accomplishments report required by the Comptroller’s Office was not prepared and submitted timely. The report was due October 15, 1998 and was not completed by the Council until January, 1999. (Finding 98-3, page 18)

This report provides information on the service efforts, costs, and accomplishments of the Agency in its major programs and services.

Council officials agreed with our recommendation to submit this report on a timely basis as required.

AUDITORS' OPINION

Our auditors state that the June 30, 1998 and 1997 financial statements for the Special Studies Fund are fairly presented except for the effects of such adjustments, if any, as might have been determined to be necessary had they been able to examine evidence regarding year 2000 disclosures.

____________________________________
WILLIAM G. HOLLAND, Auditor General

WGH:ROQ:ak

SPECIAL ASSISTANT AUDITORS

Our special assistant auditors for this audit were Jack Robertson & Co., Certified Public Accountants.

DIGEST FOOTNOTES

#1 DISASTER RECOVERY DEFICIENCIES - Previous Agency Responses

1996: "The Council has developed a draft disaster recovery plan which will be reviewed by CMS - BCCS. Once the plan has been reviewed and approved by CMS - BCCS, the Council will test the plan. Thereby, complying with the recommendation of the Auditor General."

1994: "The Council has been prevented by under-appropriation from correcting this material weakness. At the time of this response adequate funding for the first year of an off-site disaster recovery contract is included in the FY96 Budget. During FY96, should appropriations permit, the Council will release a Request for Information on offsite disaster recovery services and enter into a contract with an appropriate vendor."

1992: "The Council has in place a plan which is not tested and is documented only in the sense that there is a written agreement to cooperate in the event of a disaster. The Council acknowledges that this is not a satisfactory situation and that it should take steps to document and test the plan as other priorities and funding permit. The Council believes that several other factors help put the finding in perspective:

a)  Prior to FY93, all Council critical applications resided almost entirely at the CMS Central Computing Facility (CCF). While the Council documented the recovery requirement, the Council’s systems were not placed into the priority list of applications to be brought up on an interim basis should a disaster occur affecting the CCF. It is evident that Council requirements, when collated into the broader needs of all of State government, did not rank highly enough for a place to be found in the recovery plan. As such, while the arrangements made during FY93 were not sufficient for the long term, they were arguably superior to the situation which prevailed previously.

b)  Reasonable assurance of the ability of the Council to recover from a disaster involving computing equipment is an important issue. However, during FY93, the Council’s EDP staff was struggling in the face of grossly inadequate resources to convert its most critical application from CCF mainframes to a minicomputer while at the same time continuing to operate this application. Thus, the system to be recovered was changing from week to week. In this context, dedicating the resources required to provide adequately for recovery would have made it impossible to convert and operate the application."