Illinois Department of Natural Resources 2000 Audit

REPORT DIGEST

DEPARTMENT OF NATURAL RESOURCES

FINANCIAL AND COMPLIANCE AUDIT

For the Year Ended:
June 30, 2000

Summary of Findings:

Total this audit 10
Total last audit 14
Repeated from last audit 2

Release Date:
April 26, 2001

State of Illinois
Office of the Auditor General

WILLIAM G. HOLLAND

AUDITOR GENERAL

To obtain a copy of the Report contact:
Office of the Auditor General
Attn: Records Manager
Iles Park Plaza
740 E. Ash Street
Springfield, IL 62703

(217)782-6046 or TDD (217) 524-4646

This Report Digest is also available on
the worldwide web at
http://www.state.il.us/auditor

SYNOPSIS

The Department did not prepare certain expenditure reports in a timely manner resulting in financial reporting delays.

The Department did not maintain necessary records to monitor unemployment benefits paid by the State.

The Department did not calculate accumulated leave records accurately.

The Department did not establish adequate security controls over its computer resources.

{Expenditures and Activity Measures are summarized on the next page.}

DEPARTMENT OF NATURAL RESOURCES
FINANCIAL AND COMPLIANCE AUDIT
For the Year Ended June 30, 2000

	FY 2000	FY 1999
Total Expenditures (All Appropriated Funds) OPERATIONS TOTAL % of Total Expenditures Personal Services % of Operations Expenditures Average No. of Employees: Regular Part-time Other Payroll Costs (FICA, Retirement) % of Operations Expenditures Contractual Services % of Operations Expenditures All Other Operations Items % of Operations Expenditures GRANTS, REFUNDS, OTHER % of Total Expenditures Cost of Property and Equipment (in thousands)	$282,758,664 $115,025,946 40.7% $69,728,153 60.6% 2,123 429 $17,491,698 15.2% $14,055,721 12.2% $13,750,374 12.0% $167,732,718 59.3% $759,820	$241,113,970 $106,083,360 44.0% $64,802,913 61.1% 2,043 449 $16,153,978 15.2% $13,519,876 12.7% $11,606,593 11.0% $135,030,610 56.0% $721,296

SELECTED ACTIVITY MEASURES (Unaudited)	FY 2000	FY 1999
Acreage owned and managed Site Attendance (In Thousands) Protected Natural Area Acreage Hunting Licenses Issued Fishing Licenses Issued Deer Permits Issued Law Enforcement Citations/Warning Issued Students Certified in Safety Education Classes Boating Hunting Snowmobile Trapping	402,302 43,506 63,821 312,807 781,340 612,353 16,147 3,875 15,189 1,235 165	406,100 42,144 58,550 313,693 775,685 523,000 27,800 3,872 12,962 1,178 197

AGENCY DIRECTOR

During Audit Period: Brent Manning
Currently: Brent Manning

Delays in preparation and submission of GAAP reporting packages and financial statements

Non-employee received compensation totaling $279

Twenty percent of leave records contained mathematical errors

Inadequate security controls over computer equipment valued at approximately $8.5 million

FINDINGS, CONCLUSIONS, AND RECOMMENDATIONS

FINANCIAL REPORTING DELAYS

The Department's reports of programmatic expenditure information were not prepared on a timely basis causing financial reporting delays.

The Department utilizes a programmatic accounting system (PAS) to capture information necessary to prepare Generally Accepted Accounting Principle (GAAP) reporting packages for the State Comptroller and departmental financial statements. However, the reports generated from the PAS are generally not available until 45 to 50 days after the end of the accounting period.

Department personnel attributed the delay in PAS report preparation and submission of GAAP reporting packages to insufficient personnel resources and the late submission of programmatic timesheets by Department employees.

An important element of internal control is the timely review, reconciliation and reporting of accounting data. (Finding 1, pages 12-13)

We recommended the Department review, and revise as necessary, its current system of gathering programmatic expenditure information to improve the timeliness of its financial reporting. Also, GAAP reporting packages and financial statements should be prepared in a timely manner.

Department officials agreed with our recommendation and stated they will evaluate the current process used to report programmatic cost information and will explore alternatives to improve the timeliness of this information. In addition, the Department will work to improve the timely submission of GAAP packages and financial statements.

LACK OF SUPPORTING DOCUMENTATION AND CONTROLS OVER MONITORING UNEMPLOYMENT CLAIMS

The Department did not maintain necessary records to adequately monitor unemployment benefits paid by the State. The State paid unemployment benefits of approximately $204,252 to Department employees. We selected 25 unemployment claims for testing and noted the following:

19 of 25 (76%) "Notice of Claim to Chargeable Employer or Other Interested Party" forms (BIS-032) could not be located by the Department.

One of the six BIS-032 forms obtained was not reviewed within the required ten-day review period. The form was reviewed 19 days late.

One of 25 (4%) persons paid unemployment compensation totaling $279 was not an employee of the Department.

We also noted there was no supporting documentation indicating the Department reviewed the FY00 quarterly "Statement of Amount Due for Benefits Paid" (BEN-118R) reports sent by the Illinois Department of Employment Security (IDES) within the required 20 day period.

IDES rules and the Illinois Unemployment Insurance Act establish the procedures which the Department must follow regarding unemployment claims. In addition, the Department has its own Unemployment Compensation policies and procedures. (Finding 2, pages 14-15)

We recommended Department employees comply with Department and IDES rules and the Unemployment Insurance Act. Also, the Department should maintain appropriate documentation to support their reviews and decisions on unemployment benefit claims filed and benefits paid.

Department officials agreed with our recommendation and stated they have transferred responsibility for the review of unemployment compensation to their Office of Human Resources who have met with officials from the IDES to familiarize themselves with unemployment claim requirements. In addition, procedures will be developed and implemented during FY2001 to ensure appropriate supporting documentation is maintained for the Department’s review of unemployment compensation claims.

INACCURATE ACCUMULATED LEAVE RECORDS

The Department did not calculate leave records accurately. During our testing, we noted 19 of 96 (20%) accumulated leave records contained mathematical errors. The errors resulted in inaccuracies in accumulated leave time.

The Department’s Timekeeping Handbook requires the timekeepers make all entries in a timely fashion and ensure all accumulated leave calculations are correct. In addition, good business practice requires the Department maintain a system to accurately calculate the accumulated leave balance for each employee. (Finding 3, page 16)

We recommended the Department maintain accurate leave records for all employees. Specifically, the Department should recalculate accumulated leave records to ensure the original calculation is accurate.

Department officials agreed with our recommendation and stated they will remind all timekeepers and supervisors of the need to ensure the accuracy of mathematical calculations on accumulated leave records. In addition, the Department will perform additional audits and reviews of leave records to verify the accuracy of such calculations.

INADEQUATE SECURITY CONTROLS

The Department did not have adequate security controls for its computer resources.

During our review, we noted the following weaknesses:

Comprehensive department-wide information technology and physical security policies and procedures, including a security awareness program did not exist.
Physical security was not consistently enforced or monitored.
Network rooms at various locations were not locked at all times and some computer network servers were located in unsecure rooms.
Environmental control and detection devices were not always employed and/or maintained.
Network security defaults were not consistent and in some instances were not employed.

Adequate physical and logical security over the Department’s resources would assist the Department in assuring its critical computer resources are adequately secured. In addition, documented comprehensive department-wide security policies and procedures would assist the Department in assuring staff responsible for monitoring and enforcing security are aware of their responsibilities, as well as ensuring that security policies and procedures are consistent among locations. (Finding 10, pages 23-24)

We recommended the Department establish and distribute to each location comprehensive information technology security policies and procedures. In addition, the Department should restrict access to all network servers, update their Internet policies and procedures to provide controls over Internet access, and review their network security defaults.

Department officials agreed with our recommendation and stated a Department-wide evaluation of the security risks of its computer resources and information technology functions will be performed and formal policies and procedures will be developed. In addition, on-going security awareness programs for Department employees will be established as part of these policies and procedures.

OTHER FINDINGS

The remaining findings were less significant and are being given attention by the Department. We will review progress towards the implementation of our recommendations in our next compliance audit.

Mr. Brad Hammond, Chief Internal Auditor for the Department, provided the responses.

AUDITORS’ OPINION

Our auditors stated the Department’s financial statements of the non-shared funds, as of and for the year ended June 30, 2000, are fairly stated in all material respects.

____________________________________

WILLIAM G. HOLLAND, Auditor General

WGH:JSC:pp

AUDITORS ASSIGNED

This audit was performed by the staff of the Office of the Auditor General.