REPORT DIGEST

REGIONAL OFFICE OF EDUCATION #51:
MENARD AND SANGAMON COUNTIES

FINANCIAL AUDIT
FOR THE YEAR ENDED JUNE 30, 2020

Release Date:  December 15, 2021

FINDINGS THIS AUDIT:  2

CATEGORY:  NEW -- REPEAT -- TOTAL
Category 1:  0 -- 2 -- 2
Category 2:  2 -- 0 -- 2
Category 3:  0 -- 0 -- 0
TOTAL:  2 -- 0 -- 2

FINDINGS LAST AUDIT: 2

Category 1: Findings that are material
weaknesses in internal control and/or
a qualification on compliance with
State laws and regulations (material
noncompliance).
Category 2: Findings that are
significant deficiencies in internal
control and noncompliance with State
laws and regulations.
Category 3: Findings that have no
internal control issues but are in
noncompliance with State laws and
regulations.

State of Illinois, Office of the
Auditor General
FRANK J. MAUTINO, AUDITOR GENERAL

To obtain a copy of the Report
contact:
Office of the Auditor General, Iles
Park Plaza, 740 E. Ash Street,
Springfield, IL 62703
(217) 782-6046 or TTY (888) 261-2887

This Report Digest and Full Report are
also available on the worldwide web at
www.auditor.illinois.gov

SYNOPSIS

• (20-1)  The Regional Office of
Education #51 lacked adequate controls
over the review of internal controls
over external service providers.

• (20-2)  The Regional Office of
Education #51 did not have sufficient
collateral on deposits.

FINDINGS, CONCLUSIONS, AND
RECOMMENDATIONS

LACK OF ADEQUATE CONTROLS OVER THE
REVIEW OF INTERNAL CONTROLS OVER
EXTERNAL SERVICE PROVIDERS

As part of the audit process, auditors
requested Regional Office of Education
#51 (ROE) provide a population of the
service providers utilized. The ROE
was able to identify the service
provider that provides hosting and
backup services for the ROE.

The ROE is responsible for the design,
implementation, and maintenance of
internal controls, including the
controls that are outsourced to
service providers, related to
information systems and operations to
ensure resources and data are
adequately protected from unauthorized
or accidental disclosure,
modifications, or destruction.

Generally accepted information
technology guidance endorses the
review and assessment of internal
controls related to information
systems and operations to assure the
accurate processing and security of
information.

During testing, the auditors noted the
ROE had not:

• Developed a formal process for
obtaining the Service Organization
Controls (SOC) reports from the
service provider on an annual basis or
performed alternative procedures to
determine the impact of such services
on its internal control environment
prior to signing an agreement with the
service provider.
• Documented its review of each of the
SOC reports, or performed alternative
procedures, to evaluate any issues
relevant to the ROE’s internal
controls.
• Monitored and documented the
operation of the Complementary User
Entity Controls (CUECs) relevant to
the ROE’s operations.
• Obtained and reviewed SOC reports
for subservice organizations to
determine the impact on its internal
control environment.

Regional Office management indicated
they were unaware that SOC reports
should be reviewed on an annual basis
for all external service providers in
accordance with generally accepted
information technology guidance.
(Finding 20-001, pages 10a – 10b)

The auditors recommended the ROE
document if a review of controls is
required for any third-party service
providers. If required, the ROE
should:

• Obtain SOC reports associated with
outsourced systems at least annually.
• Monitor and document the operation
of the CUECs relevant to the ROE’s
operations.
• Obtain and review SOC reports for
subservice organizations to satisfy
itself that the existence of the
subservice organization would not
impact its own internal control
environment.
• Document its review of the SOC
reports, or perform alternative
procedures, to evaluate all
significant issues to ascertain if a
corrective action plan exists, when it
will be implemented, any impacts to
the ROE, and any compensating
controls.
• Review contracts with service
providers to ensure applicable
requirements over the independent
review of internal controls are
included.

ROE Response: Regional Office of
Education #51 acknowledges the finding
and will obtain SOC reports associated
with outsourced systems at least
annually and adhere to the other
recommendations in Finding No.
2020-001.

INSUFFICIENT COLLATERAL ON DEPOSITS

The Regional Office of Education #51
(ROE) did not have sufficient
collateral on deposits. As of June 30,
2020, cash balances held with various
banks exceeded Federal Deposit
Insurance Corporation (FDIC) coverage
and pledged collateral by $284,096.

The Public Funds Deposit Act (30 ILCS
225/1) gives the authorization for
deposits in excess of the federally
insured limit to be covered by pledged
collateral held by the financial
institutions’ trust departments in the
ROE’s name. In addition, prudent
business practice requires that all
cash and investments held by financial
institutions for the ROE be adequately
covered by depository insurance or
collateral.

Regional Office management indicated
they did not monitor the level of
collateral frequently enough to
determine it was at a sufficient
amount at June 30, 2020. (Finding
20-002, page 10c)

The Regional Office should
periodically monitor cash balances,
FDIC coverage, and pledged collateral
to determine all cash balances are
secured, especially around times when
large deposits are being received.
Additionally, the ROE should work with
its financial institutions to provide
sufficient collateral or enter into
agreements with its financial
institutions to have the cash balances
monitored for adequate collateral
periodically and adjusted as
necessary.

ROE Response: The Regional Office of
Education #51 acknowledges the finding
and will periodically monitor cash
balances, FDIC coverage, and pledged
collateral to determine all cash
balances are secured properly by our
financial institution.

AUDITORS’ OPINION

Our auditors state the Regional Office
of Education #51’s financial
statements as of June 30, 2020 are
fairly stated in all material
respects.

This financial audit was conducted by
the firm of Doehring, Winders & Co.
LLP.

JOE BUTCHER
Division Director

This report is transmitted in
accordance with Section 3-14 of the
Illinois State Auditing Act.

FRANK J. MAUTINO
Auditor General

FJM:JRB