COLUMBUS PUBLIC SCHOOLS - Columbus City Schools / …



COLUMBUS CITY SCHOOLS

BOARD OF EDUCATION

AUDIT AND ACCOUNTABILITY COMMITTEE MEETING

August 29, 2019

at

Columbus Education Center – Cabinet Room

Committee members present:

Michael Cole, Chair, Board Vice-President, Eric Brown, Board Member, Charles Saunders, Franklin University, Community Member, Ilija Vadjon, The Wendy’s Company, Community Member, Tim Grant, Parms+Company, Community Member, Gregory Jordan, Nationwide, Community Member

Others present: Talisa Dixon, Stan Bahorek, Monique Jacquet, Annett Morud, Scott Wortman, Scott Gooding, Michele VanDyke, Mike McCammon, Andrea Richardson, Brian Clymer, Chris Campbell, John DeRose, Philip Tancreti, Kevin O’Connor, Dion Brown, Terri Berchak, Carolyn Edwards, and Alissa Widman Neese.

Committee member absent: Ramona Reyes, Board Member

Chair Cole called the regular meeting of the Board of Education Audit and Accountability Committee (the Committee) to order at 3:30 p.m.

Chair Cole recognized the attendance of Committee Members: Charles Saunders, Eric Brown, Ilija Vadjon, Gregory Jordan, and Tim Grant.

Approval of Minutes

The motion to approve the minutes of the regular meeting held on June 27, 2019 was made by Member Grant and seconded by Member Brown. The Committee unanimously approved the minutes.

Committee Operations:

No Report Due

Office of Internal Audit Report

Request for Release of Audit Report(s)

Use of District Facilities Follow-up Review Overview

Mr. O’Connor presented to the Committee a brief overview of the Use of District Facilities Follow-up Review Report.

Sixteen (16) of the 18 original corrective action plans have been implemented. There are two remaining outstanding audit issues: 1) the administrative guidelines have been approved by the Superintendent this month and are waiting Neola to upload to their website. 2) Management still needs to develop proper operating procedures on the proper use of building rental income.

Mr. O’Connor, Mr. Brown (Segment Audit Manager) and the Committee engaged in further discussion regarding the Use of District Facilities Follow-up Review.

A motion to approve and release the Use of District Facilities Follow-up Review Overview was made by Member Jordan and seconded by Member Grant. The Committee was all in favor.

Office of Technology – Follow-up Status Report

Mr. Brown directed the Committee to the Office of Technology Follow-up Status Report Overview on Page 3. The initial Information Technology audit reports were approved by the CCS Audit and Accountability Committee on June 17, 2014, March 26, 2015, October 27, 2016, and August 17, 2017.

For those audits, there have been 73 recommendations that were made. Thirty-three (33) of the 73 recommendations have been implemented by management. Eighteen (18) have not been implemented and 22 corrective action plans have not been tested by OIA.

For this follow-up review OIA focused on reviewing high-rated issues identified in the previous audits. We determined that three (3) of the recommendations have been implemented and five (5) were not implemented.

Ms. VanDyke, Mr. Brown, and the Committee engaged in further discussion regarding the Use of District Facilities Follow-up Review Overview.

Member Vadjon commented that Recommendation No. 10 – “Data Security – Ongoing Vulnerability Management Program Not in Place” the language of the recommendation marked as implemented does not necessarily align with the recommendation. OIA will review the comment and report back to the Committee.

A motion to approve and release the Office of Technology Follow-up Status Report with a revision to Recommendation No. 10 – Data Security – Ongoing Vulnerability Management Program Not in Place on Page 7 was made by Member Jordan and seconded by Member Grant. The Committee was all in favor.

Grants Management Audit Report

Mr. O’Connor and Ms. Richardson were seated at the table to present the Grants Management Audit Report.

Mr. O’Connor directed the Committee to Page 3 of the Report. The Executive Summary, Audit Objectives, Audit Scope, and Background were discussed. The review period was July 1, 2017 through September 30, 2018. In three instances, transactions from FY17 were included in our testing.

The following high- and moderate-risk issues and recommendations were discussed:

Issue No. 1 – The Office of Budget & Financial Management does not have written business objectives, metrics or risk analysis to guide the Grants Management process to determine successes, avoid pitfalls, and enhance its efficiency and effectiveness.

Issue No. 2 – Internal controls could be enhanced relating to the Grants Management Process.

Mr. O’Connor, Ms. Richardson and the Committee engaged in further discussion regarding Issue No. 2. Member Jordan suggested additional information be included in the report for bullet Nos. 3 & 5 on Page 7. The Committee will revisit the audit report at the next scheduled committee meeting.

Internal Audit Activity and Dashboard Report

Mr. O’Connor presented to the Committee an update of the Internal Audit Activity and Dashboard Report.

Mr. O’Connor and the Committee engaged in discussion regarding the Issue/Recommendation Verification.

There were no additions or deletions to the FY20 Annual Audit Plan.

An ALGA team completed the OIA external assessment for the period of July 1, 2018 to June 30, 2019. The team’s external assessment concluded OIA’s internal quality control system was suitable designed and operating effectively to provide reasonable assurance of conformance with International Standards for the Professional Practice of Internal Auditing.

Legal Compliance and Risk Management Report

IT Update – Vulnerability Scan & Penetration Test / IT Director

Ms. VanDyke provided the Committee an update on the Vulnerability Scan & Penetration Test. The District engaged with MicroSolved Inc. (MSI), to perform the vulnerability assessment and penetration testing of the District’s external and internal computer networks.

These assessments were performed by the MSI Information Security Team beginning on March 20, 2019 and ending on April 1, 2019. The vulnerability scan results and summary showed there are 143 open unique findings.

Ms. VanDyke and the Committee engaged in further discussion regarding the IT Vulnerability Scan & Penetration Test.

Major Financial and Accounting Risk – Opportunity Study Update / CFO

Mr. Bahorek provided the Committee a brief update regarding the Opportunity Study that was initially presented to the Finance & Appropriation Committee (FAC).

Mr. Bahorek indicated this study grew out of one comment in an Internal Audit report indicating that the Treasurer’s Office did not have a procedures manual in place. The areas of focus were the entire scope of the Treasurer’s office.

Mr. Bahorek and the Committee engaged in further discussion regarding the Opportunity Study Update.

Ethical and Legal Compliance Report- Moved to October Meeting

Financial Reporting

Review and Comment on the Corrective Action Plans Proposed by the District Administration in Response to all Audit Findings – Puccio Report

Mr. Brown directed the Committee to AOS FY 2018 Puccio Report in their meeting packets. The report is used to track outstanding comments by the Auditor of State (AOS).

OIA determined the one report comment issued in the AOS FY 2018 Puccio Report Status “KRONOS System Supervisor Approval of Timecards”, has a low likelihood of repeating in FY 2019.

In the AOS FY 2018 Management Letter Report Status there were a total of four (4) management letter comments. Timely Deposits and Athletic Receipts Cycle were deemed a high likelihood of repeating in the AOS financial audit for FY 2019.

Adjournment

A motion to adjourn the meeting was made by Member Jordan and seconded by Member Grant. The Committee Chairperson adjourned the meeting at 5:00 p.m.

................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download