DEVELOPMENT CALIFORNIA STATE UNIVERSITY, FULLERTON. Report Number January 31, 2002

Similar documents
AUXILIARY ORGANIZATIONS CALIFORNIA STATE UNIVERSITY, LONG BEACH. Report Number September 20, 2001

CONTRACTS AND GRANTS SAN DIEGO STATE UNIVERSITY. Report Number December 17, 2001

DEVELOPMENT CALIFORNIA STATE UNIVERSITY, LOS ANGELES. Report Number November 14, 2002

AUXILIARY ORGANIZATIONS CALIFORNIA STATE UNIVERSITY, SAN MARCOS. Report Number September 18, 2001

AUXILIARY ORGANIZATIONS

Any observations not included in this report were discussed with your staff at the informal exit conference and may be subject to follow-up.

SAN JOSÉ STATE UNIVERSITY. Report Number September 12, 2002

CSU COLLEGE REVIEWS. The California State University Office of Audit and Advisory Services. California State University, Sacramento

AUXILIARY ORGANIZATIONS

CONTRACTS AND GRANTS CALIFORNIA STATE UNIVERSITY, SACRAMENTO. Audit Report September 7, 2007

AUXILIARY ORGANIZATIONS

AUXILIARY ORGANIZATIONS CALIFORNIA STATE UNIVERSITY, CHICO. Audit Report March 22, 2013

CSU COLLEGE REVIEWS. The California State University Office of Audit and Advisory Services. California State Polytechnic University, Pomona

Subject: Audit Report 17-44, Athletics Fund-Raising, California State University, Bakersfield

CONTINUING EDUCATION CALIFORNIA STATE UNIVERSITY, FULLERTON. Report Number June 24, 1998

AUXILIARY ORGANIZATIONS SAN FRANCISCO STATE UNIVERSITY. Audit Report July 21, 2012

AUXILIARY ORGANIZATIONS

AUXILIARY ORGANIZATIONS CALIFORNIA STATE UNIVERSITY, EAST BAY. Audit Report June 18, 2014

STUDENT HEALTH CENTER CALIFORNIA STATE UNIVERSITY, HAYWARD. Report Number November 6, 2000

The California State University Office of Audit and Advisory Services CSU SCHOLARSHIPS. San José State University

Subject: Audit Report 17-25, Cashiering, California Polytechnic State University, San Luis Obispo

STUDENT HEALTH SERVICES SAN JOSÉ STATE UNIVERSITY. Audit Report December 9, 2013

FINANCIAL AID CALIFORNIA STATE UNIVERSITY, CHICO. Audit Report November 14, 2011

AUXILIARY ORGANIZATIONS

STUDENT HEALTH CENTERS CALIFORNIA STATE UNIVERSITY, BAKERSFIELD. Report Number September 26, 2000

AUXILIARY ORGANIZATIONS CALIFORNIA STATE UNIVERSITY, CHICO. Audit Report May 6, 2010

Subject: Audit Report 18-16, Student Health Services, California State University San Marcos

PUBLIC SAFETY CALIFORNIA STATE UNIVERSITY, MONTEREY BAY. Report Number October 23, 2000

FACILITIES MANAGEMENT CALIFORNIA STATE UNIVERSITY, CHANNEL ISLANDS. Audit Report June 12, 2012

CONTRACTS AND GRANTS SAN FRANCISCO STATE UNIVERSITY. Report Number April 22, 2002

CORPORATION FOR PUBLIC BROADCASTING OFFICE OF INSPECTOR GENERAL

HUMBOLDT STATE UNIVERSITY SPONSORED PROGRAMS FOUNDATION

Any observations not included in this report were discussed with your staff at the informal exit conference and may be subject to follow-up.

CONTINUING EDUCATION CALIFORNIA STATE UNIVERSITY, NORTHRIDGE. Report Number July 22, 1999

SPONSORED PROGRAMS POST AWARD CALIFORNIA POLYTECHNIC STATE UNIVERSITY, SAN LUIS OBISPO. Audit Report February 4, 2014

University of Florida Foundation, Inc. Financial and Compliance Report June 30, 2016

DATE ISSUED: 05/03/ of 10

Review of the Status of Auxiliary Organizations in the California State University

AN INTRODUCTION TO FINANCIAL MANAGEMENT FOR GRANT RECIPIENTS. National Historical Publications and Records Commission

AGENDA COMMITTEE ON INSTITUTIONAL ADVANCEMENT. Meeting: 3:30 p.m., Tuesday, March 12, 2002 CSU, Sacramento - University Union Ballroom

Strategic Plan. Prepared by: Mesabi Range College Foundation Board Betsy Olivanti, Executive Director. Phone:

Memorandum of Understanding between Pueblo Community College and the Pueblo Community College Foundation

Steve Relyea Executive Vice Chancellor and Chief Financial Officer. Audit Report 18-67, Sponsored Programs Post Award, Office of the Chancellor

R0.01 Solicitation and Acceptance of Gifts for the University

Subject: Audit Report 16-13, Student Housing Phase II, California State University, Northridge

BACKGROUND. CPB Community Service Grant

BOARD OF LICENSE COMMISSIONERS PRINCE GEORGE S COUNTY, MARYLAND PERFORMANCE AUDIT OCTOBER 2001


Subject: Audit Report 17-31, Student Organizations, California State University, Los Angeles

Chapter 21. Chapter 21 Booster Clubs, Foundations, Auxiliary Organizations and Other Parent-Teacher Associations

Transition Review of the Greater Fort Lauderdale Convention & Visitors Bureau

Subject: Audit Report 17-74, Taylor II Replacement Building, California State University, Chico

Any observations not included in this report were discussed with your staff at the informal exit conference and may be subject to follow-up.

PERALTA COMMUNITY COLLEGE DISTRICT SINGLE AUDIT REPORT JUNE 30, 2010

GRAMBLING STATE UNIVERSITY OFFICE OF INSTITUTIONAL ADVANCEMENT GUIDELINES, POLICIES AND PROCEDURES

Any observations not included in this report were discussed with your staff at the informal exit conference and may be subject to follow-up.

Hospitality Guidelines

The California State University Office of Audit and Advisory Services CSU CLERY ACT. California State University, East Bay

SJSU Research Foundation Cost Share Policy

STUDENT ACTIVITY FUNDS

FIRST AMENDED Operating Agreement. North Carolina State University and XYZ Foundation, Inc. RECITALS

Georgia Institute of Technology/Georgia Tech Research Corporation A-133 Coordinated Audit Research and Development Cluster Summary Schedule of Prior

CONSTRUCTION CALIFORNIA STATE UNIVERSITY, SAN BERNARDINO COLLEGE OF EDUCATION. Audit Report January 4, 2010

Subject: Audit Report 16-14, Spartan Complex Renovation, San Jose State University

POLICY STATEMENT. Individual Student Bucknell student or group of Bucknell students, other than those groups defined herein.

HENDERSHOT, BURKHARDT & ASSOCIATES CERTIFIED PUBLIC ACCOUNTANTS

O L A. Perpich Center for Arts Education Fiscal Years 2001 through 2003 OFFICE OF THE LEGISLATIVE AUDITOR STATE OF MINNESOTA

Fundraising Events. Approval of Fundraisers

To allow for responsible spending of UFF Source of Funds (SOF).

Policy and Responsibility

CSU CONSTRUCTION. The California State University Office of Audit and Advisory Services. California State University, East Bay

FUNDRAISING EVENT ADMINISTRATION

draft BURLINGTON PUBLIC SCHOOLS STUDENT ACTIVITY ACCOUNTS BURLINGTON, MASSACHUSETTS

Subject: Audit Report 17-29, Police Services, California State University Maritime Academy

Grants Financial Procedures (Post-Award) v. 2.0

Office of Internal Audit 800 W. Campbell Rd. SPN 32, Richardson, TX Phone Fax January 10, 2017

The California State University Office of Audit and Advisory Services CSU CLERY ACT. San Diego State University

Alumni Foundation Database

To the Board of Overseers of Harvard College:

ANNUAL REPORT ON GIFTS, FUND RAISING AND ENDOWMENTS YEAR ENDED JUNE 30, 2012

Report No. DODIG May 31, Defense Departmental Reporting System-Budgetary Was Not Effectively Implemented for the Army General Fund

Fundraising. Standards for PTA Fundraising

Report No. D May 14, Selected Controls for Information Assurance at the Defense Threat Reduction Agency

Common Errors on the T3010 related to fundraising costs. Know how to avoid them

CSU CONSTRUCTION. The California State University Office of Audit and Advisory Services. California State Polytechnic University, Pomona

N O N-PR O FI T O R G A NI Z A T I O NS

THE UNIVERSITY FOUNDATION. Annual Update. Fiscal Year

Department of Health and Mental Hygiene Springfield Hospital Center

BOARD OF REGENTS POLICY

Sample Survey FY2009 Higher Education Survey Section 1. Pledges & Testamentary Commitments (Optional)

Subject: Audit Report 16-48, Emergency Management, California State University, Fullerton

Booster Club Training

STATE OF ILLINOIS UNIVERSITY OF ILLINOIS. Compliance Examination. (In Accordance With the Single Audit Act and OMB Circular A-133) June 30, 2011

Disbursement Policy for Restricted Funds

Fiscal Compliance: Desk Audit and Fiscal Monitoring Reviews

Office of the Inspector General Department of Defense

Subject: Audit Report 16-47, Emergency Management, California State University, East Bay

PENNSYLVANIA HISTORICAL AND MUSEUM COMMISSION FUNDRAISING POLICIES AND GUIDELINES. Adopted: September 21, 2005

31 October Mike Prendergast Colonel, US Army, Retired Executive Director Florida Department of Veterans Affairs. Dear Colonel Prendergast,

OCCUPATIONAL HEALTH AND SAFETY CALIFORNIA STATE UNIVERSITY, NORTHRIDGE. Audit Report January 31, 2008

Transcription:

DEVELOPMENT CALIFORNIA STATE UNIVERSITY, FULLERTON Report Number 01-28 January 31, 2002 Members, Committee on Audit Shailesh J. Mehta, Chair Daniel N. Cartwright Murray L. Galinson Harold Goldwhite Ricardo F. Icaza Frederick W. Pierce, IV University Auditor: Larry Mandel Senior Director: Janice Mirza Audit Manager: Nate Clark Internal Auditor: John Stegall Staff BOARD OF TRUSTEES THE CALIFORNIA STATE UNIVERSITY

CONTENTS INTRODUCTION Purpose... 1 Scope and Methodology... 1 Background... 2 Opinion... 3 Executive Summary... 4 OBSERVATIONS, RECOMMENDATIONS, AND CAMPUS RESPONSES Cash and Noncash Gift Administration and Control... 6 Gifts-In-Kind... 6 Fund Expenditure Control and Donor Restrictions... 7 Employee Expense Reimbursements... 7 Segregation of Duties... 9 Reporting, Record Keeping, and Inventory Control... 10 Annual Report... 10 Donor Records... 12 System Access Security... 12 Gift Policy Committee... 13 ii

CONTENTS APPENDICES APPENDIX A: APPENDIX B: APPENDIX C: Personnel Contacted Campus Response Chancellor s Acceptance ABBREVIATIONS CAE CASE CSU CSU Fullerton G-I-K SAM UAF VSE Council for Aid to Education Council for Advancement and Support of Education California State University California State University, Fullerton Gift(s)-In-Kind State Administrative Manual University Advancement Foundation Voluntary Support of Education iii

INTRODUCTION PURPOSE Our overall audit objective was to ascertain the effectiveness of existing policies and procedures related to the administration of development activity and to determine the adequacy of controls over the related processes to ensure compliance with relevant governmental regulations, Trustee policy, Office of the Chancellor directives, and campus procedures. Within the overall audit objective, specific goals included determining whether: Administration and management of development activity provide an effective internal control environment; adequate development administrative plans, policies, and procedures; and monitoring of goal attainment. Cash and noncash gifts are adequately controlled, sufficiently safeguarded, and properly accounted for and noncash gifts are properly valued. Donations are properly processed and acknowledged and the donor administrative system is reconciled to campus/foundation accounting records. Donor pledges are adequately controlled, properly reported, followed up, and written off when deemed uncollectible. Expenditures are reasonable, adequately supported, and properly authorized and comply with university policies and donor intentions. Reportable charitable contribution information is complete, accurate, and supportable. Donor files and automated donor system information assets are adequately safeguarded and reasonably secure. Development activities comply with relevant gift tax reporting requirements, federal and state regulations, and Trustee and California State University (CSU) policy, including the CSU Gifts of Software Policy and Procedure. SCOPE AND METHODOLOGY This review emphasized, but was not limited to, compliance with state and federal laws, Board of Trustee policies, and Office of the Chancellor and campus policies, letters, and directives. At California State University, Fullerton (CSU Fullerton), university advancement has overall responsibility for development activity. Page 1

INTRODUCTION Our primary focus involved the internal administrative, compliance, and operational controls over the management of the campus fundraising function. Specifically, we reviewed and tested: Administrative plans, policies, procedures, and monitoring tools. Procedures for controlling, processing, and safeguarding cash and noncash contributions. Donation solicitation and acknowledgement practices. Valuation of nonmonetary and marketable securities donations. Gift recording and reconciliation between development and campus/foundation accounting records. Procedures for controlling, authorizing, and processing expenditures of donated funds. Preparation of reports on development activity. Data security, disaster recovery, and backup procedures. BACKGROUND As a result of a systemwide risk assessment conducted by the Office of the University Auditor during the last quarter of 1999, the Board of Trustees, at its January 2001 meeting, directed that Development be reviewed. The proposed scope of the audit as presented in Attachment B, Agenda Item 2 of the January 23-24, 2001, meeting of the Committee on Audit, stated that Development includes university advancement and fundraising. Potential impacts include inadequate nonstate funding; acceptance of gifts that are inconsistent with public policy; erroneous valuation of nonmonetary gifts; noncompliance with Internal Revenue Service regulations; use of funds that conflict with donor intentions or are potential violations of trust arrangements; and inaccurate reporting of donations and development activity. Development was previously audited in 1995. Advancement is defined in Educational Fund Raising Principles and Practices as all activities and programs undertaken by an institution to develop understanding and support from all its constituencies in order to achieve its goals in securing such resources as students, faculty, and dollars. These activities and programs include alumni affairs, internal/external communications, government and public relations, enrollment management, and fund raising. This last activity, i.e., fund raising, also known as Development, is an important component of institutional advancement and is the focus of the subject audit. Development is defined as a sophisticated process, which includes a number of stages and operational steps. In very broad terms, the process begins with the institution s academic plan from which specific financial needs and fundraising goals are derived. The next stage includes the identification of gift-giving prospects and the development of programs to cultivate prospect interest in the institution and its needs. Once these initial steps are completed, the institution can begin thinking about fundraising and stewardship, which is the process of carrying out the purposes of the gift and maintaining an effective communication link with the donor. In recent years, it has become apparent to the CSU Board of Trustees, the chancellor s office, and campus Page 2

INTRODUCTION executives that to meet the CSU goals of access to higher education, enhanced educational quality, financial stability, and university accountability, there was an ever-increasing need to supplement state support by growing and strengthening the university advancement function at all 23 campuses. To meet these goals, the Board of Trustees challenged the university presidents to generate external support funding that equaled or exceeded 10 percent of the prior year s net General Fund budget. The total CSU General Fund budget for fiscal year 1998/1999 was $1,961,297,342. For fiscal year 1999/2000, 18 of the 23 campuses met or exceeded the 10-percent goal by generating $304,746,126 in voluntary support (gifts from corporations, foundations, alumni, parents, and others) and special revenue (sponsorships, endowment income, and other income). For this same period, CSU Fullerton reported $14,530,400 in external support, equaling approximately 13 percent of their 1999/2000 net General Fund budget of $113,171,227. OPINION We visited the CSU Fullerton campus from August 13, 2001, through August 29, 2001, and audited the procedures in effect at that time. In our opinion, the administration and management of development activities were adequate to ensure a viable fundraising function except for fundraising reporting, donor notification of administrative fees, and disbursement controls. For the most part, university advancement was in compliance with federal and state regulations in addition to chancellor s office and local directives. Areas in need of improvement are referenced in the executive summary. Page 3

INTRODUCTION EXECUTIVE SUMMARY The purpose of this section is to provide management with an overview of conditions requiring their attention. Areas of review not mentioned in this section were found to be satisfactory. Numbers in brackets [ ] refer to page numbers in the report. CASH AND NONCASH GIFT ADMINISTRATION AND CONTROL [6] GIFTS-IN-KIND [6] Gifts-in-kind (G-I-K) processing and reporting was in need of improvement. Approved and effectively communicated operating policies and procedures assure that authorized and/or necessary tasks are performed and decrease the chance that time is not allocated to minimal or nonexistent risks. FUND EXPENDITURE CONTROL AND DONOR RESTRICTIONS [7] EMPLOYEE EXPENSE REIMBURSEMENTS [7] Personal credit cards were inappropriately used to pay for expenses funded by donations, and the University Advancement Foundation (UAF) practice of allowing payments to credit card companies on behalf of employee personal accounts was inappropriate. Expenses and vendor payments funded by donations are better controlled when personal credit card use is limited and payments to personal credit card accounts are prohibited. SEGREGATION OF DUTIES [9] Disbursement processing duties were not adequately segregated. An adequate separation of duties increases the chance that errors and irregularities will be prevented or detected. REPORTING, RECORD KEEPING, AND INVENTORY CONTROL [10] ANNUAL REPORT [10] The fundraising efforts reported in the 1999-2000 Special Revenue Report (i.e., sponsorships and endowments) and Voluntary Support of Education (VSE) survey were either misstated or overstated. Consistent adherence to system and Council for Advancement and Support of Education (CASE) reporting standards decreases the risk of incorrect reporting and facilitates comparison of external funding achievement among California State University (CSU) campuses. Page 4

INTRODUCTION DONOR RECORDS [12] File cabinets that store donor records were not adequately secured after hours. Adequately secured donor files help safeguard and preserve university information assets. SYSTEM ACCESS SECURITY [12] The system access controls that force users to periodically change their passwords, disable the system after a preset number of unsuccessful sign-on attempts, and time-out the system after a period of terminal inactivity were not enabled. Additionally, an effective system was not in place that would assure that terminated/transferred employees system access privileges were revoked in a timely manner. Establishing and ensuring adequate system access and security controls safeguard the preservation and confidentiality of university advancement information assets. GIFT POLICY COMMITTEE [13] The campus had not established a software gift policy committee. Establishing a software gift policy committee decreases the risk of acceptance of questionable software and/or valuation errors. Page 5

OBSERVATIONS, RECOMMENDATIONS, AND CAMPUS RESPONSES CASH AND NONCASH GIFT ADMINISTRATION AND CONTROL GIFTS-IN-KIND Gifts-in-kind (G-I-K) processing and reporting was in need of improvement. We found that: G-I-K acceptances were not consistently approved in advance by an official campus designee. G-I-K valuations were determined by the donors and accepted by the campus. G-I-K acknowledgment letters included a valuation amount. The campus property coordinator was not always notified when G-I-K were received. G-I-K draft policies and procedures had not been finalized. University advancement draft policies and procedures state that G-I-K are not officially accepted by the university until the vice president of university advancement approves and signs the G-I-K acceptance form. They further state that G-I-K should be valued by the university without regard to the donor s personal estimation of the gift s value. Also, it is the campus policy to exclude the listing of a dollar value of a gift in the thank-you letter. Per university advancement procedures, copies of the G-I-K acceptance forms are forwarded to property management to determine if the gift needs to be tagged and/or inventoried. The executive director of university advancement stated that the advancement office had limited written G-I-K policies and procedures in effect during the audit period. Failure to properly process and report G-I-K increases the risk of misstatement of fundraising activities. Recommendation 1 We recommend that the campus ensure that: a. G-I-K acceptances are approved in advance by an official campus designee. b. G-I-K valuations for campus records be determined by the campus. c. G-I-K acknowledgment letters not include a valuation amount. d. The campus property coordinator be notified when G-I-K are received. e. Draft G-I-K policies and procedures be finalized. Page 6

OBSERVATIONS, RECOMMENDATIONS, AND CAMPUS RESPONSES Campus Response We concur with the recommendation. The University is currently implementing a comprehensive gift acceptance policy that applies to all gifts other than cash and marketable securities. The policy was submitted to the president and his advisory board for approval on April 8. The anticipated implementation date is June 1, 2002, or sooner. In this policy and the related procedures, all of the findings in the audit report related to giftsin-kind are addressed. Until the university s Gift Acceptance Policy is formally adopted, the following has been implemented as interim procedures: Gifts-in-kind are reviewed by the executive director of advancement service to ensure proper acknowledgement. The value assigned to all gifts-in-kind received this fiscal year will be reviewed by the Gifts Acceptance Committee after the gift acceptance policy is formally adopted. While the intent is not to include a valuation of a gift-in-kind in an acknowledgement letter if a qualified appraisal is not available, some donors request an amount be specified. If requested by the donor, we will include the value of the gift in the acknowledgement, but state that the value was determined by the donor. The institution takes no responsibility for the value amount. The campus property coordinator is notified on a timely basis of all gifts-in-kind. FUND EXPENDITURE CONTROL AND DONOR RESTRICTIONS EMPLOYEE EXPENSE REIMBURSEMENTS Personal credit cards were inappropriately used to pay for expenses funded by donations, and the University Advancement Foundation (UAF) practice of allowing payments to credit card companies on behalf of employee personal accounts was inappropriate. A sample selection and review of 30 travel and entertainment disbursements made during fiscal year 2000/2001 disclosed the following: Page 7

OBSERVATIONS, RECOMMENDATIONS, AND CAMPUS RESPONSES Expense Amount Expense Comments Date 8/29/00 $23,253.69 Hotel billing Arizona Debate A campus employee paid the entire hotel bill for both campus and noncampus participants attending the event with a personal credit card. Payment was made by the UAF directly to the employee s personal credit card account. 11/10/00 $2,780.11 Gifts, reception, hotel billing Alumni Event A campus employee used her personal credit card to pay for reception costs and hotel expenses at an alumni gathering. Payment was made by the UAF directly to the employee s personal credit card account. 10/12/00 $840 Office Furniture Payment was made by the UAF directly to the employee s personal credit card account. 4/3/01 $909.50 Airfare - Conference A refund was issued to a separated employee for the cost of nonrefundable tickets purchased with a personal credit card to attend a conference, but were never used. The UAF did not confirm that the ticket was not used or that it could be used to offset future employee travel. Title 5 42401 and 42402 indicate that the campus president shall require that auxiliary organizations operate in conformity with the policy of the Board of Trustees and the campus. One of the objectives of the auxiliary organizations is to provide fiscal procedures and management systems that allow effective coordination of the auxiliary activities with the campus in accordance with sound business practices. Sound business practice mandates that adequate controls be established for the use of personal credit cards and the issuance of payments to vendors. The UAF managing director indicated that the practice of permitting use of personal credit cards and issuing payments to personal credit card accounts of employees was inherited from the prior advancement office management. Use of personal credit cards does not provide the appropriate level of controls for expenses funded by donations. Internal controls are compromised when payments are made directly to employee personal credit card accounts in lieu of issuing reimbursements for fundraising expenses incurred. Recommendation 2 We recommend that the UAF establish, and implement, policies that limit the use of personal credit cards to pay for expenses funded by donations and prohibit payment to employee personal credit card accounts. Page 8

OBSERVATIONS, RECOMMENDATIONS, AND CAMPUS RESPONSES Campus Response We concur with the recommendation. Several steps have been taken to address this issue: Procedures have been implemented to prohibit direct payment to credit card companies for personal accounts. Consistent with university procedures, most development-related state expenditures are now being processed using a university procurement card. In certain cases where cultivation-related expenditures are not permitted to be processed through the state, certain administrators have been issued UAF corporate credit cards for this purpose. SEGREGATION OF DUTIES Disbursement processing duties were not adequately segregated. Our review and evaluation of the UAF disbursement process disclosed that the foundation accountant s responsibilities included reviewing and approving check requests in addition to receiving and distributing vendor checks. Title 5 42401 and 42402 indicate that the campus president shall require that auxiliary organizations operate in conformity with the policy of the Board of Trustees and the campus. One of the objectives of the auxiliary organizations is to provide fiscal procedures and management systems that allow effective coordination of the auxiliary activities with the campus in accordance with sound business practices. Sound business practice mandates that policy and procedures be established to ensure the appropriate segregation of duties and responsibilities. The California State University, Fullerton (CSU Fullerton) Foundation s director of finance and administration and the executive director of university advancement stated that the size of the UAF accounting staff makes it difficult to separate all duties to ensure good internal control. They further advised that the reason for sending the prepared checks back to the UAF accountant was to reduce processing confusion. Inadequate separation of duties increases the risk that errors and irregularities will not be prevented or detected in a timely manner. Recommendation 3 We recommend that the UAF management ensure appropriate segregation of accounting duties or establish effective mitigating controls. Page 9

OBSERVATIONS, RECOMMENDATIONS, AND CAMPUS RESPONSES Campus Response We concur with the recommendation. The day-to-day procedures have been changed to ensure that the accountant will no longer have discrete access to checks after being signed under any circumstances. If the individual who is assigned the responsibility for distributing checks is not available, another individual in university advancement, other than the UAF accountant, will distribute checks. REPORTING, RECORD KEEPING, AND INVENTORY CONTROL ANNUAL REPORT The fundraising efforts reported in the 1999-2000 Special Revenue Report (i.e., sponsorships and endowments) and Voluntary Support of Education (VSE) survey were either misstated or overstated. Our review of the Special Revenue Report disclosed that: A $500,000 grant from the city of Fullerton was incorrectly reported as a sponsorship. A $6.3-million improvement by the city of Santa Ana to a building leased to the CSU Fullerton Foundation was amortized over the ten-year term of the agreement of which $630,000 was incorrectly reported as a sponsorship. Revenue totaling $100,000 from a Sprint Cellular contract was incorrectly reported as a sponsorship. Revenue totaling $491,395 from an interactive television partnership contract was incorrectly reported as a sponsorship. Revenue totaling $34,500 from a donation of computers by the Titan Shops to President Scholars awardees was incorrectly reported as a sponsorship. Revenue totaling $16,707 from a partnership between the alumni association and a national insurance company was incorrectly reported as a sponsorship. Revenue totaling $31,800 from an automatic teller machine service agreement was incorrectly reported as a sponsorship. Page 10

OBSERVATIONS, RECOMMENDATIONS, AND CAMPUS RESPONSES Our review of the VSE survey disclosed that: A charitable trust in the amount of $721,460 was reported in the wrong year. Pledges totaling $60,015 were reported as gifts. Two scholarship checks received at the CSU Fullerton financial aid office totaling $431,620 for the benefit of specific students were incorrectly reported as gifts. Cumulatively, the campus overstated sponsorships in the amount of $1,804,657 on the 1999-2000 Special Revenue Report and overstated gifts in the amount of $1,213,095 on the 1999-2000 VSE survey. The Special Revenue Report defines sponsorship as a specific agreement, normally in writing, between an entity of the university and a corporate outside entity whereby the corporation or organization receives an exchange of value. Examples include, but are not limited to, signage for a specific time period as a result of an agreement to give funds in support of a program(s), equipment for similar purposes, and/or the exclusive right to sell beverages (pouring rights) for a specific time period in exchange for a fee. Council for Advancement and Support of Education (CASE) standards for reporting gifts state, in part, that: The gift income report should include only cash and property received as private, charitable support during the institution s fiscal year. Pledges should not be counted in Parts I and II of the VSE survey of annual fundraising results. If an individual or organization channels funds through the institution to support a student specified by the individual or organization, these funds are not gifts to the institution, and they should not be reported as gift income anywhere in the report. The executive director of university advancement stated that the persons responsible for preparation and submittal of the 1999-2000 Special Revenue Report and VSE survey are no longer employed at the campus, and he had no explanation for the inclusion of the aforementioned amounts as sponsorships and gifts. Inconsistent adherence to CASE and Special Revenue reporting standards increases the risk of incorrect reporting and hinders comparison of external funding achievement among California State University (CSU) campuses. Recommendation 4 We recommend that the campus establish controls to assure that the Special Revenue Report and VSE information are in compliance with systemwide and CASE reporting standards. Campus Response Page 11

OBSERVATIONS, RECOMMENDATIONS, AND CAMPUS RESPONSES We concur with the recommendation. All transactions identified by the audit as being improperly included in the FY2000/01 Special Revenue Report and the VSE (CAE Report) were omitted in FY2001/02. The university s fundraising results were properly reflected in the FY2001/02 reports that were submitted to the chancellor s office. In future years, the university s senior administration including the chief financial officer will review these reports to ensure that gift revenues are properly classified. DONOR RECORDS File cabinets that store donor records were not adequately secured after hours. State Administrative Manual (SAM) 20050 states that one element of a satisfactory system of internal accounting and administrative controls is a plan that limits access to state assets to authorized personnel who require these assets in the performance of their assigned duties. The executive director of university advancement stated that while the files were not locked after business hours, the outer office doors were locked and only custodial, maintenance, and security personnel have key access. Failure to adequately secure donor files jeopardizes the preservation and confidentiality of university advancement information assets. Recommendation 5 We recommend that the campus ensure that donor hardcopy files are adequately secured at the end of each business day. Campus Response We concur with the recommendation. Procedures have been implemented to lock the file cabinets containing donor files as noted in the audit finding at the end of each business day. SYSTEM ACCESS SECURITY The system access controls that force users to periodically change their passwords, disable the system after a preset number of unsuccessful sign-on attempts, and time-out the system after a period of terminal inactivity were not enabled. Additionally, an effective system was not in place that would assure that terminated/transferred employees system access privileges were revoked in a timely manner. Page 12

OBSERVATIONS, RECOMMENDATIONS, AND CAMPUS RESPONSES SAM 4819.31 requires state agencies to protect the integrity of its information management capabilities and database and ensure the security and confidentiality of the information it maintains. The director of advancement systems and services stated that forced password change control was not configured into the donor database system and would require program changes to be made. She further stated that a limit on the number of unsuccessful logons was set at 20 to 30 attempts and needed review. In addition, she stated that the nondisclosure agreement signed by employees granting system access included a requirement that all system users minimize their screens or log off the system during extended periods of terminal inactivity. Finally, she indicated that the lack of a timely notification by the human resources office resulted in untimely removal of terminated/transferred employees system access privileges. Failure to establish and ensure adequate system access and security controls increases the risk that university advancement information assets will be compromised. Recommendation 6 We recommend that the campus establish or enable system controls to ensure that: a. Passwords are periodically changed. b. Terminals are logged out after a predetermined period of inactivity. c. System users are logged out after a predetermined number of failed sign-on attempts. d. Terminated and transferred employees system access privileges are revoked in a timely manner. Campus Response We concur with the recommendation. A special program has been written and implemented to ensure that individuals are logged out of the donor information system after 60 minutes of inactivity and a logon ID is invalidated after five failed sign-on attempts. A comprehensive policy is substantially completed that addresses all aspects of security related to the donor system. The procedures for periodically changing passwords and the procedures for identifying and terminating access to employees are addressed in this policy. This policy will be implemented by June 1, 2002. GIFT POLICY COMMITTEE The campus had not established a software gift policy committee. The CSU Gifts of Software Policy and Procedures, dated June 1999, states that all campuses shall create a gift policy committee whose role will be to implement the systemwide policies for accepting, valuing, and reporting gifts of software and review and approve software valuations. Page 13

OBSERVATIONS, RECOMMENDATIONS, AND CAMPUS RESPONSES The executive director of university advancement stated that he was in the process of drafting a software gift policy statement and identifying campus persons to serve on the committee. Failure to establish a software gift policy committee increases the risk of acceptance of questionable software and/or valuation errors. Recommendation 7 We recommend that the campus establish a software gift policy committee. Campus Response We concur with this recommendation. The gift acceptance policy and related procedures noted in Recommendation 1 incorporate specific language related to gifts of computer software that implements the CSU Gifts of Software Policy and Procedures, dated June 1, 1999. Page 14

APPENDIX A: PERSONNEL CONTACTED Name Milton A. Gordon Patricia Boggs Darren Boyett Karen Bushman Pearl Cheng Julie Chung Justin Gehrls Willie Hagan Mary Jacobson Tracy Kitchel Bob May Sherri Newcomb Tom Popplewell Gail Tucker Ira Unterman Title President Executive Director, Alumni Relations Gift Administrator Director, Advancement Systems and Services Director, Finance and Administration, CSU Fullerton Foundation Accountant, University Advancement Foundation Managing Director, University Advancement Foundation Interim Vice President, University Advancement Associate Vice President, University Advancement Assistant Director of Development, Athletics Senior Director of Development Chief Financial Officer Executive Director, University Advancement Associate Director, Alumni Relations Director of Development

2024 © careersdocbox.com Privacy Policy | Terms of Service | Feedback