Subject: Audit Report 17-37, Emergency Management, California State University, Bakersfield

Similar documents
Subject: Audit Report 16-48, Emergency Management, California State University, Fullerton

Subject: Audit Report 16-45, Emergency Management, San José State University

Any observations not included in this report were discussed with your staff at the informal exit conference and may be subject to follow-up.

Subject: Audit Report 16-47, Emergency Management, California State University, East Bay

Subject: Audit Report 17-44, Athletics Fund-Raising, California State University, Bakersfield

Any observations not included in this report were discussed with your staff at the informal exit conference and may be subject to follow-up.

THE CALIFORNIA STATE UNIVERSITY

Subject: Audit Report 17-31, Student Organizations, California State University, Los Angeles

Subject: Audit Report 17-29, Police Services, California State University Maritime Academy

Any observations not included in this report were discussed with your staff at the informal exit conference and may be subject to follow-up.

Subject: Audit Report 16-14, Spartan Complex Renovation, San Jose State University

Steve Relyea 401 Golden Shore, 5th Floor Executive Vice Chancellor and

Subject: Audit Report 17-25, Cashiering, California Polytechnic State University, San Luis Obispo

Subject: Audit Report 16-13, Student Housing Phase II, California State University, Northridge

Subject: Audit Report 17-75, Extended Learning Building, California State University, Northridge

Subject: Audit Report 17-74, Taylor II Replacement Building, California State University, Chico

Any observations not included in this report were discussed with your staff at the informal exit conference and may be subject to follow-up.

Steve Relyea Executive Vice Chancellor and Chief Financial Officer. Audit Report 18-67, Sponsored Programs Post Award, Office of the Chancellor

EMERGENCY PREPAREDNESS CALIFORNIA STATE UNIVERSITY, SAN MARCOS. Audit Report October 22, 2009

EMERGENCY PREPAREDNESS SAN FRANCISCO STATE UNIVERSITY. Audit Report September 3, 2009

Subject: Audit Report 18-16, Student Health Services, California State University San Marcos

THE CALIFORNIA STATE UNIVERSITY

SPONSORED PROGRAMS POST AWARD CALIFORNIA POLYTECHNIC STATE UNIVERSITY, SAN LUIS OBISPO. Audit Report February 4, 2014

_csu ~~cto~~ MEMORANDUM. ~ The California State University ~ OFFICE OF THE CHANCELLOR. Code: AA

EMERGENCY PREPAREDNESS CALIFORNIA STATE UNIVERSITY, CHICO. Audit Report January 7, 2010

Fall 2016 California State University CCC Roundtable. CSU Office of the Chancellor

DISASTER AND EMERGENCY PREPAREDNESS SONOMA STATE UNIVERSITY. Audit Report October 25, 2006

THE CALIFORNIA STATE UNIVERSITY

August 21, CSU Directors of Financial Aid. Interim Assistant Vice Chancellor. Final Financial Aid Database Report

THE CALIFORNIA STATE UNIVERSITY

The California State University Office of Audit and Advisory Services CSU SCHOLARSHIPS. San José State University

The California State University Office of Audit and Advisory Services CSU CLERY ACT. California State University, East Bay

University of San Francisco EMERGENCY OPERATIONS PLAN

APPLYING TO THE UNIVERSITIES

The California State University Office of Audit and Advisory Services CSU CLERY ACT. San Diego State University

The California State University OFFICE OF THE CHANCELLOR

CSU CONSTRUCTION. The California State University Office of Audit and Advisory Services. California State University, East Bay

CSU COLLEGE REVIEWS. The California State University Office of Audit and Advisory Services. California State University, Sacramento

CSU COLLEGE REVIEWS. The California State University Office of Audit and Advisory Services. California State Polytechnic University, Pomona

Dia S. Poole 401 Golden Shore, 6th Floor President Long Beach, CA cell

DISASTER AND EMERGENCY PREPAREDNESS CALIFORNIA STATE POLYTECHNIC UNIVERSITY, POMONA. Report Number October 31, 2006

Five-Year Facilities Renewal and Capital Improvement Plan (Five-Year Plan) to

CSU CONSTRUCTION. The California State University Office of Audit and Advisory Services. California State Polytechnic University, Pomona

FACILITIES MANAGEMENT CALIFORNIA STATE UNIVERSITY, CHANNEL ISLANDS. Audit Report June 12, 2012

San Francisco State University Multi-Hazard Emergency Operations Plan August Preparedness Response Recovery Mitigation

Administrative Procedure

INTERNATIONAL PROGRAMS HUMBOLDT STATE UNIVERSITY. Audit Report July 26, 2013

CSUF & Telecommuting. An analysis of the potential application of telecommuting practices at CSUF

THE CALIFORNIA STATE UNIVERSITY

NOTICE OF AVAILABILITY TIERED DRAFT ENVIRONMENTAL IMPACT REPORT FOR THE SAN FRANCISCO STATE UNIVERSITY CREATIVE ARTS & HOLLOWAY MIXED-USE PROJECT

DEVELOPMENT CALIFORNIA STATE UNIVERSITY, LOS ANGELES. Report Number November 14, 2002

Emergency Operations Plan Rev

DISASTER AND CONTINGENCY PLANNING CALIFORNIA STATE UNIVERSITY, FULLERTON. Report Number January 30, 2004

THE CALIFORNIA STATE UNIVERSITY

Trustees of the California State University. Resolutions

CONTRACTS AND GRANTS SAN DIEGO STATE UNIVERSITY. Report Number December 17, 2001

City of Santa Monica SEMS/NIMS Multi Hazard Functional Emergency Plan 2013

Emergency Preparedness Challenges Facing Long Term Care

STUDENT HEALTH SERVICES SAN JOSÉ STATE UNIVERSITY. Audit Report December 9, 2013

TUSTIN HIGH SCHOOL Senior Counseling Workshop

2.0 STANDARDIZED EMERGENCY MANAGEMENT

National Preparedness Goal Project

8.3% Transferred to university & no longer enrolled (n = 18) Figure 1. Transfer status of students who graduated with transfer degrees during

CITY OF SAN RAMON STRATEGIC PLAN FOR THE CITY OFFICE OF EMERGENCY SERVICES JANUARY 07, 2007

URBAN SHIELD OVERVIEW

Business Continuity Planning (BCP) Master Depository

AUXILIARY ORGANIZATIONS

AUXILIARY ORGANIZATIONS CALIFORNIA STATE UNIVERSITY, EAST BAY. Audit Report June 18, 2014

Student Services II: Educational Opportunity Program (EOP) & Foster Youth Programs. Fall 2014 High School & Community College Counselor Conference

The EOPs do not address day-to-day operations.

Associate Degrees for Transfer Awarded in Academic Year May 2017

Welcome to the self-study Introductory Course of the:

De Anza College Office of Institutional Research and Planning

POLICE SERVICES CALIFORNIA STATE UNIVERSITY, SAN BERNARDINO. Audit Report August 11, 2008

AGENDA COMMITTEE ON CAMPUS PLANNING, BUILDINGS AND GROUNDS

CONSTRUCTION CALIFORNIA POLYTECHNIC STATE UNIVERSITY, SAN LUIS OBISPO RECREATION CENTER EXPANSION. Audit Report April 30, 2013

Tuition&Fees. InPublic HigherEducation DetailedTuition& FeesTables

% Pass. % Pass. # Taken. Allan Hancock College 40 80% 35 80% % % %

TRUSTEES OF THE CALIFORNIA STATE UNIVERSITY

PART ONE: The Basic Plan

AUXILIARY ORGANIZATIONS

AUXILIARY ORGANIZATIONS SAN FRANCISCO STATE UNIVERSITY. Audit Report July 21, 2012

University of Maryland Baltimore Emergency Management Plan Version 1.7

Emergency Operations Plan Basic Plan

FINANCIAL AID CALIFORNIA STATE UNIVERSITY, CHICO. Audit Report November 14, 2011

CONSTRUCTION CALIFORNIA STATE UNIVERSITY, SAN BERNARDINO COLLEGE OF EDUCATION. Audit Report January 4, 2010

Emergency Operations Plan

CSUPERB Proposal Writing Workshop

AGENDA COMMITTEE ON CAMPUS PLANNING, BUILDINGS AND GROUNDS. Meeting: 12:45 p.m. Tuesday, September 18, 2007 Glenn S.

CONTRACTS AND GRANTS SAN FRANCISCO STATE UNIVERSITY. Report Number April 22, 2002

PRELIMINARY Capital Outlay Program 2018/2019

Review of the Status of Auxiliary Organizations in the California State University

POLICE SERVICES CALIFORNIA STATE UNIVERSITY, BAKERSFIELD. Audit Report January 23, 2009

2018 CALIFORNIA PLANNING FOUNDATION SCHOLARSHIP PROGRAM

AGENDA COMMITTEE ON INSTITUTIONAL ADVANCEMENT

Northern Arizona University Emergency Operations Plan 2011

Training & Exercise Unit

HACU MEMBER INSTITUTIONS BY CONGRESSIONAL DISTRICT

Leveraging the Microsoft Azure Cloud How your VAR can help?

Mass Transportation/Evacuation Tabletop Exercise August 21, 2013

Transcription:

Larry Mandel Vice Chancellor and Chief Audit Officer Office of Audit and Advisory Services 401 Golden Shore, 4th Floor Long Beach, CA 90802-4210 562-951-4430 562-951-4955 (Fax) lmandel@calstate.edu June 26, 2017 Dr. Horace Mitchell, President California State University, Bakersfield 9001 Stockdale Highway Bakersfield, CA 93311-1022 Dear Dr. Mitchell: Subject: Audit Report 17-37, Emergency Management, California State University, Bakersfield We have completed an audit of Emergency Management as part of our 2017 Audit Plan, and the final report is attached for your reference. The audit was conducted in accordance with the Institute of Internal Auditors International Standards for the Professional Practice of Internal Auditing. I have reviewed the management response and have concluded that it appropriately addresses our recommendations. The management response has been incorporated into the final audit report, which has been posted to the Office of Audit and Advisory Services website. We will follow-up on the implementation of corrective actions outlined in the response and determine whether additional action is required. Any observations not included in this report were discussed with your staff at the informal exit conference and may be subject to follow-up. I wish to express my appreciation for the cooperation extended by the campus personnel over the course of this review. Sincerely, Larry Mandel Vice Chancellor and Chief Audit Officer c: Timothy P. White, Chancellor CSU Campuses Bakersfield Channel Islands Chico Dominguez Hills East Bay Fresno Fullerton Humboldt Long Beach Los Angeles Maritime Academy Monterey Bay Northridge Pomona Sacramento San Bernardino San Diego San Francisco San José San Luis Obispo San Marcos Sonoma Stanislaus

CSU The California State University Office of Audit and Advisory Services EMERGENCY MANAGEMENT California State University, Bakersfield Audit Report 17-37 May 26, 2017

EXECUTIVE SUMMARY OBJECTIVE The objectives of the audit were to ascertain the effectiveness of administrative and operational controls for emergency management and to ensure compliance with relevant governmental regulations; Trustee policy; Office of the Chancellor directives; campus procedures; and, where appropriate, federal guidance and industry-accepted standards. CONCLUSION Based upon the results of the work performed within the scope of the audit, a few specific control weaknesses were noted; generally, however, controls were adequate, appropriate, and effective to provide reasonable assurance that risks were being managed and objectives were met. Overall, we found that the campus had an appropriate framework for emergency management, adequate emergency resources, and regularly scheduled emergency exercises. The campus emergency operations manager, the chief of police, recently strengthened the campus emergency management program by implementing an updated emergency operations plan (EOP) for emergency management. However, we found that components of the existing campus emergency management program needed to be updated. Specifically, we found that the campus EOP was not fully finalized and approved by the campus president, roles and responsibilities relating to emergency preparedness at off-site campus locations were unclear, and emergency training for emergency operations center (EOC) team members was not always completed. We also identified opportunities for improvement relating to the campus building marshal program and documentation and review of emergency exercises. Specific observations, recommendations, and management responses are detailed in the remainder of this report. Audit Report 17-37 Office of Audit and Advisory Services Page 1

OBSERVATIONS, RECOMMENDATIONS, AND RESPONSES 1. BUILDING MARSHAL PROGRAM OBSERVATION The campus building marshal program needed improvement. We found that: Building marshals did not always attend annual training. We reviewed training records for 11 building marshals, and we found that five did not attend training sessions in 2015 and 2016. The building marshal listing was incomplete and outdated. Specifically, four building marshal positions were vacant, one building marshal on the list was no longer working for the campus, and one building marshal on the list no longer held the position. Maintaining an effective building marshal program helps to ensure the safety of employees, students, and visitors in the event of an emergency. RECOMMENDATION We recommend that the campus: a. Evaluate and update the current process of providing and tracking building marshal training to ensure that building marshals receive required training at least once per year. b. Fill any vacant positions and update the building marshal listing to include only active building marshals. MANAGEMENT RESPONSE The campus will enhance its policy, including attendance-tracking related to building marshal training. Campus management will explore approaches and incentives to inspire attendance at scheduled trainings. This process will be implemented by November 24, 2017. As of June 1, 2017, all vacancies have been filled. A process will be created and implemented biannually to confirm the accuracy of the building marshal s roster. The new process will be implemented by September 1, 2017. 2. EMERGENCY OPERATIONS PLAN OBSERVATION The campus EOP had not been updated on an annual basis, and the most current completed version of the plan was dated 2009. Audit Report 17-37 Office of Audit and Advisory Services Page 2

We found that the campus had completed updates to the EOP during our audit fieldwork; however, the draft plan was not fully finalized, nor was it approved by the campus president. A current and comprehensive EOP provides assurance that the campus can effectively respond to emergencies and decreases the risk of loss and injury to the campus community. RECOMMENDATION We recommend that the campus finalize the draft EOP, obtain the approval of the campus president, and distribute the finalized version to the EOC team. MANAGEMENT RESPONSE The campus will have the draft EOP approved and distributed to the EOC team by November 24, 2017. 3. OFF-SITE LOCATIONS OBSERVATION Roles and responsibilities relating to emergency preparedness at off-site campus locations were unclear. We reviewed two off-site locations whose operations were not covered under the main campus EOP, and we found that both locations had written procedures in place that had not been shared with the campus emergency manager. Additionally, it was unclear whether California State University, Bakersfield (CSUB) staff and students residing at both locations were required to participate in emergency exercises at the off-site locations. Addressing emergency response protocols and processes for off-site locations increase safety and provide assurance that the campus would be able to effectively respond in the event of an emergency occurring when employees or students are participating in campus activities in buildings or areas outside of the main campus. RECOMMENDATION We recommend that the campus: a. Determine who is responsible for ensuring that off-site locations have the appropriate emergency procedures in place, including emergency exercises. b. Maintain emergency procedures for these locations centrally or incorporate them in the campus EOP so they can be easily referenced in the event of an emergency. MANAGEMENT RESPONSE A responsible individual will be identified at each off-site location. In addition, emergency procedures and emergency exercises will be established for each off-site location. Upon Audit Report 17-37 Office of Audit and Advisory Services Page 3

completion of an evacuation and/or emergency drill, the responsible off-site individual will confirm compliance and communicate the outcome of the evacuation and/or emergency drill to the campus emergency manager. A copy of the emergency procedures for off-site locations will be provided to the campus emergency manager for recordkeeping purposes and stored at the campus EOC office. This will be finalized by October 1, 2017. 4. SPECIALIZED EMERGENCY PREPAREDNESS TRAINING OBSERVATION EOC team members did not always complete specialized training, as required by systemwide and campus policies. We found that although the campus required EOC team members to complete certain Federal Emergency Management Agency (FEMA) courses, not all employees completed the training. Also, there was no method to escalate instances of noncompliance to appropriate management. Completing and documenting specialized emergency training ensures that emergency team members will be properly prepared to respond to an emergency situation, increases safety, and reduces the risk of noncompliance with campus and California State University (CSU) requirements. RECOMMENDATION We recommend that the campus create a process to follow up on noncompletion of specialized training for EOC team members and escalate instances of noncompliance to appropriate management. MANAGEMENT RESPONSE A method will be developed to follow-up on noncompletion of specialized training for EOC team members, including the escalation of instances of noncompliance to appropriate management. This process will be implemented by October 1, 2017. 5. EMERGENCY EXERCISES OBSERVATION Documentation and review of emergency exercises needed improvement. We reviewed 13 emergency exercises that took place from 2015 to 2017, and we found that after-action reports or similar documentation of lessons learned were not prepared for six exercises. Additionally, we noted that only one of the 13 exercises included documentation Audit Report 17-37 Office of Audit and Advisory Services Page 4

indicating that the corrective actions identified in after-action reports for emergency exercises were communicated to emergency management team members for review and follow-up. Preparing after-action reports and following up on identified corrective actions provides assurance that lessons learned and deficiencies noted while conducting emergency exercises are recognized and corrected and strengthens the campus ability to effectively respond in the event of an emergency. RECOMMENDATION We recommend that the campus: a. Prepare after-action reports or similar documentation of lessons learned for all emergency exercises. b. Communicate after-action reports with the emergency management team and develop a process to follow up on identified corrective actions. MANAGEMENT RESPONSE The campus will create an after-action template for emergency exercises. In addition, a process will be formulated to communicate with the emergency management team and develop a course to follow-up on identified corrective actions. This process will be completed by September 1, 2017. Audit Report 17-37 Office of Audit and Advisory Services Page 5

GENERAL INFORMATION BACKGROUND The CSU consists of 23 campuses, with approximately 474,600 students and more than 49,000 faculty and staff. Each campus is responsible for the safety and general welfare of all members of the campus community. Because emergencies and disasters can occur with little to no warning and encompass a wide range of events, including earthquakes, fires, activeshooter situations, pandemics, protests or riots, and other natural and manmade disasters, it is critical that campuses plan ahead so that when emergencies happen, an appropriate response can be coordinated. The president of each CSU campus has been delegated responsibility for the implementation and maintenance of the campus emergency management program. FEMA is the federal agency that leads the country in preparing for, preventing, responding to, and recovering from disasters. FEMA emphasizes the use of hazard mitigation planning to reduce the loss of life and property due to natural and other hazard risks and publishes a number of emergency planning guides, including Building a Disaster Resistant University and the Guide for Developing High-Quality Emergency Operations Plans for Institutions of Higher Education. The Department of Education (DOE) and the National Fire Protection Agency (NFPA) have also developed relevant federal guidance for emergency management programs. On February 28, 2003, the president of the United States issued Homeland Security Presidential Directive 5, Management of Domestic Incidents, which directed that the National Incident Management System (NIMS) be developed. NIMS provides a common approach to managing incidents that allows government departments and agencies, nongovernmental organizations, and the private sector to work together. NIMS requires the use of a standard organizational framework, the Incident Command System (ICS), for incident response. Federal departments and agencies, as well as state, local, and tribal governments, are required to fully comply with NIMS and adopt ICS to receive federal preparedness funding and grants. The cornerstone of California s emergency response system is the Standardized Emergency Management System (SEMS), which state agencies are required by law to use when responding to emergencies involving multiple jurisdictions or agencies. Key components of SEMS, codified in Government Code 8607, include the use of ICS, multiagency coordination, mutual aid, and defined operational areas. SEMS was developed as a result of the 1991 East Bay Hills fire in Oakland, which drew attention to the need for better coordination among emergency services responders. As a result of federal and state regulations, all CSU campuses are required to incorporate NIMS, SEMS, and ICS into their emergency management program. Executive Order (EO) 1056, California State University Emergency Management Program, defines the key components of an effective campus emergency management program. At the systemwide level, the Office of Risk Management (ORM) has administrative oversight and programmatic responsibility for the emergency management function and coordinates the Emergency Coordinators working group, an advisory body for CSU systemwide emergency management. In 2014, ORM commissioned an outside consultant to review campus emergency management plans. Audit Report 17-37 Office of Audit and Advisory Services Page 6

SCOPE At CSUB, the emergency operations manager is responsible for overseeing the campus emergency preparedness program and advising university administrators and executives on disaster preparedness, response, and recovery issues. The emergency operations manager is the chief of police, who reports to the vice president of business and administrative services, who is also the emergency executive responsible for overseeing the campuswide emergency management program. The campus emergency preparedness program includes maintaining the EOP, training the emergency management team, executing the building marshal program, stocking and maintaining an adequate EOC, and scheduling and providing emergency training and exercises. Additionally, the campus has an advisory council, the Emergency Preparedness Advisory Committee, that includes various campus stakeholders from areas such as the police department, academic affairs, campus programming, safety and risk management, facilities, athletics, student health, and housing, in order to encourage cross-unit leadership, coordination, direction, and priority-setting for campuswide emergency management activities. We visited the CSUB campus from February 27, 2017, through April 14, 2017. Our audit and evaluation included the audit tests we considered necessary in determining whether administrative and operational controls are in place and operative. The audit focused on procedures in effect from January 1, 2015, through April 14, 2017. Specifically, we reviewed and tested: Emergency management administration and organization, including clear lines of organizational authority and responsibility, and current and comprehensive policies and procedures. The emergency operations plan and event-specific annexes, including integration of SEMS, NIMS, and ICS components, and considerations for special populations on campus such as international students, students and personnel with limited English proficiency, and people with access and functional needs. The emergency operations center, emergency equipment, and related emergency supplies and resources. Coordination with other agencies, including mutual aid and assistance. The effectiveness of the building marshal or similar program and evacuation procedures and drills. Emergency management training for new hires and emergency management team members. Testing and drills for emergency communication systems and emergency incidents, and the preparation of appropriate after-action reports. As a result of changing conditions and the degree of compliance with procedures, the effectiveness of controls changes over time. Specific limitations that may hinder the effectiveness of an otherwise adequate system of controls include, but are not limited to, resource constraints, faulty judgments, unintentional errors, circumvention by collusion, and Audit Report 17-37 Office of Audit and Advisory Services Page 7

CRITERIA AUDIT TEAM management overrides. Establishing controls that would prevent all these limitations would not be cost-effective; moreover, an audit may not always detect these limitations. Our testing and methodology, which was designed to provide a review of key administrative and operational controls, included interviews, walkthroughs, and detailed testing on certain aspects of the campus emergency operations program. Our review was limited to gaining reasonable assurance that essential elements of the campus emergency management program were in place and did not examine all aspects of the program. Our audit was based upon standards as set forth in federal and state regulations and guidance; CSU Board of Trustee policies; Office of the Chancellor policies, letters, and directives; campus procedures; and other sound administrative practices. This audit was conducted in conformance with the Institute of Internal Auditors International Standards for the Professional Practice of Internal Auditing. This review emphasized, but was not limited to, compliance with: EO 943, University Health Services EO 1056, California State University Emergency Management Program Coded memorandum Human Resources 2004-10, Mutual Aid 20 United States Code 1092(f), Higher Education Opportunity Act Code of Federal Regulations Title 28, Part 36, American Disabilities Act Code of Federal Regulations Title 29, Part 1910, Occupational Safety and Health Standards DOE, Action Guide for Emergency Management at Institutions of Higher Education FEMA, Guide for Developing High-Quality Emergency Operations Plans for Institutions of Higher Education NFPA 1600, Standard on Disaster/Emergency Management and Business Continuity/ Continuity of Operations Programs Government Code 8607 Government Code 13402 and 13403 CSUB Emergency Operations Plan CSUB Emergency Response Guide Senior Director: Michelle Schlack Audit Manager: Caroline Lee Senior Auditor: Rick Pyles Internal Auditor: Christina Fennell Audit Report 17-37 Office of Audit and Advisory Services Page 8

2024 © careersdocbox.com Privacy Policy | Terms of Service | Feedback