The Department of Internal Auditing (DIA) has conducted an audit of Criminal Justice Information Sharing (CJIS) for the period January 1, 2023 – December 31, 2023. Our main objectives were:
-
To assess the effectiveness and adequacy of policy, procedures, and controls in mitigating the risk for the CJIS subscriber services.
-
Evaluate compliance with Homeland Security related policies.
-
Assess the adequacy, completeness, and accuracy of the subscriber fee or court revenue process.
To accomplish our objectives DIA:
-
Met with management of Public Safety and Justice Services (PSJS)-Fiscal and the Sheriff’s Office.
-
Documented their processes and identified the related controls.
-
Reviewed existing contracts for CJIS services to identify relevant contract compliance requirements and for best practices regarding security policies.
-
Reviewed procedures and controls to assess the effectiveness in mitigating the risks associated with revenue remittance.
-
Evaluated accounting of CJIS Enterprise Fund.
Our audit procedures disclosed contract non-compliance and internal control weaknesses and/or areas of potential process improvement related to:
-
Compliance and monitoring controls on contracted services for the CJIS program.
-
Lack of supporting documentation and procedures related to revenue remittance from municipalities
-
Lack of policies and procedures
-
Stagnant cash balance of the CJIS enterprise fund
-
Potential for unallowed payroll expenditures in the CJIS Fund.