State & Local Reports

The Department of Internal Auditing (DIA) has conducted an audit of the general internal controls of Office of Homeless Services (OHS) subrecipient and provider monitoring, for the period of January 1, 2019 through December 31, 2019. The main objective was to conduct an audit of OHS’s monitoring and approval controls in place related to subrecipients and providers of OHS’s services. Controls were assessed and reviewed to ensure disbursement of funds were accurate, approved, and in compliance with agreements in place. To accomplish the objective, DIA conducted interviews with management and staff in regards to the subrecipient and provider monitoring process in OHS to document the effectiveness of controls in place. Also, DIA reviewed efficiency of operations, and documented policies and procedures, conducted control and substantive testing, reviewed internal controls, and reconciled transactions and services to invoices and contract requirements. Recommendations were made including that OHS should adhere to Fiscal procedure requirements regarding monitoring HUD grant sub-recipients, and assure that there is an invoice and proof of payment for all requested reimbursement payments. Also, DIA recommended that OHS should require that all subrecipients show the allocation of expenditures that is requested for County reimbursements, and the reason for any reversals or adjustments noted in the support documentation if there is a variance between what is requested by a subrecipient on the Agency Reimbursement Request Form and what the County is actually paying.

The Office of Inspector General (OIG) conducted an audit of the data privacy and cybersecurity of the Chicago Department of Public Health’s (CDPH) COVID-19 contact tracing program. Contact tracing is a disease control strategy that involves identifying persons diagnosed with COVID-19 and their contacts, then working with these individuals to stop further transmission. CDPH developed an electronic case management tool to support the work of its COVID-19 contact tracing teams. The COVID-19 Assessment and Response Electronic System (CARES) is a cloud-based data system that allows contact tracers to gather, organize, and store information so the Department can provide support to persons diagnosed with the disease and interrupt the spread of the virus by notifying their close contacts .The objective of the audit was to determine if CDPH managed privacy and cybersecurity risks associated with the collection, storage, and transmittal of COVID-19 contact tracing data in accordance with the City of Chicago’s Information Security and Technology Policies (ISTP) and the United States Centers for Disease Control and Prevention (CDC) guidance.OIG concluded that CDPH’s COVID-19 contact tracing program mitigates data privacy and cybersecurity risks. Although certain improvements to policies and procedures would encourage consistent and timely application of the security measures, the Department’s efforts to safeguard data suggest that the public’s personal information will be protected.OIG found that the electronic case management tool, CARES, meets the cybersecurity and access control requirements of the City’s ISTP. However, CDPH did not consistently remove terminated users’ access to CARES within seven days, in accordance with ISTP timeliness standards. We found that training for contact tracers aligns with the City’s ISTP and includes several elements to develop awareness of data privacy and information security principles. We also found that contact tracers notify patients and contacts that their information will remain confidential and secure, and obtain consent before proceeding. However, contact tracers do not tell patients and contacts how long the City will retain their information. CDPH also has policies to mitigate risks when exchanging confidential information through electronic communication, and policies to designate persons responsible for approving data requests.

What Was Performed? An Examination of the Caesar Rodney School District’s Schedule of Construction Projects for Fiscal Year Ended June 30, 2019, was performed.Why This Engagement? School construction examination engagements are performed to determine compliance with Delaware Code, the State of Delaware Department of Education School Construction Technical Assistance Manual, and the State of Delaware Budget and Accounting Policy Manual. This engagement was performed in accordance with 29 Del. C. §7526 and examines Bond Bill construction project expenditures incurred by the school district. What Was Found? It is my pleasure to report this engagement contained an unmodified opinion.1 In addition, our examination includes three findings required to be reported under Government Auditing Standards:• The district erroneously omitted $1,801,073 in prior year expenditures from the Schedule of Construction Projects. This error has been corrected, and the Schedule is presented correctly in this report.• The district did not have Supervisor of Facilities Management approval on one of 13 purchase orders tested. That purchase order was for $3,676,287.• Four of 13 purchase orders tested were missing contract numbers. Those four purchase orders totaled $11,503,473.The School Construction: Caesar Rodney School District engagement report can be found on our website.

What Was Performed? An Examination of the New Castle County Vocational Technical School District’sSchedule of Construction Projects for Fiscal Year Ended June 30, 2019, was performed.Why This Engagement? School construction examination engagements are performed to determinecompliance with Delaware Code, the State of Delaware Department of Education School ConstructionTechnical Assistance Manual, and the State of Delaware Budget and Accounting Policy Manual. Thisengagement was performed in accordance with 29 Del. C. §7526 and examines Bond Bill constructionproject expenditures incurred by the school district.What Was Found? It is my pleasure to report this engagement contained an unmodified opinion.1Therewere no findings or observations included in the report.The Fiscal Year Ended June 30, 2019, Statewide School Districts’ Construction Projects ExaminationEngagements for New Castle County Vocational Technical School District can be found on our website.

The purpose of this audit was to identify potential improper payments the Louisiana Workforce Commission made to incarcerated individuals who, according to LWC policy and state law, were ineligible to qualify for Unemployment Insurance and federally funded COVID-19 pandemic-related unemployment assistance programs. We found that LWC made approximately $6.2 million in State and Federal UI payments to 1,195 incarcerated individuals who do not appear to have been eligible for the benefits. We found that 81 percent identified through this analysis qualified through the Federal UI program designed for contractors and gig (occasional) workers, which was created as a part of CARES Act. Contract and gig workers’ income is not reported to LWC by employers, since these individuals are not classified as employees. As a result, LWC does not have electronic wage data to use for eligibility purposes and instead must rely upon the amount of income reported by the applicant on their application for unemployment benefits in order to make eligibility determinations.

This report describes the overall results and conclusions for the areas we examined related to the Unemployment Tax and Benefits (UTAB) system’s application and general information technology (IT) controls. In most of the areas we examined, controls were not adequately designed and implemented to provide reasonable assurance of complete, accurate, secure and available data.

This report builds on prior analyses and the results of a body of work published since the beginning of the pandemic to assess the role of the COVID-19 mitigation policy in reducing the impacts of COVID-19 on different populations across the United States and, specifically, in Washington D.C., Maryland, and Virginia.

The purpose of this audit was to provide information on Louisiana’s response to COVID19 in nursing facilities. We found that nursing facilities in Louisiana faced staffing challenges throughout the COVID-19 pandemic because of staff exposure to COVID-19, illness, or the need to care for family members

This special report provides information to assist Berkeley’s leaders in navigating the financial challenges ahead. We conducted interviews and reviewed data from government finance and budget officials to compile information on estimates of how the COVID-19 pandemic will affect the local economy and Berkeley’s revenues and expenditures; and Considerations from government finance and budget officials for the City Manager and Council to inform decisions about how to manage resources as revenues decline and expenditures increase.