Office of Internal Audit 800 W. Campbell Rd. SPN 32, Richardson, TX Phone Fax January 23, 2017

Similar documents
THE UNIVERSITY OF TEXAS AT DALLAS Office of Internal Audit 800 West Campbell Rd., ROC 32, RICHARDSON, TX (972)

The University of Texas at Tyler. Contract Administration Audit

Michael R. Shriner Vice President, Business Operations and Facilities

Contract Management Handbook. Texas Government Code, Title 10, Subtitle F, Chapter Statewide Contract Management

Internal Audit Annual Report Fiscal Year 2015

Procurement Card Continuous Auditing

Non-PO Purchases Audit

The Texas A&M University System Internal Audit Department MONTHLY AUDIT REPORT

The University of Texas Southwestern Medical Center Institutional Review Board Oversight Audit. Internal Audit Report 14:07

A REPORT FROM THE OFFICE OF INTERNAL AUDIT

Topics. Current Environment and Relevant Risks. Speakers. Contract and Compliance Monitoring Building a Successful Program

OBSERVATIONS, RECOMMENDATIONS, AND RESPONSES

The University of Texas at Tyler. Procurement and Travel Card Audit

Office of Internal Audit

Internal Audit. Audit of Procurement and Contracting

Seattle Public Schools Office of Internal Audit. Internal Audit Report Construction Management Practices

Seattle Public Schools The Office of Internal Audit

Performance Audit: Annual Contract Administration

Monitoring and Oversight Standards and Guidelines

College of Engineering and Computer Science Dean's Office

Department of Transportation Maryland Aviation Administration

Office of the City Auditor. Committed to increasing government efficiency, effectiveness, accountability and transparency

CENTRALIZED PURCHASING

Internal Audit Report. Contract Administration TxDOT Office of Internal Audit

THE UNIVERSITY OF TEXAS-PAN AMERICAN OFFICE OF AUDITS & CONSULTING SERVICES. Department of Communication Report No

Athletics: Student Welfare And Employee Conduct

UT Dallas Annual Internal Audit Report FY 2012

CITY OF CORPUS CHRISTI

Procurement Management Internal Audit

1) Please share the last years expenditure under this contract. Answers: LIPA expects to spend approximately $1.2 million a year.

The University of Texas Medical Branch Audit Services., Audit Report. Engagement Number 2<? February 2015

SOUTHWEST AIRLINES CO. AUDIT COMMITTEE CHARTER

INTERNAL AUDIT OF PROCUREMENT AND CONTRACTING

Role of Procurement / Purchasing Within the Authority

Company LOGO C B T. An Educational Computer Based Training Program

July 6, 2017 MOREHOUSE COLLEGE AWARD #HRD SETTLEMENT AGREEMENT AUDIT SUPPLEMENT

ROSWELL PARK CANCER INSTITUTE CORPORATION INTERNAL CONTROLS OVER PROCUREMENT AND REVENUES. Report 2005-S-15 OFFICE OF THE NEW YORK STATE COMPTROLLER

Audit Report. Audit of Contracting and Procurement Activities

LA14-15 STATE OF NEVADA. Performance Audit. Department of Tourism and Cultural Affairs Division of Tourism. Legislative Auditor Carson City, Nevada

Texas A&M University: Review of the Integrated Ocean Drilling Program PROJECT SUMMARY. Summary of Significant Results

Request for Proposal For: 2018 American Bar Association Temporary Services

Finance/Budget Business Officers Monthly Meeting

4/7/09 I. PURPOSE OF AGREEMENT

Office of Audit Services Annual Audit Plan For the Year Ending August 31, 2018

REQUEST FOR COUNCIL ACTION

MEMORANDUM. The Public Library Needs Improved Internal Controls to Better Administer and Monitor Its Contract With Baker & Taylor Corporation

The University of Texas MD Anderson Cancer Center Internal Audit Annual Report for FY2016

Florida Polytechnic University Audit and Compliance Committee Board of Trustees March 15, 2017

Southern Oregon University Internal Audit Plan Fiscal Year 2017

August 14, Dear Ms. Gula:

A. Independence/Composition. The Committee shall be comprised of not less than three members. The members of the Committee:

Office of the Procurement Ombudsman

Office of Internal Audit. The University of Texas Southwestern Medical Center Business Continuity/Disaster Recovery. Internal Audit Report 16:32

Audit Plan. Marlene Hartinger, Chief of Audit Services. Auditors: Nancy McDaniel Johnny Alexander Julie Ratcliff Sarah Myers

STATE OF TEXAS DEPARTMENT OF INFORMATION RESOURCES CONTRACT FOR PRODUCTS AND RELATED SERVICES LEXMARK ENTERPRISE SOFTWARE USA, INC.

Introduction. Table of Contents

Railroad Commission of Texas Mentor Protégé Program

Contracting for Goods and Services

3. I have worked as a STC for the World Bank for less than 150 days in this Fiscal Year. I would like my company to become a World Bank Group vendor.

Position Summary ANALYST II. Non-Exempt. Uncovered CLOSEOUT ANALYST. Ahmad Hakim-Elahi

REPORT 2014/010 INTERNAL AUDIT DIVISION. Audit of contract administration at the United Nations Office at Geneva

CONTENTS I. POLICY SUMMARY

Fiscal Oversight Fundamentals

Audit of. Accounts Payable Procedures

Request for Proposals (RFP) Information Technology Independent Verification and Validation RFP No IVV-B ADDENDUM NO.

Tomdra, Inc. September 2015 FY15 - #06

3.13. Supply Chain Ontario and Procurement Practices. Chapter 3 Section. 1.0 Summary

K-State Athletics, Inc. Report on Internal Controls related to the Contracting, Travel, and Expenditure processes.

RESPONSE TO THE. Procurement Advisory Panel Recommendations AUGUST (also known as the Procurement Improvement Action Plan)

Internal Audit Report. Contract Administration: 601CT Contracts TxDOT Internal Audit Division

TxDOT Internal Audit Travel Division Operations Audit (1405-1) Department-wide Report

Arizona State University. ASU Police Department Evidence Room. Audit Report

BIOSCRIP, INC. CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS

KPMG s Major Projects Advisory Project Leadership Series: Stakeholder Management and Communication

Department of the Treasury Division of Pensions and Benefits State Health Information Processing System (SHIPS)

TASK LIST - UTILITY ADMINISTRATOR I (CLASS CODE )

) ) ) ) ) ) ) ) ) ) ) ) REPORTING ON WHETHER A PREVIOUSLY REPORTED MATERIAL WEAKNESS CONTINUES TO EXIST. PCAOB Release No July 26, 2005

University System of Maryland University of Baltimore

Mott Community College. Independent Contractor Policy and Procedures

ACCOUNTING SYSTEM/PROMPT PAYMENT

Horizontal Audit of the Acquisition Cards Process

Internal Audit Report. Post Implementation Review PeopleSoft Project Costing TxDOT Internal Audit Division

September 16, Regular Meeting 9:30 a.m.

The University of Texas MD Anderson Cancer Center Internal Audit Annual Report for FY 2017

STANDARD DEVELOPING RECORDS RETENTION AND DISPOSAL SCHEDULES FOR OPERATIONAL RECORDS

Richmond Ambulance Authority

INTERNAL AUDIT REPORT

Assets Management Audit

Supplier Risk Management. Do You Really Have the Right Level of Visibility to Minimise Risk?

OED Division of Small Business Opportunity Follow up Report

Department of Human Resources Local Department Operations

TEXAS LOTTERY COMMISSION. Contract Management Manual

CONSTRUCTION PROCUREMENT REQUIREMENTS

INTERNAL AUDIT REPORT

Fiscal Year 2014 Internal Audit Annual Report

by john johnny e. miller

EXECUTIVE SUMMARY - Internal Control Review of Facilities Engineering and Project Management

Statewide Technology Cooperative Contracting Program

AUDIT COMMITTEE CHARTER

Our Vision: To establish a standard of partnership, innovation, value added resource maximization, and financial expertise such that:

Transcription:

Office of Internal Audit 800 W. Campbell Rd. SPN 32, Richardson, TX 75080 Phone 972-883-4876 Fax 972-883-6846 Dr. Richard Benson, President, Ms. Lisa Choate, Chair of the Institutional Audit Committee: We have completed an audit of Outside Contractors as part of our fiscal year 2016 Audit Plan, and the report is attached for your review. The audit was conducted in accordance with the Institute of Internal Auditors International Standards for the Professional Practice of Internal Auditing. The objective of our audit was to endure adequate controls exist over the contract administration process, and that UT Dallas is in compliance with applicable contract-related policies and procedures. Overall, we found that controls exist within the contract administration process. Implementation of the recommendations in the report will help ensure compliance and enhance the administration of contracts at UT Dallas. Management has reviewed the recommendations and has provided responses and anticipated implementation dates. Though management is responsible for implementing the course of action outlined in the response, we will follow up on the status of implementation subsequent to the anticipated implementation dates. We appreciate the courtesies and considerations extended to us during our engagement. Please let me know if you have any questions or comments regarding this audit. Toni Stephens Institutional Chief Audit Executive UT Dallas Responsible Parties: Mr. Pete Bond, Assistant Vice President, Office of Contracting and Administrative Services Ms. Deborah Reynolds, Executive Director, Procurement Management Members of the UT Dallas Institutional Audit Committee: External Members: Mr. Bill Keffler Mr. Ed Montgomery Ms. Julie Knecht Dr. Hobson Wildenthal, Executive Vice President Dr. Inga Musselman, Interim Provost Dr. Calvin Jamison, Vice President for Administration Mr. Terry Pankratz, Vice President for Budget and Finance Mr. Brian Dourty, Interim Vice President and Chief Information Officer Mr. Rafael Martin, Interim Vice President for Research Dr. George Fair, Vice President for Diversity and Community Engagement; Compliance Officer Dr. Gene Fitch, Vice President for Student Affairs Mr. Timothy Shaw, University Attorney The University of Texas System: System Audit Office State of Texas Agencies: Legislative Budget Board Governor s Office State Auditor s Office Sunset Advisory Commission AN EEO/AFFIRMATIVE ACTION UNIVERSITY

Executive Summary Audit Objective and Scope To ensure adequate controls exist over the contract administration process and that UT Dallas is in compliance with applicable contract-related policies and procedures. Conclusion Overall, we found that controls exist within the contract administration process. Implementation of the recommendations in the report will help ensure compliance and enhance the administration of contracts at UT Dallas. Summary of Audit Recommendations by Risk Level Recommendation (1) Centralize Maintenance of Existing Agreements (2) Enhance Monitoring Procedures for Active Agreements (3) Establish Process to Identify High-Risk Contracts (4) Develop Complaint and Termination Procedures Responsible Vice President: Mr. Terry Pankratz, Vice President for Budget and Finance Staff Assigned to Audit: Dominique DiAndrea, CIA, Project Leader Hiba Ijaz, CPA, CIA, Staff Auditor Risk Level Estimated Implementation Date Medium May 31, 2017 Medium May 31, 2017 Medium May 31, 2017 Medium August 31, 2017 Responsible Parties: Mr. Pete Bond, Assistant Vice President, Office of Contracting and Administrative Services Ms. Deborah Reynolds, Executive Director of Procurement Management 2

Table of Contents Background...4 Audit Objective...5 Scope and Methodology...5 Conclusion...5 Audit Results and Management s Responses...6 Appendices 1. Priority Findings and Risk Matrix... 11 2. Status of Prior Audit Recommendations... 12 3

Background Contracting at UT Dallas falls under the purview of the Office of the Vice President for Budget and Finance 1. The Office of Contract Administration (OCA), the department primarily responsible for contract administration, was created in FY16 to centralize contract management. State of Texas contract rules are outlined in Senate Bill (SB) 20, and a Contract Transparency report of all active contracts, and purchase orders issued by month are posted on the OCA and Procurement Management websites to comply with SB 20. The following information was provided by the Office of Contract Administration and Procurement Management for contracts in place during the first quarter of FY17 2. Type Contract Responsible Department # of Contracts $ Value Contracts for goods and services (Purchase Orders) 3 Procurement Management 1,648 $5.4 million Contracts for non-goods and services, non-institutional construction contracts, revenue generating contracts Contract Administration 470 N/A To centralize contract maintenance, icontracts, a web-based system, was implemented by OCA to maintain, track, and update contracts under their purview. Contracts for the purchase of goods and services are stored in eprocurement by Procurement Management; however, several of these larger contracts are tracked on both systems. The Procurement Office and OCA share the contract information and have access to all contracts. OCA and Procurement Management are responsible for following numerous policies, procedures, and regulations governing contract administration. Senate Bill 20 regulations regarding contract processing of for state agency contracts UT System requirements for internal review and approval detailed contract processing procedures UT System Office of General Counsel UT Dallas Office of Contract Administration UT Dallas Procurement Management specific contract review procedures to determine when additional review is required by the Office of General Counsel or the Board of Regents exceptions to Board approval requirements, e.g., group purchases, library acquisitions, and routine supplies purchases guidelines for contract administration departmental procedures and flowcharts that determine when a purchase order/contract is required and state review and approval requirements based on the contract type and purchase cost 1 Contracts for research grants, sponsored activities, and intellectual property related to research are administered through the Office of Research and fall outside the scope of this review. 2 These amounts are estimated due to a lack of full implementation of the icontracts system. See recommendation (1). 3 Only goods and services contracts greater than $50,000 are tracked, and not all purchase orders require a contract. 4

Audit Objective To ensure adequate controls exist over the contract administration process and that UT Dallas is in compliance with applicable contract-related policies and procedures. Scope and Methodology The scope of this audit was FY16 and our fieldwork concluded on January 9, 2017. To satisfy our objectives, we performed the following: Gained an understanding of contract administration policies, procedures and regulations. Interviewed responsible parties for contract administration. Tested various controls surround contract administration, including: o system user access o compliance with policies, rules, and regulations o contract review and approval o contract monitoring procedures o contract closeout procedures o reporting o records retention o implementation of policy and procedures o staffing o conflicts of interest and confidentiality/privacy o compliant and termination procedures Where applicable, we conducted our examination in accordance with the guidelines set forth in The Institute of Internal Auditor s International Standards for the Professional Practice of Internal Auditing. The Standards set criteria for internal audit departments in the areas of independence, professional proficiency, scope and performance or audit work, and management of the internal auditing department. Conclusion Overall, we found that controls exist within the contract administration process. Implementation of the recommendations in the report will help ensure compliance and enhance the administration of contracts at UT Dallas. Specific findings and recommendations are detailed below in the Audit Results and Management s Responses section of the report. We appreciate the courtesy and cooperation received from the management and staff in the Offices of Contract Administration and Procurement Management as part of this audit. 5

Audit Results and Management s Responses Strengths and Controls Noted during the Audit Management and staff possess the necessary skills and training to ensure they are aware of the laws, rules, and regulations governing contract administration. Contract administration staff keep executive management updated through reports and periodic meeting on various contracting issues. Employees receive conflict of interest training. Observations, Recommendations, and Management s Responses Priority Findings UT System: A UT System priority finding is defined by the UT System Audit Office as: an issue identified by an internal audit that, if not addressed timely, could directly impact achievement of a strategic or important operational objective of a UT institution or the UT System as a whole. We have no UT System Priority Findings resulting from this audit. Risk Level Medium Observation Risk/Effect Recommendation Management s Action Plan 1. Centralize Maintenance of Existing Agreements (prior audit recommendation) Maintaining active agreements in a central location and establishing reporting requirements to track vendor performance enhances the visibility of existing contracts, ensures all related documents such as amendments and pricing schedules are appropriately tracked and accessible, and helps provide assurance that vendors who have consistently underperformed are appropriately considered prior to awarding a contract. icontracts was purchased as the result of a former audit recommendation to help centralize the maintenance of contracts; yet, it is not yet fully utilized. OCA enters all information for contracts under their purview; however, contracts for the purchase of goods and services are still mostly tracked in eprocurement. There is an enhanced likelihood that vendors who have not met the requirements of the contract will go undetected and that active agreements or related documents to the master agreement will not be located in a timely manner. Management should fully utilize icontracts as its central repository for all active and amended agreements to ensure existing agreements are properly maintained and monitored, including for record retention. Management s Response and Action Plan: Due to the volume of small dollar, non-recurring contracts, it is not feasible to centralize the cataloguing of all contracts processed by the two departments. Procurement Services and the Office of Contract Administration have worked together during the past two years to establish criteria to identify which office will manage files related to various types of contracts. In general, multi-year, university-wide contracts that have negotiable terms and conditions are negotiated, managed and tracked by the office of contract 6

Risk Level Observation Risk/Effect Recommendation Management s Action Plan Finally, although records retention requirements are being met, opportunities for improvement exist in developing a monitoring plan to ensure that UT Dallas is not retaining records longer than required. Senate Bill 20 Section 441.1855 outlines contract records retention requirements that would be satisfied with a centrally maintained and monitored system of contracts. Section 16 (Sec. 2157.0685) of Senate Bill 20 states that contracts that require a statement of work should be posted on UTD's website along with the statement of work. In addition, Section 18 (Sec. 2261.257) of Senate Bill 20 states that the University should use a system to identify and record each contract entered. administration. Small dollar, nonrecurring departmental contracts that do not have negotiable terms and conditions are managed by Procurement Services through the Purchase order process. These criteria are not documented. The office of contract administration and procurement services will develop written guidelines to document the shared responsibility for administering contracts. Estimated Date of May 31, 2017 Person Responsible for Debbie Reynolds and Pete Bond Medium 2. Enhance Monitoring Procedures for Active Agreements (prior audit recommendation) A previous audit identified that active agreements with outside contractors were managed and maintained by the departments. For revenue and non-revenue generating contracts, the departments were, and still are, responsible for ensuring the invoiced amounts are accurate, the services performed agree to the schedules of work, and the contractor or vendor has complied with the terms and conditions of the agreement. It was also There is an enhanced risk that billing errors and expired agreements will not be detected in a timely manner. Management should establish a process to provide ongoing monitoring of existing agreements with outside vendors. Management s Response and Action Plan: Due to the volume of small dollar, non-recurring contracts, it is not feasible to centralize the monitoring of all contracts processed by the two departments. The office of contract administration is responsible for ensuring vendor compliance with 7

Risk Level Observation Risk/Effect Recommendation Management s Action Plan identified, and remains the case, that there was no process to identify and track when contracts were about to expire or when they were up for a renewal. Further, through testing it was noted that: a) Contract termination dates are not entered into icontracts. b) icontracts does not identify which contractors use sub-contractors. c) Revenue derived from revenue-generating contracts could not be easily identified in PeopleSoft as contract revenue does not have a dedicated account code. Monitoring of contract revenue, therefore, is also performed at the department level. Continuous monitoring of existing contracts helps ensure invoicing accuracy, early payment discounts are realized, and minimize the risk of expired agreements going undetected in a timely manner. In addition, Section 18 (Sec. 2261.256) of SB 20 requires procedures for monitoring contracts to assess several risks. contact terms for university-wide contracts as discussed above. Procurement Services is responsible for ensuring the appropriate documentation and approvals related to the acquisition of services and disbursement of funds. Responsibility for managing departmental contracts is delegated to the departments. The office of contract administration and procurement services will create information to be distributed to departmental contract administrators clarifying their responsibility to closely monitoring all contracts administered by the department. For contracts managed by the office of contact administration: a) Contract termination dates will be entered b) To the extent subcontractor information is available, it will be tracked c) We will confer with the accounting office to determine if a more appropriate account code should be utilized to record contract revenue. 8

Risk Level Observation Risk/Effect Recommendation Management s Action Plan Estimated Date of May 31, 2017 Person Responsible for Debbie Reynolds and Pete Bond Medium 3. Establish Process to Identify High-Risk Contracts (prior audit recommendation) As noted in the prior audit, there are no established protocols to determine which contracts should be considered of high risk to UTD. All contracts were treated equally, and no additional internal reviews were completed over agreements that bind UTD for multiple years or may have a large or complex scope included in the terms and conditions. High risk criterion established by an organization enhances monitoring activities, helps ensure vendor compliance, and reduces the risk of inaccurate or erroneous payments. All contracts are treated as having equal risks to UT Dallas, regardless of the total estimated spend, duration of the agreement, or scope of the goods or services provided by the vendor. Management should consider establishing criterion that would help determine which agreements should be considered high risk. Management s Response and Action Plan: As noted above, informal criteria have been established to identify high risk contracts and these contracts are monitored by the office of contract administration. The office of contract administration and procurement services will develop written guidelines to document the criteria for high-risk contracts. In addition, through testing it was noted that dollar amounts, which would assist in identifying higher risk contracts, are not entered as a separate field within icontracts. Estimated Date of May 31, 2017 Person Responsible for Debbie Reynolds and Pete Bond 9

Risk Level Medium Observation Risk/Effect Recommendation Management s Action Plan 4. Develop Complaint and Termination Procedures While applicable contracts were found to contain clauses related to complaints and terminations, specific procedures to track them have not been implemented by OCA or Procurement. A documented process allows for the historical tracking of issues, which enables an organization to make smarter contracting decisions. SB 20, Section 16 (Sec. 2261.253), requires performance to be monitored. UT Dallas may continue to contract with vendors that have repeated performance issues. OCA and Procurement should develop procedures to track vendor issues, including poor performance. Management s Response and Action Plan: A process for tracking complaints and terminations will be developed and documented. Estimated Date of August 31, 2017 Person Responsible for Debbie Reynolds and Pete Bond 10

Appendix 1: Priority Findings and Risk Matrix Definition of Risks Risk Level Priority High Medium Low Definition High probability of occurrence that would significantly impact UT System and/or UT Dallas. Reported to UT System Audit, Compliance, and Management Review Committee (ACMRC). Priority findings reported to the ACMRC are defined as an issue identified by an internal audit that, if not addressed timely, could directly impact achievement of a strategic or important operational objective of a UT institution or the UT System as a whole. Risks are considered to be substantially undesirable and pose a moderate to significant level of exposure to UT Dallas operations. Without appropriate controls, the risk will happen on a consistent basis. The risks are considered to be undesirable and could moderately expose UT Dallas. Without appropriate controls, the risk will occur some of the time. Low probability of various risk factors occurring. Even with no controls, the exposure to UT Dallas will be minimal. 11

Appendix 2: Status of Prior Audit Recommendations The following is the status of implementation of the recommendations resulting from Internal Audit Report No. R1412, Contracts, dated April 18, 2014. Recommendation Implemented? (1) Centralize Maintenance of Existing Agreements No, see recommendation 1 above (2) Enhance Monitoring Procedures for Active Agreements No, see recommendation 2 above (3) Establish Process to Identify High Risk Contracts No, see recommendation 3 above (4) Standardize Contract Reviews Yes 12

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback