Common Audit Findings

Findings usually identify a problem related to non-compliance with University policies and procedures, governmental regulations, operating efficiencies or an improvement from an overall business perspective. Common audit findings include:

Improper Segregation of Duties Segregation of duties is a type of internal control created to prevent or reduce the occurrence of omissive errors or fraud. No single employee should have complete control over all components of a transaction. This concept can be broken down into four categories: authorization, custody, record keeping and reconciliation. A separate individual should be in charge of each aspect of this process, eliminating exclusive control over the asset.
Inadequate Cash Controls Because cash is a very liquid asset, strong controls are critical. Cash should never be left unsecured, and only certain qualified individuals should be granted access to registers, safes and cash boxes. Cash-on-hand should be deposited on a daily basis when receipts exceed $250 or otherwise weekly.
Unallowable Expenditures on Grants
Uniform Guidance outlines expenses that are allowable and unallowable using funds from federal grants and contracts. Each expenditure must be reasonable, allowable, allocable, and consistently accounted for. Refer to  Guidelines of Allowability of Costs
Untimely Cost Transfer for Sponsored Projects Under University policy, cost transfers must be processed within ninety days from the date of expenditure. If unallowable expenses exist, they must be removed from the sponsored project regardless of untimeliness.
Lack of Vincent Reconciliations and Card Inventory Vincent activity should be reconciled not just to the level reports, but to participant logs by someone familiar with the study and independent of card loading responsibility.  Additionally, card holders should complete periodic card inventories to ensure all cards in possession are appropriately accounted for
Failure to Use the University’s Cost Model Recharge centers often charge back federally funded research projects, thus it’s important to develop a rate that can be validated to actual costs and that does not generate an inappropriate surplus for the center.  Use of the University’s cost model helps to develop rates while factoring in all costs to operate and subsidies received.  Rates must be consistently applied to all users of the facility to ensure fair and accurate charging of federal projects.
Inadequate Security of Electronic Sensitive Data Proper internal controls must be in place to safeguard all personally identifiable data. Unnecessary sensitive data should be properly destroyed regularly.