Clerk & Comptroller
Audit findings
197 findings across all audits. Sorted by severity, then dollar amount.
- highdata accessCCC · FY 2024
32 of 86 teammates held inappropriate CCIS driver license clearance permissions
The Pasco Users with DHSMV D6 Clearance County Permissions Report reflected 86 teammates had permission to reinstate suspended driver licenses in CCIS. Formal documented policies and procedures for reviewing and updating user permissions did not exist, and the CCIS Security User Agreement did not provide guidance for removing access for former or transferred teammates. As a result, 32 of the 86 teammates had permissions that were not appropriate, no longer required, or were not updated in a timely manner, spanning Administration (1), Civil (15), Criminal (9), Finance (2), IT (4), and Records (1), increasing the risk of unauthorized reinstatements.
in: CCC Driver License Reinstatements - Dated December 27, 2024 - highpolicyCCC · FY 2023
Civil Marchman Act filing type assigned incorrect public privacy level
One of 96 Civil test samples, a filing type 'Invol Asm Stab' associated with Marchman Act cases, was assigned a public privacy level in Clericus when it was required to be sealed under AO2017-064(II)(A)(9). Marchman Act case files and dockets must be sealed by the Clerk of the Circuit Court unless otherwise ordered by the court. Management immediately corrected the privacy level upon notification.
in: CCC Docket Image Privacy Follow-Up - Final Report dated February 14 2023 - highdata accessBCC · FY 2023
Accela permit report reflected unexplained gaps in sequential permit numbers
Of 43,742 permits on the Accela permit report for the audit period, the IG identified 1,113 gaps (approximately 3%) in sequential permit numbers. Explanations provided by management included 1,054 permits with file creation dates outside the audit period, 10 deleted permits (the delete function was inadvertently enabled and used in error with no supporting documentation), 48 permits attributed to a system glitch or child record creation, and one permit marked inactive without supporting documentation. No formalized procedure existed for monitoring gaps in sequential permit numbers, and documented management approvals were not required for deletions or inactivations, increasing the risk of unauthorized transactions going undetected.
in: BCC: Development Services Private Provider Refunds - Dated June 30, 2023 - highdata accessBCC · FY 2023
Accela permit report lacked complete and reliable private provider data fields
Of 41,951 permits eligible for outsourcing, approximately 77% (32,353 permits) had incomplete data fields for identifying whether inspections and/or plans reviews were outsourced to private providers. Specifically, 24,300 permits (approximately 58%) had at least two blank data fields and 8,053 permits (approximately 19%) had one blank data field. The outsourcing data fields were not mandatory in Accela, allowing permit technicians or customers to skip them, and no documented procedures required secondary review to verify accuracy and completeness of data entry.
in: BCC: Development Services Private Provider Refunds - Dated June 30, 2023 - highdata accessBCC · FY 2023
Accela outsource data fields contained frequent inaccurate permit information
Testing of 53 permits found that 27 (approximately 51%) reflected an incorrect outsourcing status or a status that could not be verified. Seventeen permits had data entry errors including 'No' recorded instead of 'Yes' or vice versa, or blank fields instead of 'No.' Three permits that had received private provider refunds were not included on the Schedule of Refunds List because inaccurate 'No' entries in Accela caused them to be missed; they were only caught because contractors self-identified. Ten permits had one blank outsource field for plans review and the IG could not independently verify whether those permits were owed a refund. No formalized policy required staff to update outsource fields when new or corrected information became available.
in: BCC: Development Services Private Provider Refunds - Dated June 30, 2023 - highevidenceCCC · FY 2023
Unauthorized and Undocumented Evidence Deletions in TrakMan
A total of 36 items were deleted from TrakMan by Civil and Criminal teammates during the audit period. Of six Civil deletions tested, three lacked documentation supporting proper approval and two were performed by unauthorized teammates. Of three Criminal deletions tested, none had proper approval documentation and two were performed by unauthorized teammates. The Evidence Procedure Manual required director-approved deletions performed only by authorized personnel.
in: CCC: Evidence Final Report - Dated December 8, 2023 - highevidenceCCC · FY 2023
No Procedures for Checked-Out Evidence That Cannot Be Located
Fifteen evidence items reflected as checked-out to Court Administration in TrakMan could not be located; Court Administration confirmed it did not have custody. Seven items were checked out from Criminal between July 2010 and November 2018, and eight items were checked out from Civil on February 16, 2021. As of July 2023, the seven Criminal items remained unlocated, while the eight Civil items were found and verified in the west side Evidence Room. Formal written procedures did not address steps to take when checked-out evidence cannot be located.
in: CCC: Evidence Final Report - Dated December 8, 2023 - highevidenceCCC · FY 2023
Chain of Custody Documentation Missing for 36 of 79 Items Tested
The IG tested 79 evidence items for proper chain of custody documentation and found 36 lacked proper documentation. All nine disposed and refused items tested lacked complete or accurate chain of custody records. Of 20 returned sensitive evidence items tested, five lacked proper documentation including missing signed receipts, purged case files, and unsigned receipts. Of 50 checked-out items tested, 22 lacked proper documentation — 21 missing signed Evidence Transfer Receipts and one with a receipt where the name did not match TrakMan records.
in: CCC: Evidence Final Report - Dated December 8, 2023 - highdata accessCCC · FY 2023
20 of 88 Teammates Have Inappropriate Physical Access to Evidence Areas
The Reader Assignments to Cardholders Report showed 88 teammates had badge access to evidence rooms and vaults. Of these, 20 had access that was not applicable to their position, was not appropriate, or was no longer needed. Formal documented policies and procedures for periodically reviewing and updating physical access did not exist, increasing the risk of unauthorized access that could compromise evidence integrity.
in: CCC: Evidence Final Report - Dated December 8, 2023 - highdata accessCCC · FY 2023
33 of 61 TrakMan Users Have Inappropriate Evidence Deletion Permissions
There were 61 active TrakMan users with permission to delete evidence. After management review, 33 of 61 had deletion permissions that were not applicable to their position, not appropriate, or no longer needed. No formal documented policies existed for reviewing and updating TrakMan delete permissions. A system limitation in TrakMan required the delete permission profile for users who need to purge files, complicating remediation. This increased the risk of unauthorized and undetected evidence deletions.
in: CCC: Evidence Final Report - Dated December 8, 2023 - highdata accessCCC · FY 2022
Employee DAVID System Misuse Undetected by Internal Controls
During fieldwork, the IG identified one Criminal Courts user who conducted personal DAVID searches. A total of seven personal searches were identified between August 9, 2019 and December 8, 2021. The misuse was overlooked by the IT Point of Contact during the 2021 Quarter 3 User Activity Review and not escalated to management. Upon notification by the IG, management contacted the Pasco County Sheriff's Office for investigation, and the employee subsequently resigned. Timely notification was sent to DHSMV and affected individuals as required by the MOU.
in: CCC: DAVID Attestation-Admin - Dated July 12, 2022 - highpolicyCCC · FY 2022
Majority of DAVID Searches for Audit Period Could Not Be Verified
Of the 1,660 DAVID searches conducted during the audit period, 955 (58%) could not be verified as proper, authorized, business-related searches. Reasons for unverifiability included incorrect purpose codes, missing case/citation numbers, incorrect case/citation numbers, inability to locate the searched person in Clericus, impound searches using names instead of tag numbers, verbally requested searches with no documentation, and deleted email documentation. Documented policies and procedures providing guidance for conducting verifiable searches were limited, and verbal search requests were not required to be documented.
in: CCC: DAVID Attestation-Admin - Dated July 12, 2022 - highcash handlingBCC · FY 2022
Bin location changes allowed inventory to be moved without management approval
For two items (#31251 and #2424C) at the Embassy Warehouse, bin locations were changed to 'as needed' prior to year-end, excluding them from inventory count sheets. Decisions to change bin locations were made solely by lead inventory specialists without required management approval, tracking, or monitoring. This created a risk that County assets could be mismanaged or misappropriated without detection.
in: BCC: Utilities Warehouse Inventories Follow-up – Dated December 13, 2022 - highpolicyCCC · FY 2020
Segregation of duties not enforced in deposit will verification process
At the Dade City location, the same person who inputted a deposit will into Clericus was permitted to verify their own work, provided they waited 24 hours, because the documented procedures did not explicitly require a separate teammate to perform verification. Additionally, the Deposit Will Verification procedure allowed the verifier to make corrections as necessary, which effectively eliminated the segregation of duty control over data entered by the intake clerk. These gaps created risk of undetected errors or irregularities in case records.
in: CCC: 2020-05 Deposit Will Audit – Dated September 17, 2020 - highevidenceCCC · FY 2020
No documentation maintained for pre-destruction deposit will verification
Management indicated that a random 10% sample of deposited wills meeting their retention date was verified prior to destruction; however, no documentation was maintained to support that this verification requirement was actually completed. The IG team was therefore unable to confirm the verification occurred. Furthermore, the Probate division had no documented procedures providing detailed guidance on how to conduct the pre-destruction verification or how to maintain supporting documentation of the sample reviewed.
in: CCC: 2020-05 Deposit Will Audit – Dated September 17, 2020 - mediumcash handling$450,704BCC · FY 2023
Private Provider Refund Log and Schedule of Refunds List not reconciled to general ledger
The Private Provider Refund Log and Schedule of Refunds List did not agree with the Vendor 20 Payment Report (general ledger) as of November 18, 2021. Of 307 refund checks on the refund log, five unmatched records were identified including two checks with incorrect dollar amounts, one with an incorrect date, one check number not found on the Vendor 20 Payment Report, and one voided check whose replacement check number was not recorded. After reconciliation, the Schedule of Refunds List still reflected a variance of $155.46 from the Vendor 20 Payment Report. No formal written policy requiring periodic reconciliations of private provider refunds to the general ledger existed.
in: BCC: Development Services Private Provider Refunds - Dated June 30, 2023 - mediumcash handling$1,325CCC · FY 2021
Unattended Cash Drawers with Keys Left in Lock
At the Dade City location, two change fund drawers were placed in cashier stations before their respective cashiers had arrived for work, and the drawer keys were left in the lock while the drawers were unattended. This condition was observed during the unannounced cash count on November 9, 2021. The practice increased the risk of unauthorized access to or tampering with the change funds.
in: CCC: Traffic Unannounced Cash Count – Dated November 23, 2021 - mediumpolicy$750BCC · FY 2021
Undocumented cat trap rental program holding nine unprocessed customer checks
On February 2, 2021, auditors found a binder inside the Animal Services Adoption Center safe containing nine customer checks totaling $750 associated with an informal cat trap rental program. The program lacked documented policies and procedures; some customers received traps without a contract or deposit, checks dated as far back as late 2019 had not been processed even though associated traps were reportedly not returned, and one check had no associated contract. The program was operating without formal approval or oversight.
in: BCC: Unannounced Cash Count – Public Services and County Attorney – Dated May 18, 2021 - mediumpolicy$651BCC · FY 2022
Inventory adjustments lacked formal written request and approval process
Inventory adjustments made by lead inventory specialists were only verbally approved by management before entry into the EAM system. The IG could not verify that the combined 16 adjustments totaling $651.09 for the audit period were properly reviewed and approved because no supporting documentation existed. The absence of a formal written approval process increased the risk of unauthorized adjustments.
in: BCC: Utilities Warehouse Inventories Follow-up – Dated December 13, 2022 - mediumpolicy$651BCC · FY 2021
Inventory Adjustments Lack Formal Written Approval Process
Inventory adjustments made by lead inventory specialists were only verbally approved by management before entry into the system. The IG could not verify that the combined 16 adjustments totaling $651.09 during the audit period were properly reviewed and approved, as no supporting documentation existed. This lack of documentation increases the risk of unauthorized adjustments.
in: BCC: Utilities Warehouse Inventories – Dated December 20, 2021 - mediumcash handling$280BCC · FY 2020
DMO petty cash fund unreimbursed with stale prior-year receipts
On January 30, 2020, two petty cash receipts at the Destination Management Organization (DMO) dated July and August 2019 (the prior fiscal year) totaling $280.00 had not been submitted for reimbursement. As a result, these expenditures were not recorded in the accounting system in the proper fiscal year. The existing policy's minimum balance threshold of $200.00 was too low and did not specify a required timeframe for reimbursement requests.
in: BCC: Change and Petty Cash Fund Audit – Dated June 2, 2020 - mediumcash handling$200CCC · FY 2023
Two change funds transferred without proper notification or documentation
On 6/22/2022, the IG identified a $200.00 shortage in the Clerk's change fund control form totals when reconciling to the Clerk's General Fund. Two change funds of $200.00 each were transferred from the NPR Civil Circuit Division to the Domestic Relations Family Division without notifying Finance. An updated control form was created for Civil Circuit on 4/8/2022, but the corresponding form for Domestic Relations Family was not created until 6/23/2022, after the IG brought the issue to management's attention.
in: CCC: Unannounced Cash Counts - Dated February 28, 2023 - mediumcash handling$20BCC · FY 2021
Change drawer short $20 at Animal Services Adoption Center
During the February 2, 2021 cash count at the Animal Services Adoption Center, the change fund was short $20. Staff were aware of the shortage but could not identify when or how it occurred, and the Animal Services Director had not been formally informed prior to the IG bringing it to their attention on February 3, 2021. The shortage was suspected to have occurred on December 19, 2020 due to incorrect change given and improper closing verification. Documentation of the shortage and a timely police report could not be provided; an incident report was filed instead.
in: BCC: Unannounced Cash Count – Public Services and County Attorney – Dated May 18, 2021 - mediumpolicy$11CCC · FY 2021
Unauthorized and untracked items found in Official Records safe
The safe at Official Records in Dade City was found to contain an unprocessed check dated August 11, 2020, for $11 that management was unaware of — it had been misplaced in the safe for approximately three months and was returned to the customer as a result of the audit. The safe also contained a customer's driver license of unknown duration; management did not know what to do with it and had not notified their Director. No procedure existed for regular safe inspections or for handling customer-owned sensitive items found in the safe.
in: CCC: Unannounced Cash Count – Dated January 9, 2021 - mediumpolicyBCC · FY 2024
P-Card Policy Violations Not Enforced During Program Implementation
Of the 16,879 total P-Card transactions reviewed, 87 were not approved in accordance with the P-Card Policy, yet card users were still permitted to make charges. The P-Card Policy requires transactions to be processed by Fiscal teams within five business days of import into Munis. BCC personnel confirmed that during the initial implementation of the new card provider (J.P. Morgan Chase Bank) from January 16, 2024 through May 31, 2024, corrective actions by the P-Card Administrator for policy violations were not applied, with enforcement only beginning in June 2024.
in: BCC: Purchasing Card Transactions - Dated November 25, 2024 - mediumpolicyCCC · FY 2025
Change fund control forms not updated or missing
Departments did not always send updated control forms to Finance when cashier personnel changed, as required by FI-CF012. At the time of audit, two forms reflected outdated information (one Division Change Fund Control Form and one Custodian/Cashier Change Fund Control Form), and Custodian/Cashier Change Fund Control Forms did not exist for three custodians.
in: CCC: Unannounced Cash Verification - Dated May 5, 2025 - mediumcash handlingCCC · FY 2025
Cash fund keys and bags left unsecured or unattended
Keys to locked cash bags were placed in a bowl and left unattended on a daily balancer's desk, and one change fund bag was stored in an unlocked drawer. This was a repeat finding from prior audits (reports #2022-02 and #2023-05). Policy CV-CVFUND 1 requires cash funds to be kept under lock and key at all times and keys to remain in the possession of the assigned teammate.
in: CCC: Unannounced Cash Verification - Dated May 5, 2025 - mediumcash handlingCCC · FY 2025
Unattended cash drawer with key left in lock
On July 15, 2024, the IG observed an unattended cash drawer with the key inserted in the lock. The Operations Supervisor confirmed the cashier had left the drawer unattended while on break. No officewide written policy addressed proper physical security of cash drawers and keys during breaks.
in: CCC: Unannounced Cash Verification - Dated May 5, 2025 - mediumcash handlingCCC · FY 2025
Change Fund Log–Master file inaccurate and control form dates unreliable
The Finance Change Fund Log–Master spreadsheet contained inaccurate or incomplete data; custodians, departments, or amounts were incorrect for some change funds, and discrepancies were not identified and corrected during reconciliation. Additionally, the control form template on Office Net auto-populated today's date when the PDF was opened, causing date discrepancies between the Log and submitted forms.
in: CCC: Unannounced Cash Verification - Dated May 5, 2025 - mediumdata accessCCC · FY 2025
Printed and Electronic DAVID Personal Data Not Properly Safeguarded
Criminal teammates were directed to place printed DAVID information in OSA (Obsolete, Superseded, or Administrative Value Lost) boxes when no longer needed, but those boxes were not physically secured from unauthorized persons. Additionally, teammates who telework were not required to black out their computer screens while accessing DAVID remotely, contrary to MOU Section V requirements for protecting personal information from unauthorized viewing.
in: CCC: DAVID Attestation- Dated July 28, 2025 - mediumdata accessCCC · FY 2025
DAVID User Access Not Deactivated Within Required Five Business Days
MOU Section IV, Subsection B.8 requires user access and permissions to be updated within five business days of reassignment. One user was deactivated 55 working days after reassignment to a position that did not require DAVID access. The auditor verified the user did not access DAVID after reassignment.
in: CCC: DAVID Attestation- Dated July 28, 2025 - mediumdata accessCCC · FY 2025
Existing Password Security Procedures Inadequate
Some practices did not demonstrate effective password security. Teammates used the web browser's autofill feature to save DAVID login credentials and did not lock workstations when left unattended. Additionally, passwords were stored in an envelope kept in an unlocked desk drawer, creating risk of unauthorized access to DAVID.
in: CCC: DAVID Attestation- Dated July 28, 2025 - mediumdata accessCCC · FY 2025
DAVID User Permissions Inconsistent and Not Role-Appropriate
DAVID user permissions were not consistently configured to match user roles. Five of 13 Criminal users had permission to search by vehicle make and model, which was unnecessary for their job duties. Additionally, both Criminal and Inspector General users had varying days and hours of access to DAVID rather than a standardized schedule.
in: CCC: DAVID Attestation- Dated July 28, 2025 - mediumpolicyCCC · FY 2025
DAVID Procedures and Guidelines Incomplete, Outdated, or Undocumented
Multiple DAVID process procedures were not documented, were incomplete, or did not reflect current operations. Undocumented areas included: updating agency contact information in DAVID within 10 calendar days, monitoring restricted DAVID network folder access, assigning and reviewing user permission roles, assigning a back-up DAC for quarterly reviews, and guidance for conducting standard searches and logging out. The DAVID Quarterly Audit Guideline also lacked proper segregation of duties, complete search procedures, and updated case/citation verification processes.
in: CCC: DAVID Attestation- Dated July 28, 2025 - mediumcash handlingCCC · FY 2024
Change funds and cash drawer keys left unsecured and unattended
On April 12, 2023, the IG observed multiple instances of unsecured cash across several divisions. In Family Civil and Official Records, two unattended cash drawers each were found with keys inserted in the locks. In Criminal Customer Service, two cash drawers, one juror bag, and a deposit were left unattended on a cashier balancing table; vault room keys for change fund drawers and juror bags were hanging openly on hooks despite dual-control safe requirements; and five juror cash funds inside the locked safe were stored in clear zippered bags with no locking mechanism.
in: CCC: Unannounced Cash Verification - Dated May 14, 2024 - mediumcash handlingCCC · FY 2024
Juror cash fund reimbursement not processed or monitored timely
On April 12, 2023, the IG identified one juror bag containing a Pending Reimbursement Form dated January 25, 2023, that had not been replenished for approximately 11 weeks. The pooled cash account had been debited on January 26, 2023, but no documentation existed to confirm the cash order was delivered, as delivery was disrupted by a BRINKS outage. The account was not credited for the undelivered cash order until April 27, 2023, after the IG's inquiry.
in: CCC: Unannounced Cash Verification - Dated May 14, 2024 - mediumpolicyBCC · FY 2024
Developer Credit Reconciliation Process Not Fully Followed
During process observations, two procedures were not performed in accordance with the Developer Credits Reconciliation SOP (Version No. 1.3). Specifically, the Additional Information tab on the Trust Account Balance spreadsheet did not include required columns titled Comments and Long String. Additionally, the monthly developer credit reconciliation was not emailed to all recipients listed in the SOP.
in: BCC: Developer Credits Policies and Procedures- Dated July 30, 2024 - mediumpolicyBCC · FY 2024
Trust Account Balance Not Updated in Accela Timely
A trust account balance was not updated in Accela in a timely manner. A trust account balance was reduced in Accela on December 12, 2023 for a credit reimbursement that had been issued on September 8, 2023 — a lag of over three months. The update process was manual, relying on flagged check request emails as reminders to reduce the balance once payment was issued by the Clerk & Comptroller's Finance Department.
in: BCC: Developer Credits Policies and Procedures- Dated July 30, 2024 - mediumpolicyBCC · FY 2024
SOP for Developer Credit Transmittal Summary Contains Multiple Gaps
The Developer Credit Transmittal Summary SOP (Version No. 2.0) lacked detailed guidance across numerous areas, including: procedures for researching and correcting errors; timing requirements for submitting the summary to the Accountant II; guidance for answering the question about whether credits can be sold outside the development; criteria for mobility fee automation in Accela; defined roles for completing the summary; signature requirements; retention requirements; processing timeframes; secondary review requirements before submission to Fiscal; cross-references to related SOPs covering general ledger and trust account setup; detailed procedures for Accela automation setup; and detailed criteria for the Fiscal review step.
in: BCC: Developer Credits Policies and Procedures- Dated July 30, 2024 - mediumpolicyBCC · FY 2024
Developer Credits Reconciliation SOP Lacks Key Controls and Procedures
The Developer Credits Reconciliation SOP (Version No. 1.3) contained limited guidance and omitted several key controls: it did not require the preparer to sign and date the completed reconciliation; did not define roles for performing the reconciliation; lacked a contingency plan for alternate reconcilers; did not specify retention requirements; provided insufficient guidance for researching and correcting discrepancies; did not require a secondary review before submission to the Clerk's Finance Department; did not include controls for segregation of duties (the same individual processed trust account activity and performed the monthly reconciliation); and used individual names rather than position titles for email distribution, without identifying all required recipients.
in: BCC: Developer Credits Policies and Procedures- Dated July 30, 2024 - mediumpolicyBCC · FY 2024
Credit Loads and Transfers SOP Missing Multiple Procedural Controls
The Developer Credits – Credit Loads and Transfers SOP (Version No. 1.3) omitted key controls and guidance, including: defined roles for performing credit loads, transfers, and refunds/reimbursements; a requirement to verify trust account balances before processing refunds to confirm sufficient credit; defined timeframes for processing; guidance for ineligible requests; defined retention requirements; a specific citation to the applicable section of the Pasco County Land Development Code; and guidance for check requests and timely trust account balance updates upon refund/reimbursement.
in: BCC: Developer Credits Policies and Procedures- Dated July 30, 2024 - mediumpolicyBCC · FY 2024
Trust Account/Credit Letter Processing SOP Lacks Key Controls
The Trust Account/Credit Letter Processing SOP (Version No. 3.0) did not require management approval before the Accounting Clerk deletes impact fees in Accela; did not provide standardized memo criteria or documentation requirements when credit letters and payments are returned for correction; did not include directives for storing original credit letters; and did not provide guidance for handling lost original credit letters.
in: BCC: Developer Credits Policies and Procedures- Dated July 30, 2024 - mediumpolicyCCC · FY 2024
Driver license reinstatements issued without meeting eligibility criteria
Of 198 combined cases tested, 9 cases had D6 clearances or ARDLs issued without verifying court costs, fines, and fees were paid in full, without confirming court requirements were met, or without having an accurate, completed, or signed payment plan docketed as required by internal policies. In some instances, teammates handling phone customers issued the clearance or ARDL at the time they mailed payment plan paperwork rather than after receipt of a signed agreement. Compliance with established criteria before issuing reinstatement documents is required by internal procedures and Florida Statute.
in: CCC Driver License Reinstatements - Dated December 27, 2024 - mediumpolicyCCC · FY 2024
Inconsistent payment processing creates numerous unmatched reinstatement records
Inconsistencies in processing payments for payment plans and reinstating driver licenses resulted in 1,722 unmatched records across the D6 Transaction Report, ARDL Report, Payment Report, and Payment Plan Report. Issues included suspensions cleared without proper documentation, ARDLs issued to wrong case numbers, ARDL fees assessed but not collected or not applied, and 14 cases where the reason for the mismatch could not be determined. The ARDL report also lacked a data field to identify the teammate who issued the ARDL, limiting accountability.
in: CCC Driver License Reinstatements - Dated December 27, 2024 - mediumpolicyCCC · FY 2024
Vague and inconsistent documented procedures for reinstatements and quality control
Documented policies and procedures related to the driver license reinstatement process, seven-year dismissals, and quality control review were vague, did not reflect current processes or all relevant steps, or did not exist. Key controls were not required or addressed in the documented procedures. Additionally, different locations (Dade City and New Port Richey) used different procedures, resulting in inconsistencies between departments in how reinstatements were processed and how quality control reviews were performed.
in: CCC Driver License Reinstatements - Dated December 27, 2024 - mediumpolicyCCC · FY 2024
Compliance due dates in Clericus not always monitored or updated timely
Suspension letters and suspensions were not always processed in compliance with timeliness standards reflected in Clericus due dates. Compliance dates were not always entered into Clericus, as pre-conversion cases lacked compliance tabs unless manually added. Payment plans were not always reviewed timely to confirm good standing. Delays were partly attributable to the COVID-19 moratorium backlog on driver license suspensions from March 19, 2020, through January 7, 2021.
in: CCC Driver License Reinstatements - Dated December 27, 2024 - mediumpolicyCCC · FY 2024
Satisfactions of Certified Judgments not docketed for 20 fully paid cases
Upon full payment of all outstanding court costs, fines, and fees, a Satisfaction of Judgment for Costs and Fees must be created, triggering Official Records via docket code SJCC. For 20 cases where all court costs, fines, and fees had been paid in full, a satisfaction was not docketed to the case, meaning Official Records was not properly notified to record the satisfaction.
in: CCC Driver License Reinstatements - Dated December 27, 2024 - mediumpolicyCCC · FY 2024
Backlog of seven-year dismissals from 2013 left unprocessed
Pursuant to a July 2, 1999 order by Judge Webb, license suspensions on cases outstanding for seven or more years must be recalled, canceled, and satisfied. At the time of audit, a backlog of seven-year dismissals dating to 2013 had not been reviewed, and management indicated these were processed only as time permitted, indicating a lack of timely, systematic processing.
in: CCC Driver License Reinstatements - Dated December 27, 2024 - mediumpolicyCCC · FY 2023
Comprehensive list of Civil docket codes associated with List of 23 did not exist
No comprehensive list of Civil docket codes related to the List of 23 existed prior to the initiation of the audit. The list was not provided in a timely manner and required multiple revisions after IG review. The initial verbal request was made June 5, 2020 and the final usable list was not provided until July 20, 2020. Without such a list, teammates lacked proper guidance to ensure images were docketed and maintained confidential in compliance with Rule 2.420.
in: CCC Docket Image Privacy Follow-Up - Final Report dated February 14 2023 - mediumpolicyCCC · FY 2023
Civil docket code for Child Abuse and Sexual Offences List of 23 item did not exist
No Civil docket code existed for records associated with item #13 on the List of 23 (child abuse and sexual offenses) as required under Rule 2.420. Civil instead used a specific case type for sexual violence protective injunctions and relied on teammates to manually mark documents as confidential, increasing the risk that confidential documents could be missed or improperly marked and made available to the public.
in: CCC Docket Image Privacy Follow-Up - Final Report dated February 14 2023 - mediumdata accessCCC · FY 2023
Image privacy levels for some Civil docket codes less restrictive than case privacy level
For six Civil docket codes, image privacy levels did not agree with or were less restrictive than the assigned case privacy level within Clericus. For example, codes 899 (Petition for Termination of Parental Rights) and 7163 (Notice on Petition for Adoption) had public image privacy levels that were required to be confidential. All six codes were corrected during the audit.
in: CCC Docket Image Privacy Follow-Up - Final Report dated February 14 2023 - mediumdata accessCCC · FY 2023
Privacy levels were incorrect for some Civil images tested
Privacy levels of existing images were not periodically reviewed for compliance or consistency. Issues identified included two sealed cases with images assigned OnDemand privacy levels, nineteen images with public privacy levels that were required to be confidential (docket codes 675, 678, 1397), and one image marked confidential rather than sealed. Corrections were made during the audit.
in: CCC Docket Image Privacy Follow-Up - Final Report dated February 14 2023 - mediumpolicyCCC · FY 2023
Civil docket descriptions online included more information than basic docket description
For 130 (26%) of 495 Civil images tested, the docket description on the public website included more information than the basic docket description in Clericus. Of these, 42 (32%) were sealed images. This was a legacy issue from the prior case management system (FACTS) when detailed descriptions were entered because images were not available online.
in: CCC Docket Image Privacy Follow-Up - Final Report dated February 14 2023 - mediumpersonnelCCC · FY 2023
Civil lacked formal documented training program for confidentiality
At the time of the audit, Civil did not have a finalized formal training program outlining objectives, needs, strategy, and curriculum for maintaining confidentiality of cases, records, and dockets. Without a formalized program, there was increased risk that policies and procedures were not consistently followed and that teammates were assigned tasks for which they were insufficiently trained.
in: CCC Docket Image Privacy Follow-Up - Final Report dated February 14 2023 - mediumpolicyCCC · FY 2023
Comprehensive list of Criminal docket codes associated with List of 23 did not exist
No comprehensive list of Criminal docket codes related to the List of 23 existed prior to the audit. The list required four revisions after IG review and was not provided in a timely manner. Grand Jury indictment codes (INDT, INDC) were initially omitted. Some docket codes were shared between confidential and non-confidential documents, increasing risk of publicizing confidential records.
in: CCC Docket Image Privacy Follow-Up - Final Report dated February 14 2023 - mediumpolicyCCC · FY 2023
Criminal compensating controls for docket privacy not documented
For 60 Criminal images tested, case privacy levels were confidential but image and docket privacies were OnDemand and Public respectively. Compensating controls were in place (IT security matrix, VOR process, extensive training, case-level sealing/expunging) but none were formally documented in written policies or procedures, creating risk of inconsistent application.
in: CCC Docket Image Privacy Follow-Up - Final Report dated February 14 2023 - mediumpersonnelCCC · FY 2023
Criminal lacked formal documented training program for confidentiality
At the time of the audit, Criminal did not have a formal, documented training program in place for new teammates learning how to maintain the confidentiality of cases, records, and dockets. Without such a program, there was increased risk of inconsistent application of confidentiality requirements and assignment of teammates to tasks for which they were insufficiently trained.
in: CCC Docket Image Privacy Follow-Up - Final Report dated February 14 2023 - mediumdata accessCCC · FY 2023
One Records OnDemand image not made available to public in timely manner
One OnDemand image of 32 tested was requested for viewing on October 22 and again October 30, 2020 but was not made available until management was notified on November 23, 2020. An IT control error caused a 'Courts 23 rule banner' to be incorrectly assigned in the Dr. Watson redaction system, resulting in over-restriction of the image.
in: CCC Docket Image Privacy Follow-Up - Final Report dated February 14 2023 - mediumpersonnelCCC · FY 2023
Records lacked formal documented training program for confidentiality
At the time of the audit, a formal, documented training program did not exist in the Records department for teammates learning to maintain the confidentiality of court records. The absence of a formalized program increased the risk that policies and procedures were not consistently followed and that teammates were assigned to tasks for which they were not sufficiently trained.
in: CCC Docket Image Privacy Follow-Up - Final Report dated February 14 2023 - mediumpolicyCCC · FY 2023
Records policies, procedures, and training materials required significant improvement
Existing Records training materials (Redaction and Confidentiality Guide, Scenario Questions, PowerPoint, Redaction Validation procedure) provided limited guidance and failed to address all key controls. Deficiencies included lack of full statute language, absence of envelope placement guidance, no explanation of case parties, insufficient escalation guidance, no glossary, undocumented queue authorization levels, and no requirement for supervisory approval to change a Courts 23 Rule in Dr. Watson.
in: CCC Docket Image Privacy Follow-Up - Final Report dated February 14 2023 - mediumcash handlingCCC · FY 2023
Unsecured change fund left unattended at workstation
During an unannounced cash count on 6/27/2022 at the New Port Richey (NPR) Child Support Division, the IG observed an unsecured cash drawer at an unattended workstation. This represented a failure to secure public funds when the assigned cashier was not present.
in: CCC: Unannounced Cash Counts - Dated February 28, 2023 - mediumpolicyBCC · FY 2023
Refunds lacked required supporting Sunbiz documentation per policy
Four of 40 refunds tested (10%) did not have proper supporting Sunbiz documentation as required by the Private Provider Refund Policy and Procedure. For one refund, the name on the Release, Satisfaction, and Settlement Agreement did not match the Sunbiz documentation on file. For three refunds, Sunbiz documents were requested by the IG but not included in management's response, suggesting the documentation did not exist at the time of the refund. Documents later provided by the Department bore an electronic date stamp of May 10, 2022, indicating they may have been created after the fact.
in: BCC: Development Services Private Provider Refunds - Dated June 30, 2023 - mediumcash handlingBCC · FY 2023
Cash bag key found unsecured in unoccupied desk drawer
At Land O'Lakes Heritage Park, the staff member on duty could not locate the key to unlock the bank cash bag securing the park's change fund. The IG auditor found the key in a vacant, unoccupied desk drawer, unsecured and unmarked. This represents a failure of physical access controls over cash assets.
in: BCC: Unannounced Cash Verification - Dated August 2, 2023 - mediumdata accessBCC · FY 2023
Terminated DAVID user not deactivated within required timeframe
The MOU required user access to be immediately deactivated upon termination and updated within five business days upon reassignment. One DAVID user was not deactivated within five business days of their termination date. The IG verified there was no user activity after the termination date.
in: BCC: Stormwater DAVID Contract Attestation - Dated November 13, 2023 - mediumpolicyBCC · FY 2023
FLHSMV not properly notified of agency head and POC changes
The MOU required changes in the agency head, POC, address, telephone number, and/or email address to be updated in DAVID within 10 calendar days of occurrence. FLHSMV was not properly notified when there was a change in the agency head and POC.
in: BCC: Stormwater DAVID Contract Attestation - Dated November 13, 2023 - mediumpolicyBCC · FY 2023
Quarterly quality control review reports incomplete and improperly documented
The MOU required Quarterly Quality Control Review Reports (QQCRRs) to be completed within 10 days after the end of each quarter and maintained for two years. Two QQCRRs reflected zero users reviewed despite actual activity; one QQCRR was completed before the quarter ended; two QQCRRs reflected incorrect active user counts; required Quarterly User Reports and Quarterly Monitoring Review Reports were not completed; the POC did not notify the Public Works Assistant Director upon completion; and QQCRRs were not digitally signed by the Public Works Assistant Director.
in: BCC: Stormwater DAVID Contract Attestation - Dated November 13, 2023 - mediumdata accessBCC · FY 2023
DAVID access authorization and acknowledgement forms not maintained
The DAVID SOP required users to sign three forms before receiving access — the DAVID Access Authorization Request, Acknowledgement of Penalties for Misuse, and Florida Computer Crimes Act — and these forms were required to be retained for five years. Access and authorization forms for DAVID users were not maintained.
in: BCC: Stormwater DAVID Contract Attestation - Dated November 13, 2023 - mediumpolicyBCC · FY 2023
Monthly monitoring reports incomplete and lacking required approval signatures
The DAVID SOP required the POC to conduct monthly monitoring of all authorized users, complete Monthly Monitoring Reports, and submit them to the Public Works Assistant Director for review, approval, and digital signature. The Monthly Monitoring Reports provided for the audit period were incomplete, inaccurate, and lacked the required digital signature of the Public Works Assistant Director.
in: BCC: Stormwater DAVID Contract Attestation - Dated November 13, 2023 - mediumdata accessBCC · FY 2023
Four unauthorized employees had access to restricted DAVID file folder
Citations, DAVID policies and procedures, and DAVID monitoring reports were stored in a restricted file folder accessible only to authorized personnel. The IG verified four unauthorized employees had access to the restricted file folder. After the IG brought this to the POC's attention, access was immediately requested to be removed for these individuals.
in: BCC: Stormwater DAVID Contract Attestation - Dated November 13, 2023 - mediumevidenceCCC · FY 2023
Biohazard Evidence Not Properly Labeled or Segregated
On March 3, 2022, the IG observed two biohazard evidence items in the RSJC Courthouse Evidence Vault without biohazard stickers affixed to the evidence envelopes or the evidence box. The Courtroom Clerk was unaware the items were biohazard. The Evidence Procedure Manual required biohazard materials to be labeled with biohazard stickers and segregated from other evidence. The stickers were affixed in the presence of the IG.
in: CCC: Evidence Final Report - Dated December 8, 2023 - mediumevidenceCCC · FY 2023
Teammates Not Wearing Gloves When Handling Biohazard Evidence
On March 7, 2022, during evidence testing at the East Pasco Records Center, the IG observed that teammates did not always wear gloves when handling biohazard evidence. The Evidence Procedure Manual required gloves to be worn at all times when handling biohazard materials.
in: CCC: Evidence Final Report - Dated December 8, 2023 - mediumevidenceCCC · FY 2023
Dual Control Not Followed When Transferring Evidence at Records Center
On March 9, 2022, the IG observed an evidence transfer at the West Pasco Records Center where evidence was placed on a teammate's desk for processing rather than immediately secured, and a second teammate did not participate in moving the home location, completing the evidence log, or physically moving evidence to its storage location. The Evidence Procedure Manual required evidence to be immediately placed in the Evidence Room or Vault and entered on the Monthly Evidence Log under dual control.
in: CCC: Evidence Final Report - Dated December 8, 2023 - mediumevidenceCCC · FY 2023
Weekly Evidence Audits Not Properly Documented and Evidence Not Checked Out in TrakMan
On March 4, 2022, the IG observed the weekly audit of the RSJC Courthouse Evidence Vault and found teammates initialed but did not date the audit report, contrary to procedure. On March 11, 2022, the IG observed that evidence removed from the WPJC vault for trial by a Courtroom Clerk was not checked out in TrakMan, though it was noted in the paper evidence log. Both conditions represent noncompliance with the Evidence Audit Procedure and Evidence Procedure Manual.
in: CCC: Evidence Final Report - Dated December 8, 2023 - mediumevidenceCCC · FY 2023
Monthly Evidence Inventory Audits Not Performed for Three Months
The Evidence Procedure Manual required Records to perform monthly inventory audits comparing new evidence items to evidence logbooks and transfer sheets. On April 7, 2022, the IG observed the monthly audit at the West Pasco Records Center and found that monthly audits were not documented for a three-month period (November 2021 through January 2022).
in: CCC: Evidence Final Report - Dated December 8, 2023 - mediumpolicyCCC · FY 2023
Certificates of Receipt for Evidence Procedure Manual Not Maintained
The Evidence Procedure Manual required teammates to sign and date a Certificate of Receipt confirming they received and read the manual. Signed Certificates of Receipt were not maintained for Civil and Criminal teammates who handled evidence and had access to Courthouse Evidence Vaults.
in: CCC: Evidence Final Report - Dated December 8, 2023 - mediumevidenceCCC · FY 2023
No Formal Policy for Monitoring Status of Checked-Out Evidence
Written policies and procedures did not include requirements for monitoring evidence checked out to other agencies. While Records did use TrakMan's Active Items Report and send follow-up emails, the IG identified three items checked out between 2008 and 2009 from Records without documented follow-up. The absence of a documented monitoring process increases the risk that checked-out evidence is not returned in a timely manner.
in: CCC: Evidence Final Report - Dated December 8, 2023 - mediumevidenceCCC · FY 2023
Inconsistent Practices and No Policy for Storing Perishable Evidence
The Evidence Procedure Manual did not provide guidance for storing perishable evidence, and only the WPJC Courthouse Evidence Vault had a refrigerator and freezer. Inconsistent practices were observed: at RSJC, evidence with a 'refrigerate' sticker was not refrigerated because court did not instruct refrigeration; at WPJC, any evidence with a 'refrigerate' sticker was placed in the refrigerator; and at EPRC, biohazard evidence with a 'refrigerate' sticker was stored on a shelf unrefrigerated. IAPE best practices require dedicated refrigeration equipment with alarm systems.
in: CCC: Evidence Final Report - Dated December 8, 2023 - mediumevidenceCCC · FY 2023
TrakMan Data Inaccuracies in Location, Description, and Marked Dates
Testing of 'available' evidence items revealed that 10 items had marked dates or descriptions that did not agree with TrakMan data, one item (a photo associated with a felony case) could not be located at all, and one package of sensitive evidence containing cash had a loose seal. The IG and an Operations Supervisor counted the cash, verified the full amount was present, and resealed the evidence on March 24, 2022. No formal procedures existed for addressing evidence that cannot be located or for inspecting sensitive evidence packaging during inventories.
in: CCC: Evidence Final Report - Dated December 8, 2023 - mediumdata accessCCC · FY 2023
Key and Combination Access to Evidence Vaults Not Properly Documented
The Key/Combination Request & Issuance Form used to document issuance of vault keys and combinations was not always maintained, complete, or updated. For 6 of 13 Records teammates with vault access, forms were missing required signatures, did not clearly identify the specific access location, were not on file, or were not updated. Form language was also too vague to clearly identify which specific location access was authorized for.
in: CCC: Evidence Final Report - Dated December 8, 2023 - mediumevidenceCCC · FY 2023
Gaps and Deficiencies in Weekly and Monthly Evidence Audit Procedures
The IG identified several deficiencies in evidence audit procedures: two RSJC vault locations were excluded from the weekly audit evidence report selection criteria; the freezer and refrigerator were not inspected during weekly audits to verify proper operation; monthly audit procedures lacked detailed guidance for sample selection; Evidence Inventory Reports were not required to be initialed and dated by performing teammates; and audit documentation was not required to be retained, resulting in EPRC audit records being unavailable for inspection.
in: CCC: Evidence Final Report - Dated December 8, 2023 - mediumevidenceCCC · FY 2023
No Deletion Approval Procedures in TrakMan for Records Teammates
The Evidence Procedure Manual addressed deletion approval requirements for Civil and Criminal teammates but contained no such directives for Records teammates. During the audit period, Records teammates performed 169 evidence deletions in TrakMan without a formal documented approval process. The absence of approval requirements for Records reduces management oversight and increases the risk of unauthorized deletions.
in: CCC: Evidence Final Report - Dated December 8, 2023 - mediumpolicyCCC · FY 2023
Inconsistent Requirements for Evidence Procedure Manual Acknowledgment Receipts
The Evidence Procedure Manual required teammates to sign a Certificate of Receipt confirming they received and read the manual. Management responses revealed confusion across departments about which teammates were required to complete and submit the certificate. This inconsistency undermines the purpose of the acknowledgment as a compliance tool and creates gaps in documented evidence-procedure awareness.
in: CCC: Evidence Final Report - Dated December 8, 2023 - mediumpolicyCCC · FY 2022
DAVID Users Not Conducting Searches Per Policies and Procedures
Six of the 12 (50%) Criminal Courts DAVID users were consistently using incorrect purpose codes for their DAVID searches and/or were not including a case/citation number in their search during the audit period February 1, 2021 through February 1, 2022. Additionally, there were several instances where impound searches were conducted on names rather than plate numbers, contrary to the CR-CC066 procedure which required use of the '020 – Other' code, inclusion of the case/citation number, and plate-based impound searches.
in: CCC: DAVID Attestation-Admin - Dated July 12, 2022 - mediumdata accessCCC · FY 2022
One DAVID User Not Deactivated Within MOU Required Timeframe
Of nine DAVID users deactivated during the audit period, one employee's access was disabled 21 working days after reassignment to a position not requiring DAVID access, well beyond the MOU-required five working days. The IG verified the user did not conduct any DAVID searches after reassignment, limiting the actual risk exposure.
in: CCC: DAVID Attestation-Admin - Dated July 12, 2022 - mediumpolicyCCC · FY 2022
Internal Policies Did Not Fully Address All MOU Requirements
The documented policies and procedures for the DAVID system did not fully address all requirements from Sections IV(B), V, and VI of the MOU (HSMV-0615-19). Criminal Courts procedures failed to address 14 of the 24 applicable MOU requirements, and IT procedures failed to address 13 of the 24 requirements, leaving significant gaps in the internal control framework relative to the MOU's obligations.
in: CCC: DAVID Attestation-Admin - Dated July 12, 2022 - mediumpolicyCCC · FY 2022
Quarterly Reviews Did Not Flag Improper Purpose Codes or Missing Citation Numbers
The procedures for conducting quarterly Quality Control Reviews did not specify what steps the POC should take upon identifying incorrect purpose codes or missing case/citation numbers. As a result, 72 of 95 (76%) DAVID searches reviewed in the 2021 Quarterly Quality Control Reviews did not use the '020 – Other' purpose code and/or lacked a case/citation number, yet management was never notified and no corrective action was taken.
in: CCC: DAVID Attestation-Admin - Dated July 12, 2022 - mediumdata accessCCC · FY 2022
Inadequate Segregation of Duties for Monitoring POC Activity in DAVID
The IT Point of Contact responsible for conducting and signing off on the DAVID Quarterly Quality Control Reviews was also included in the randomly sampled users for the 2021 Q3 and Q4 reviews, meaning the POC reviewed their own activity. Additionally, the alternate POC was included in the Q4 random sample. This lack of segregation of duties created a risk that POC activity would not receive independent review.
in: CCC: DAVID Attestation-Admin - Dated July 12, 2022 - mediumcash handlingBCC · FY 2022
Change fund stored off-site at wrong location for months
A change fund (CF-75) was established on 4/8/2022 for the Dade City Armory, but on 6/17/2022 the IG found the uncashed fund check (dated 5/3/2022) sitting in the safe at Wesley Chapel District Park rather than at its assigned location. The fund check was not cashed until 6/22/2022 — 50 days after issuance — and the IG's three subsequent attempts to observe the fund at the Armory (6/22, 7/14, and 8/9/2022) all found it absent because the point-of-sale system lacked sufficient Wi-Fi connectivity to process transactions. Management was unaware the fund was not in use at the Armory.
in: BCC: Unannounced Cash Counts – Dated December 13, 2022 - mediumpolicyBCC · FY 2022
Extended cycle count process not documented in SOPs
The existing Inventory Cycle Counts Procedures did not document the extended cycle count process performed on items with no usage. Management generated a turnover report near fiscal year-end (around August) to ensure all inventory items were counted, but this process lacked any written documentation. Undocumented procedures undermine consistency, training, and continuity of operations.
in: BCC: Utilities Warehouse Inventories Follow-up – Dated December 13, 2022 - mediumdata accessBCC · FY 2022
EAM system glitch added phantom inventory items to wrong warehouses
During the audit at Shady Hills Warehouse, one item (#2083Y) appeared on count sheets without a valid bin location and did not physically exist at that location. A system glitch caused the item, newly added to Embassy Warehouse, to be automatically propagated to Shady Hills (with '*' bin) and Wesley Center (with 'PR' bin), creating inaccurate inventory records and count sheets.
in: BCC: Utilities Warehouse Inventories Follow-up – Dated December 13, 2022 - mediumevidenceBCC · FY 2022
IG identified two of three Embassy Warehouse year-end count discrepancies
For two items in the IG's test sample at Embassy Warehouse (item #19038 clear plastic safety glasses and item #400057 valve tapping cast iron 6"), the IG's physical count did not agree with the warehouse team's count or the system count. Upon recount with the lead inventory specialist, the IG's counts were confirmed correct, requiring adjustments. This issue was also raised in the prior FYE 2018 audit, though discrepancies had significantly decreased.
in: BCC: Utilities Warehouse Inventories Follow-up – Dated December 13, 2022 - mediumdata accessBCC · FY 2022
Inventory system reflected incorrect bin locations for multiple items
Of the 103 items tested at Embassy Warehouse, five items (5%) — #22003, #07007M, #82048, #500586, and #230112 — were located in a different area than reflected in the EAM system or could not be identified. Management stated the inventory had been reorganized due to spacing issues, but the system was not updated at the time of the audit, compromising the reliability of inventory records.
in: BCC: Utilities Warehouse Inventories Follow-up – Dated December 13, 2022 - mediumcash handlingCCC · FY 2021
Change fund left unsecured during business hours at Court Records
The change fund at Court Records in Dade City was not secured at the time of the audit on November 23, 2020. The fund was maintained in two unlocked cash bags on a shelf underneath the cash register drawers. No documented policy or procedure governing the security of cash funds during business hours existed at the time of the audit.
in: CCC: Unannounced Cash Count – Dated January 9, 2021 - mediumcash handlingBCC · FY 2021
Safe left unsecured and unattended at Hudson Regional Library
On January 29, 2021, auditors found the safe at Hudson Regional Library open and unattended, with the change fund drawer inside unsecured. Administrative Directive #45 requires safes to be locked immediately after use and never left unlocked. The error was discovered by auditors and immediately corrected by the manager on duty.
in: BCC: Unannounced Cash Count – Public Services and County Attorney – Dated May 18, 2021 - mediumcash handlingBCC · FY 2021
Daily cash collections and unsealed deposit stored unsecured at Veterans Memorial Park
During the January 29, 2021 unannounced cash count at Veterans Memorial Park, auditors found that day's cash collections and an unsealed deposit from the prior day were stored in an unlocked cabinet drawer inside an unlocked office. This violated the requirement to secure all cash and checks in a locked safe, filing cabinet, or cash box at all times.
in: BCC: Unannounced Cash Count – Public Services and County Attorney – Dated May 18, 2021 - mediumpolicyCCC · FY 2021
Civil Marchman Act filing type assigned incorrect public privacy level
A Civil filing type 'Invol Asm Stab' associated with Marchman Act cases was assigned a public privacy level in Clericus, when AO2017-064 required Marchman Act case files and dockets to be sealed. This was discovered in one of 96 test samples with a pending redaction status. Management responded immediately and corrected the privacy level prior to report publication.
in: CCC: 2020-09 Docket & Image Privacy – Dated August 4, 2021 - mediumpolicyCCC · FY 2021
Comprehensive list of Civil List of 23 docket codes did not exist
A comprehensive list of Civil docket codes related to the List of 23 did not exist prior to the audit. When requested, the list was not provided timely and required multiple revisions for completeness. Rule 2.420(d) requires the Clerk to designate and maintain confidentiality of court record information.
in: CCC: 2020-09 Docket & Image Privacy – Dated August 4, 2021 - mediumpolicyCCC · FY 2021
No Civil docket code exists for Child Abuse and Sexual Offences category
No Civil docket code existed for records associated with item #13 (Child Abuse and Sexual Offences) on the List of 23. Civil used a specific case type for sexual violence protective injunctions and teammates manually marked documents as confidential, increasing the risk of confidential documents being made publicly available due to human error.
in: CCC: 2020-09 Docket & Image Privacy – Dated August 4, 2021 - mediumdata accessCCC · FY 2021
Civil image privacy levels inconsistent with assigned case privacy levels
For six Civil docket codes, image privacy levels did not agree with or were less restricted than the assigned case privacy levels in Clericus. Examples included image privacy changed from Public to Confidential for codes 899 and 7163, and changes from Confidential to OnDemand for codes 1517, 3401, 4623, and 8000. The IG verified all six were corrected during the audit.
in: CCC: 2020-09 Docket & Image Privacy – Dated August 4, 2021 - mediumdata accessCCC · FY 2021
Privacy levels incorrect for multiple Civil images tested
Privacy levels were incorrect for several Civil images tested, including two sealed cases with images at OnDemand and dockets at public levels, adoption case images with inconsistent confidential vs. sealed levels, 19 images for domestic violence and stalking petitions incorrectly assigned public privacy, and one image confidential instead of sealed due to a FACTS-to-Clericus conversion issue. No periodic review process existed for image privacy level compliance.
in: CCC: 2020-09 Docket & Image Privacy – Dated August 4, 2021 - mediumpolicyCCC · FY 2021
Civil online docket descriptions contained more detail than basic description
For 130 (26%) of 495 Civil images tested, the online docket description included more information than the basic docket description in Clericus. Of those 130, 42 (32%) were sealed images. This occurred because legacy FACTS procedures instructed teammates to enter detailed descriptions, and those entries were not reviewed when Clericus was implemented.
in: CCC: 2020-09 Docket & Image Privacy – Dated August 4, 2021 - mediumpersonnelCCC · FY 2021
Civil lacked formal documented training program for confidentiality
At the time of the audit, Civil did not have a finalized formal training program for teammates learning how to maintain the confidentiality of cases, records, and dockets. A formalized program is essential to ensure consistent policy compliance and to measure teammate comprehension through goals and benchmarks.
in: CCC: 2020-09 Docket & Image Privacy – Dated August 4, 2021 - mediumpolicyCCC · FY 2021
Comprehensive list of Criminal List of 23 docket codes did not exist
A comprehensive list of Criminal docket codes related to the List of 23 did not exist prior to the audit. The list required four revisions for completeness and was not provided timely. Additionally, Grand Jury indictment codes (INDT and INDC) were mistakenly removed from the list, and some codes were shared between confidential and non-confidential documents, increasing the risk of inadvertent public disclosure.
in: CCC: 2020-09 Docket & Image Privacy – Dated August 4, 2021 - mediumpolicyCCC · FY 2021
Criminal compensating internal controls for privacy misalignments not documented
For 60 Criminal images tested, case privacy levels were confidential while image and docket privacies were OnDemand and Public respectively. Compensating controls existed (IT security matrix, View on Request process, teammate training, and case-level sealing/expungement) but none were documented in written policies and procedures.
in: CCC: 2020-09 Docket & Image Privacy – Dated August 4, 2021 - mediumpersonnelCCC · FY 2021
Criminal lacked formal documented confidentiality training program
At the time of the audit, Criminal did not have a formal, documented training program for new teammates learning how to maintain the confidentiality of cases, records, and dockets. Without a formalized program, there was no structured mechanism to measure goals and benchmarks for teammate comprehension.
in: CCC: 2020-09 Docket & Image Privacy – Dated August 4, 2021 - mediumpersonnelCCC · FY 2021
Records lacked formal documented training program for court record confidentiality
At the time of the audit, Records did not have a formal, documented training program in place for teammates learning how to maintain the confidentiality of court records. Without a formalized program, there was no structured approach to ensure consistent policy compliance or to measure teammate progress.
in: CCC: 2020-09 Docket & Image Privacy – Dated August 4, 2021 - mediumpolicyCCC · FY 2021
Records training materials and policies insufficient for effective teammate performance
Existing Records training materials (Redaction and Confidentiality Guide, Scenario Questions, PowerPoint Presentation, and Redaction Validation procedure) contained limited guidance and did not address all key controls and procedures. Deficiencies included: insufficient Florida Statute guidance, missing instructions for envelope placement, no explanation of Parties to a case, limited escalation guidance, no glossary, undocumented queue authorization levels, and no secondary review required for Courts 23 rule changes in Dr. Watson.
in: CCC: 2020-09 Docket & Image Privacy – Dated August 4, 2021 - mediumotherBCC · FY 2021
EAM System Glitch Added Non-Existent Items to Inventory
During the audit at Shady Hills Warehouse, one item (#2083Y) appeared on count sheets with no specific bin location and did not physically exist. A system glitch caused the item — recently added to Embassy Warehouse — to be automatically added to Shady Hills (with '*' bin location) and Wesley Center (with 'PR' bin location), generating inaccurate count sheets. This undermined the reliability of inventory records.
in: BCC: Utilities Warehouse Inventories – Dated December 20, 2021 - mediumotherBCC · FY 2021
IG Identified Two of Three Embassy Warehouse Year-End Adjustments
For two items at the Embassy Warehouse (item #19038 and #400057), the IG's physical count differed from both the warehouse team's count and the system count. Upon recount with the lead inventory specialist, the IG's count was determined to be correct and adjustments were required. This indicates blind count procedures were not fully effective. The issue was also noted in the prior FYE 2018 audit, though the number of discrepancies has significantly decreased.
in: BCC: Utilities Warehouse Inventories – Dated December 20, 2021 - mediumpolicyBCC · FY 2021
Bin Location Changes Allow Undetected Inventory Misappropriation Risk
For two items (#31251 and #2424C) at Embassy Warehouse, bin locations were changed to 'as needed' prior to year-end, excluding them from inventory count sheets. Lead inventory specialists made these decisions without required management approval, and changes were not tracked or monitored. This creates a risk that County assets could be mismanaged or misappropriated without detection.
in: BCC: Utilities Warehouse Inventories – Dated December 20, 2021 - mediumdata accessBCC · FY 2020
DAVID workstation not secure from unauthorized access or view
The cubicle used to access the DAVID system was not secure from unauthorized view and access. Other Stormwater Inspectors who were not authorized DAVID users shared the cubicle workspace, and the cubicle had no door. DAVID users stated they attempted to access the system only when unauthorized inspectors were absent, but this was not a reliable control. This arrangement violated MOU Section V, Subsection G, which required DAVID information to be protected from unauthorized persons viewing, retrieving, or printing it.
in: BCC: Stormwater DAVID Contract Attestation – Date March 24, 2020 - mediumpolicyBCC · FY 2020
Authorization and Acknowledgement Forms not maintained or current
Completed Access Authorization Request and Acknowledgement of Penalties for Misuse forms were not current and could not be located. Original forms from 2016 were missing and had to be re-executed on November 18, 2019. Acknowledgement of Penalties for Misuse forms dated May 28, 2017 lacked supervisor signatures, a deficiency previously identified in audit #2016-05. Additionally, the acknowledgment form for the Auditor III who was granted DAVID access was not on file with the Division.
in: BCC: Stormwater DAVID Contract Attestation – Date March 24, 2020 - mediumdata accessBCC · FY 2020
Review of POC DAVID activity not independent or documented
The Assistant Director of Public Works stated he conducted monthly reviews of the Point of Contact's (POC) DAVID activity, but these reviews were not documented. Furthermore, the user activity reports reviewed were generated by the POC from the DAVID system, meaning the review was not independent. As a result, the IG could not verify that reviews were actually performed or that the information was complete and accurate.
in: BCC: Stormwater DAVID Contract Attestation – Date March 24, 2020 - mediumpolicyBCC · FY 2020
DAVID Access Standard Operating Procedures not up-to-date
The DAVID Access SOPs had not been updated since April 20, 2016, and contained numerous deficiencies across multiple areas: incorrect titles for responsible personnel; missing requirements for authorization forms; outdated or absent procedures for user activation, deactivation, and monitoring; SOP attachments with incorrect information or no longer in use; procedures that did not match actual operating practices; missing guidance for securely inputting DAVID data into citations and storing documentation; and absence of MOU-required misuse reporting details and agency head certification requirements.
in: BCC: Stormwater DAVID Contract Attestation – Date March 24, 2020 - mediumpolicyBCC · FY 2020
FLHSMV not timely notified of agency head change
The FLHSMV was not notified of the change of agency head within the required 10 calendar days as mandated by MOU Section IV, Statement of Work, Subsection B(10). The former County Administrator retired and was replaced on May 1, 2017, but the FLHSMV was not notified until February 26, 2019 — nearly two years after the change occurred.
in: BCC: Stormwater DAVID Contract Attestation – Date March 24, 2020 - mediumcash handlingBCC · FY 2020
Animal Services checks not endorsed per Administrative Directive 25
On January 30, 2020, at the Animal Services Administration Building, 14 receipted checks were found not endorsed in accordance with Administrative Directive #25. The directive requires all checks to be immediately endorsed for 'deposit only,' depicting the Board of County Commissioners and the bank account for deposit. The checks lacked the required restrictive endorsement at the time of the audit.
in: BCC: Change and Petty Cash Fund Audit – Dated June 2, 2020 - mediumcash handlingBCC · FY 2020
Change fund at J. Ben Harrill Recreation Complex left unsecured
On January 30, 2020, the change fund at J. Ben Harrill Recreation Complex was found maintained in an unlocked cash box, which was stored in an unlocked file cabinet in an unlocked back office. Administrative Directive #45 requires security safes to be locked at all times and personnel to close and lock the safe immediately before leaving the area. No recommendation was provided for compliance findings.
in: BCC: Change and Petty Cash Fund Audit – Dated June 2, 2020 - mediumcash handlingBCC · FY 2020
South Holiday Library failed to report cash drawer overage
During the January 30, 2020 audit, a cash drawer at South Holiday Library was found to be over by $0.10, confirmed and signed off by both the lead auditor and branch manager. However, the overage was not reported on the end-of-day 'Library Services Cash Receipts Summary' provided to General Ledger. This is a recurring issue, as a prior audit (#2019-01) also documented an unreported shortage at the same branch.
in: BCC: Change and Petty Cash Fund Audit – Dated June 2, 2020 - mediumpolicyCCC · FY 2020
Staff noncompliance with deposit will intake procedures identified
At the Dade City location, intake clerks entered each decedent as a new person in the system rather than updating matching existing records with the date of death as required by the Deposit Will procedure. At the New Port Richey location, if a CP (probate) case for the decedent already existed, clerks placed the will directly into that case instead of creating a separate DW case as required. Both practices deviated from the documented intake procedure.
in: CCC: 2020-05 Deposit Will Audit – Dated September 17, 2020 - mediumpolicyCCC · FY 2020
Policies and procedures incomplete and missing key process steps
The existing policies and procedures for deposit will intake, verification, and probating processes contained limited guidance and did not reflect numerous key steps observed and described by the Probate team. Missing documentation spanned the intake stage (e.g., verifying will originality, handling mailed wills lacking required information), the docketing stage (e.g., who is responsible for scanning, combining pages, checking in images), the verification stage (e.g., envelope labeling, barcode affixing, error discussion with intake clerk), and the post-deposit will process (e.g., associating DW and CP cases, recording with Official Records, handling ancillary documents). Without comprehensive procedures, consistent and correct handling of wills across teammates and locations could not be assured.
in: CCC: 2020-05 Deposit Will Audit – Dated September 17, 2020 - mediumpolicyCCC · FY 2020
Processing inconsistencies identified between Dade City and New Port Richey locations
Multiple operational inconsistencies were found between the two Probate locations. For wills received by mail without required information, Dade City returned the will to the sender while New Port Richey held it in a department safe. For verification documentation, Dade City used docket code 1567 in Clericus while New Port Richey did not use any docket code. Dade City imposed a 24-hour wait before verification while New Port Richey had no such waiting requirement. For case linking, Dade City linked caveat or trust-related case numbers while New Port Richey linked only the DW case to the new CP case. For will transfers, Dade City saved and uploaded a PDF to the File and Serve system while New Port Richey uploaded the image directly from the DW case to the CP case in Clericus.
in: CCC: 2020-05 Deposit Will Audit – Dated September 17, 2020 - lowother$9,265BCC · FY 2025
Billing Calculation Errors Linked to Meter Endpoint Change-Outs
During testing of all November 2023 billing cycles across 142,843 accounts, 33 accounts (0.02%) were found to have incorrectly calculated utility bills attributable to meter/endpoint change-outs. This resulted in 28 accounts being underbilled by a total of $141.60 and 5 accounts overbilled by $4.32. Separately, 7 accounts had corrections and rebills from prior months due to incorrect service bill codes (not incorrect rate implementation), resulting in overcharges totaling $9,265.54 that were credited back to customers in the November 2023 cycle. Existing monitoring procedures were insufficient to proactively detect these billing irregularities before bills were issued.
in: BCC Utilities Rates - Dated May 30, 2025 - lowpolicy$23BCC · FY 2020
Unsigned credit card receipt found at Land O' Lakes Library
On January 29, 2020, an unsigned credit card receipt in the amount of $22.75, dated January 10, was found stored in the safe at the Land O' Lakes Library. Branch staff were unaware of procedures for handling unsigned receipts. The credit card charge had been included in a deposit submitted to Financial Services, and management was attempting to contact the cardholder.
in: BCC: Change and Petty Cash Fund Audit – Dated June 2, 2020 - lowcash handling$2CCC · FY 2021
Change drawer overage and inaccurate overage/shortage forms
One change drawer at Traffic in New Port Richey was over by $2 at the time of the audit on November 19, 2020. A clerk had borrowed $2 from another clerk the previous day to make change rather than using the designated $700 change fund kept in the safe. While the overage was reported to Finance at end of day and a corresponding shortage was reported the prior day, the explanations on both Overage/Shortage Forms were documented incorrectly.
in: CCC: Unannounced Cash Count – Dated January 9, 2021 - lowpolicyBCC · FY 2024
P-Card Policies and Procedures Not Fully Formalized
Although the BCC had adequate P-Card policies and procedures in place, not all procedures were incorporated into the formal P-Card Policy document. Specifically, procedures related to the timeline for when P-Cards are suspended and the reactivation process were absent from the written policy. The lack of a single complete document increases the risk that personnel may not follow or consistently apply all required procedures.
in: BCC: Purchasing Card Transactions - Dated November 25, 2024 - lowcash handlingCCC · FY 2025
No policy for verifying bank coin orders or resolving shortages
A $0.04 shortage was found in one change fund drawer, originating from an unverified coin roll received from the bank in October 2023, nine months before the audit. Finance instructed the unit to maintain the fund at the lower balance rather than seek reimbursement, resulting in a persistent variance between the accounting system and the verified fund total. No formal officewide policy existed governing verification of bank orders or handling overages and shortages.
in: CCC: Unannounced Cash Verification - Dated May 5, 2025 - lowpolicyCCC · FY 2025
No lost and found procedures for valuable or sensitive items
On July 15, 2024, the IG found a debit card stored in a safe that a citizen had left at a service window in October 2023—approximately nine months prior. The Operations Supervisor was uncertain of the process for returning such items. The card was returned to the issuing bank the same day the IG identified it. No officewide policy existed for receiving, storing, documenting, and returning lost valuable or sensitive items.
in: CCC: Unannounced Cash Verification - Dated May 5, 2025 - lowcash handlingCCC · FY 2025
Change fund bag used by wrong division
On July 23, 2024, the IG observed a Circuit Civil teammate using a change fund bag assigned to the Civil Family Division. The Civil Family and Circuit Civil Divisions each maintained separate change funds. No officewide written policy existed for documenting, assigning, and distributing change funds for daily cashiering.
in: CCC: Unannounced Cash Verification - Dated May 5, 2025 - lowpolicyCCC · FY 2025
Cashiers not notified when supervisors process transaction voids
A void appeared on one drawer's Daily Receipt Recap Details report, but the cashier had no documentation and was unaware of it. Only leads and supervisors can process voids in the cashiering system; the Operations Lead voided a transaction identified during quality review without informing the cashier. No officewide policy addressed communication of voids to affected cashiers.
in: CCC: Unannounced Cash Verification - Dated May 5, 2025 - lowpolicyCCC · FY 2025
No document version control process for control form templates
The Division Change Fund Control Form on file for one division was a different version than the one published on Office Net at the time of audit, making it unclear which version was correct. No formal version control process existed to track and manage revisions to change fund control forms.
in: CCC: Unannounced Cash Verification - Dated May 5, 2025 - lowpolicyCCC · FY 2025
Inconsistent signature formats on change fund control forms
Signature formats on Custodian/Cashier Change Fund Control Forms were not consistent; some had wet signatures, others had digital signatures, and others had only typed names on signature lines. No officewide policy specified acceptable signature types for control forms.
in: CCC: Unannounced Cash Verification - Dated May 5, 2025 - lowpolicyCCC · FY 2025
Control forms signed without proper delegation of authority
Control forms did not consistently reflect proper delegation of authority: leads signed for supervisors and managers, assistant directors signed for directors, and in one instance the Operations Supervisor signed on behalf of the cashier/custodian. No formal signature delegation process existed for change fund control forms.
in: CCC: Unannounced Cash Verification - Dated May 5, 2025 - lowdata accessBCC · FY 2025
Fourteen Inactive Billing Codes Remain Active in Billing System
During review of the FY2024 and FY2025 utility rate charts, 14 billing codes that were no longer in use were found to still be active in the utility billing system. Of 318 billing codes in FY2024, 304 agreed to BCC-approved rates and 14 were inactive but enabled; the same 14 codes persisted in the FY2025 chart of 329 codes. Active inactive codes pose a risk of accidental use that could result in inaccurate customer billings.
in: BCC Utilities Rates - Dated May 30, 2025 - lowpolicyCCC · FY 2025
DAVID Searches Missing Required Reason Codes
The DAVID Quarterly Audit Guideline requires a reason code to be entered for every search performed. Of 67 DAVID searches reviewed during testing, four searches by one user included a case or citation number but lacked a required reason code. The auditor confirmed all four searches were for valid business purposes.
in: CCC: DAVID Attestation- Dated July 28, 2025 - lowpolicyCCC · FY 2025
DAVID Access Authorization Request Form Lists Incorrect Department
One DAVID Access Authorization Request Form on file was not updated to reflect the teammate's correct department, representing an inaccuracy in the official access control documentation maintained by the Office.
in: CCC: DAVID Attestation- Dated July 28, 2025 - lowpolicyCCC · FY 2025
Fragmented DAVID Guidance and Lack of Policy Management Software
Criminal and IT departments maintained independent versions of DAVID audit procedures; Criminal's older documents were confirmed obsolete but some Criminal users remained unaware of current documented procedures. Updates to DAVID procedures were communicated informally through Criminal Department Bulletins (CDBs) rather than being promptly reflected in formal procedure documents.
in: CCC: DAVID Attestation- Dated July 28, 2025 - lowpolicyCCC · FY 2024
Inconsistent documentation of custody for assigned change funds
Practices for documenting custody of assigned change funds were inconsistent across divisions. One change fund had multiple Division Change Fund Control Forms bearing the same date but signed by different individuals as supervisor/designee. In another instance, a supervisor signed both the Division Change Fund Control Form and the Custodian/Cashier Change Fund Control Form as custodian/cashier and supervisor/designee for a fund split among six cashier drawers and two cash boxes, without obtaining signatures from the individual cashiers, undermining individual accountability. Additionally, the distribution totals on Custodian/Cashier Change Fund Control Forms did not always agree with the corresponding Division Change Fund Control Form.
in: CCC: Unannounced Cash Verification - Dated May 14, 2024 - lowcash handlingBCC · FY 2024
Cash Overage Inaccurately Reported on Daily Closeout Documentation
During the unannounced count on April 23, 2024, the IG identified a cash overage in change fund CF-82 at the Wiregrass Ranch Sports Complex. The overage amount reported on the department's daily closeout documentation did not agree with the overage amount identified by the IG, indicating a deficiency in the process for reporting and recording cash overages and shortages. The discrepancy was immaterial in dollar terms but reflects a weakness in daily cash accounting controls.
in: BCC: Unannounced Cash Verification - Dated June 25, 2024 - lowpolicyBCC · FY 2024
Outdated Control Form Used; Updated Form Not Filed with General Ledger
When a change fund was reopened, an outdated version of the BCC Change Fund Control Form was used instead of the current March 2023 revision. As a result, the updated control form was not on file with the Financial Services General Ledger Division. The department indicated it was unaware that a revised form had been issued, as the updated version had not been distributed to BCC Fiscal Teams or posted to the County intranet.
in: BCC: Unannounced Cash Verification - Dated June 25, 2024 - lowpolicyBCC · FY 2024
Developer Credit Transmittal Summary Checkbox Options Ambiguous
Responses to certain questions on the Developer Credit Transmittal Summary were ambiguous because only Yes or No checkboxes were available. Some answers required a Not Applicable response, which was not an option, causing staff to check No instead, creating potential for misinterpretation of the record.
in: BCC: Developer Credits Policies and Procedures- Dated July 30, 2024 - lowotherBCC · FY 2024
Developer Credit Reconciliation Process Relies on Manual Procedures
The monthly reconciliation of trust account balances between Munis and Accela was largely a manual process with no independent source data for verification. Due to integration limitations between Accela and Munis, trust account activity did not automatically upload into Munis, and Fiscal did not enter journal entries in Munis for trust account adjustments. As a result, General Ledger staff manually maintained trust account balances in Excel spreadsheets outside of Munis and compared them to Fiscal's spreadsheet, creating operational inefficiency and data reliability risk.
in: BCC: Developer Credits Policies and Procedures- Dated July 30, 2024 - lowevidenceCCC · FY 2024
Incorrect images docketed to cases due to auto-docketing error
Two cases had the incorrect image docketed; the CCIS transaction report was docketed as the DL Check. Management attributed this to an auto-docketing error. The incorrect docketing reduces the reliability and accuracy of case records.
in: CCC Driver License Reinstatements - Dated December 27, 2024 - lowcash handlingBCC · FY 2023
Cash bonds not held in separate bank account
All cash bonds on hand were counted on October 3, 2022 and the amounts agreed to ledgers available on the day of the count. However, cash bonds are not held in a separate bank account, so the balance could not be agreed to the trial balance. No significant variance was noted despite this limitation.
in: BCC: Pasco County Jail Transfer – Dated January 20, 2023 - lowcash handlingBCC · FY 2023
Inmate cash account system cannot generate historical reports
The inmate cash account was not included in the trial balance and the system could not generate a historical detail report from a prior date. As a result, the bank reconciliation for the inmate cash account could not be agreed to the trial balance. No significant variance was noted, but verification was limited by the system's reporting capability.
in: BCC: Pasco County Jail Transfer – Dated January 20, 2023 - lowotherBCC · FY 2023
Cash disbursement cut-off testing not completed due to late documentation
Documents needed to perform cash disbursement cut-off testing were requested by December 4, 2022. The County provided the listing of cash disbursements from October 1 through November 15, 2022 on December 8, 2022, after the deadline. As a result, testing to verify proper cut-off was not conducted and was not verified. No significant variance was formally noted.
in: BCC: Pasco County Jail Transfer – Dated January 20, 2023 - lowotherBCC · FY 2023
SEFA not finalized; grant contract number verification not possible
Two active grants transferred to the County related to Jail operations: the Juvenile Assessment Center grant ($279,798.05) and the Promising Re-Entry grant (total budget $25,000, with $4,265.22 allocated as of September 30, 2022). Because the Schedule of Expenditures of Federal Awards (SEFA) was not finalized at the time of testing, verification of contract numbers could not be performed. No significant variance was noted in grant balances.
in: BCC: Pasco County Jail Transfer – Dated January 20, 2023 - lowpolicyCCC · FY 2023
Civil docket code list associated with List of 23 contained non-confidential codes
Of 102 Civil docket codes on the List of 23 reference list, seven (7%) were determined not to be confidential. During the audit, privacy level updates were made in Clericus for five of the seven codes. Codes such as 4142 (Order to Show Cause Guardianship), 8000 (Motion to Determine Confidentiality), 4623 (Notice of Confidential Information), 3401 (Confidential Sealed Order), and 1517 (Confidential Sealed Envelope) were found not to require confidential treatment.
in: CCC Docket Image Privacy Follow-Up - Final Report dated February 14 2023 - lowpolicyCCC · FY 2023
Some Civil docket codes associated with List of 23 were inactive or unused
No documented policy or procedure required periodic review of docket codes. As a result, eight (8%) of the 102 Civil docket codes associated with the List of 23 were active but had either been replaced or not recently used, some not since 2003 or earlier. This created risk of erroneous use of obsolete codes.
in: CCC Docket Image Privacy Follow-Up - Final Report dated February 14 2023 - lowpolicyCCC · FY 2023
Some Criminal docket codes related to List of 23 were unused
No documented policy requiring periodic review of docket code usage existed in Criminal. Three (8%) of 34 Criminal docket codes associated with the List of 23 were active but not frequently or recently used, including codes BEHS (not used since 2017), AFJT, and PCPB (neither used in Clericus or CJIS as of August 19, 2020).
in: CCC Docket Image Privacy Follow-Up - Final Report dated February 14 2023 - lowpolicyCCC · FY 2023
Criminal docket node spreadsheet lacked guidance for docket descriptions
The Criminal docket node spreadsheet did not provide guidance on when to include or exclude additional language in docket descriptions. As a result, docket descriptions for numerous images contained more information than the basic docket description. Policies and procedures related to the docket code review process were also not documented.
in: CCC Docket Image Privacy Follow-Up - Final Report dated February 14 2023 - lowevidenceCCC · FY 2023
One Criminal image of 361 tested was docketed incorrectly
One Criminal image was a Return of Service but was docketed with code NOFI (Notice of Filing) because the portal filer selected an incorrect docket code and the teammate did not correct it. The image description on the document and the docket description did not agree.
in: CCC Docket Image Privacy Follow-Up - Final Report dated February 14 2023 - lowpolicyCCC · FY 2023
Records redaction and confidentiality scenario answer key lacked adequate detail
The existing scenario question answer key provided limited explanations for correct answers. Specific issues included: scenario 15.2 referencing confidentiality when statute required sealing; scenario 23 lacking guidance on why tattoo descriptions did not apply to defendants; scenario 39 being unclear that customers may only view redacted documents; and the number of legal authorities per scenario being unclear from the outset of the document.
in: CCC Docket Image Privacy Follow-Up - Final Report dated February 14 2023 - lowpolicyCCC · FY 2023
Records scenario questions provided limited guidance to Civil and Criminal teammates
The redaction and confidentiality scenario questions were designed for the Records department but were intended to be distributed to Civil and Criminal teammates as well. Of the scenario questions, only two (numbers 13 and 41) were related to Criminal and Civil Courts, providing insufficient department-specific training guidance.
in: CCC Docket Image Privacy Follow-Up - Final Report dated February 14 2023 - lowdata accessCCC · FY 2023
Civil defendant incorrectly flagged as juvenile in Clericus
For one Civil image tested, the defendant/relevant party was not reflected on the Online Court Records Search because they were incorrectly marked as juvenile in Clericus. However, the party was born in 1965 and was not a juvenile. Management corrected the issue during the audit and the party's name was made available online.
in: CCC Docket Image Privacy Follow-Up - Final Report dated February 14 2023 - lowpolicyCCC · FY 2023
No policies existed for court documents written in foreign languages
No documented policies or procedures existed in Civil, Criminal, or Records for handling court documents written in a foreign language. During testing, one OnDemand image contained a plea form written in Spanish with an accompanying English translation, but there was limited documented guidance for teammates handling such documents to ensure confidential information was properly protected.
in: CCC Docket Image Privacy Follow-Up - Final Report dated February 14 2023 - lowevidenceCCC · FY 2023
Safe contained spare keys and evidence vault combinations unknown to management
During an unannounced cash count on 6/9/2022, the IG observed the contents of the safe at Dade City Official Records and found several spare/copy keys for other departments and a folder containing combinations for both evidence vaults. A Records Division Operations Supervisor stated on 6/28/2022 that they were unaware these items were stored in the safe. The HR Director also confirmed HR was unaware, and while HR tracked to whom combinations were distributed, it could not track where they were stored thereafter. The Records Assistant Director later advised on 12/5/2022 that the vault codes found were obsolete.
in: CCC: Unannounced Cash Counts - Dated February 28, 2023 - lowcash handlingBCC · FY 2023
Staff failed to request auditor photo identification
Staff at Land O' Lakes Central Permitting did not request to see the IG team's identification when auditors entered the cash area. BCC Inbound Financial Transactions Policy #400-17, Section II, Subsection C, Part 5, requires that visitors to any area where cash is held be verified by photo ID. This represents a compliance failure with an established security control.
in: BCC: Unannounced Cash Verification - Dated August 2, 2023 - lowcash handlingBCC · FY 2023
Reconciled deposit left unsealed without completed deposit ticket
At Veterans Memorial Park, deposit procedures were not followed for the January 27, 2023 cash receipts. A deposit ticket was not completed and the plastic deposit bag was not sealed for a reconciled deposit. The Parks, Recreation, and Natural Resources Cash Check Receipt Policy requires that once the daily deposit is reconciled, the deposit ticket be completed and the deposit sealed in the bank-issued two-pocket plastic deposit bag.
in: BCC: Unannounced Cash Verification - Dated August 2, 2023 - lowpolicyBCC · FY 2023
Change fund control form not updated after custodian separation
The control form on file with Financial Services for Land O' Lakes Heritage Park still reflected an employee who had separated from service as of November 21, 2022, at the time of the January 23, 2023 unannounced audit. The control form was not updated to reflect the current custodian until January 27, 2023, after the IG's visit, and the IG verified the updated form was subsequently filed with Financial Services.
in: BCC: Unannounced Cash Verification - Dated August 2, 2023 - lowcash handlingBCC · FY 2023
Two CBA machine cash collections did not reconcile to reports
Coin Bill Acceptor (CBA) machine cash collections did not reconcile to the IT Cash Reconciliation Report at two library locations: New River Branch Library had a $2.80 shortage, and Starkey Ranch Library had a $0.85 overage. The discrepancies were not considered significant but indicated procedural and/or equipment issues with collection processes.
in: BCC: Unannounced Cash Verification - Dated August 2, 2023 - lowotherBCC · FY 2023
Cashiers required to stand on box at drive-thru window
At the Utilities (Land O'Lakes) customer drive-thru window, cashiers were observed having to stand on a box in order to reach the service drawer. This practice creates a risk of falls and was noted as an unsafe work condition, though it fell outside the formal scope of the cash audit.
in: BCC: Unannounced Cash Verification - Dated August 2, 2023 - lowotherBCC · FY 2023
Point-of-sale system non-functional at Dade City Armory
The point-of-sale (POS) system used to accept payments at the Dade City Armory did not function at the time of the audit. Despite the non-functional POS, a change fund was still being maintained at that location. This observation was outside the formal audit scope but was brought to management's attention.
in: BCC: Unannounced Cash Verification - Dated August 2, 2023 - lowevidenceBCC · FY 2023
DAVID search queries not documented in associated case files
For 3 of 11 DAVID queries reviewed, the associated case file did not reflect the specific DAVID information that was queried, making it difficult to trace all queries to a legitimate business purpose.
in: BCC: Stormwater DAVID Contract Attestation - Dated November 13, 2023 - lowpolicyBCC · FY 2023
DAVID standard operating procedures outdated and missing required guidance
The DAVID SOP contained outdated and inconsistent information and lacked detailed guidance for certain MOU requirements, including: incorrect agency head, backup POC, and internal case system references; an attachment with outdated Florida Statute language; inconsistent five-year retention requirements for access forms; no requirement to generate a User by Agency Report from DAVID for comparison to the Division's user list; no designation of who is responsible for notifying the IG upon receipt of an FLHSMV attestation request; and no designation of who is responsible for notifying FLHSMV of changes in agency head, POC, or contact information.
in: BCC: Stormwater DAVID Contract Attestation - Dated November 13, 2023 - lowdata accessCCC · FY 2023
Unattended Workstations Allowed Incorrect Evidence Deletion Attribution
One evidence deletion in TrakMan was attributed to the wrong teammate because a shared computer was not locked before being left unattended. A second teammate performed the deletion while the computer remained logged in under the prior user's credentials. This resulted in inaccurate audit trail records in TrakMan.
in: CCC: Evidence Final Report - Dated December 8, 2023 - lowpolicyCCC · FY 2022
2021 Quarter 1 Review Selected Users With No DAVID Activity
For the 2021 Quarter 1 Review, the 10 randomly selected users had no DAVID activity or searches for the selected week. Reviewing user reports with no activity did not test for compliance and merely documented a lack of activity, rendering the quarterly review ineffective for that period.
in: CCC: DAVID Attestation-Admin - Dated July 12, 2022 - lowcash handlingBCC · FY 2022
SunWest Park change fund idle with staff unaware of it
Change fund CF-74 was established for SunWest Park on 2/1/2022, but park employees were unaware a change fund existed and had to contact the Park Operator by phone during the audit to locate it. The Park Operator confirmed the fund was not used in daily operations and had only been used once since issuance, reserved solely for large events requiring overflow parking. The fund was being held without active use or staff awareness, representing a weak internal control environment.
in: BCC: Unannounced Cash Counts – Dated December 13, 2022 - lowpolicyBCC · FY 2021
Minor discrepancies in quarterly DAVID activity review completion dates
The IG noted discrepancies regarding the completion dates for some of the quarterly DAVID user activity reviews required under MOU #HSMV-0444-16. Because monthly reviews were also conducted throughout the engagement period in compliance with department policies and procedures, the auditors considered these discrepancies minor. The matter was brought to management's attention rather than elevated as a formal finding.
in: BCC: DAVID Voluntary Termination – Dated March 9, 2021 - lowpersonnelCCC · FY 2021
Teammate file missing required acknowledgement forms and CPE documentation
One teammate's personnel file did not contain the required signed acknowledgement forms or proper documentation of professional continuing development. Specifically, the Mission Statement Acknowledgement Form and the Procedure Manual Acknowledgement Change Form (effective 10/01/2020) were signed by the teammate but never submitted to the Inspector General for counter-signature as required. Additionally, continuing professional education (CPE) hours were not tracked and certificates earned were not maintained in AutoAudit as required by internal policies and procedures.
in: Department of Inspector General 2021 Internal Quality Self-Assessment Final Report - lowpolicyCCC · FY 2021
Policy and Procedure Manual outdated for time monitoring processes
The Department's Policy and Procedure Manual did not reflect current procedures for internal processes related to monitoring of time. The Audit Project Time Tracker, required by policy, was no longer being used because it was designed for a former teammate and was deemed obsolete, but the manual was never updated to remove the requirement. Audit Time Reports were generated periodically rather than weekly as required, and budget reassessment workpapers were not always completed at the end of each engagement phase as specified in policy.
in: Department of Inspector General 2021 Internal Quality Self-Assessment Final Report - lowpolicyCCC · FY 2021
No documented procedures for continuous monitoring and post-engagement surveys
The Department Policy and Procedure Manual lacked detailed guidance for two processes effective October 1, 2020: verifying and reporting the continuous tracking of open recommendations and corrective actions, and the sending and receiving of post-engagement surveys. The absence of documented procedures risked inconsistent execution. Additionally, the engagement lead auditor was both sending and receiving completed post-engagement surveys, creating a lack of separation of duties.
in: Department of Inspector General 2021 Internal Quality Self-Assessment Final Report - lowpolicyCCC · FY 2021
Budget amendment revision process inefficient due to email submission requirement
Per the Department's Procedure Manual, requests to revise the audit budget by more than 10% were required to be submitted to the Inspector General via email. The self-assessment determined that email submissions were less efficient and less substantiated compared to using the AutoAudit system, which offers built-in review and tracking features.
in: Department of Inspector General 2021 Internal Quality Self-Assessment Final Report - lowcash handlingBCC · FY 2021
Locked inaccessible drawer found inside Land O' Lakes Library safe
On February 4, 2021, auditors discovered a locked drawer/compartment within the Land O' Lakes Library safe that could not be accessed because no key existed. The branch manager was unaware the drawer existed until auditors identified it. All safe compartments should be accessible at any time to ensure proper safeguarding of assets.
in: BCC: Unannounced Cash Count – Public Services and County Attorney – Dated May 18, 2021 - lowcash handlingBCC · FY 2021
Minor issues identified and immediately corrected by staff
During the unannounced cash counts, some minor issues were identified across the Public Infrastructure Branch locations. These issues were communicated to management on the spot and were immediately addressed by Public Infrastructure staff. The report does not detail the specific nature of these issues, and they were not deemed significant findings. No dollar discrepancies or policy violations were formally cited.
in: BCC: Unannounced Cash Count – Public Infrastructure – Dated June 9, 2021 - lowpolicyCCC · FY 2021
Civil List of 23 docket code list contained non-confidential codes
Of 102 Civil docket codes on the List of 23 reference list, seven (7%) were determined not to be confidential. During the audit, privacy level updates were made in Clericus for five of the seven codes. Two codes (1397 and 1579) related to name change cases were public record, and others such as codes 4142, 8000, 4623, 3401, and 1517 did not contain confidential information.
in: CCC: 2020-09 Docket & Image Privacy – Dated August 4, 2021 - lowpolicyCCC · FY 2021
Eight active Civil List of 23 docket codes were unused or replaced
Of 102 Civil docket codes associated with the List of 23, eight (8%) were active but had either been replaced by other codes or had not been recently used, with some last used as far back as 2003. No documented policy requiring periodic review of docket code usage existed, creating a risk of codes being used in error.
in: CCC: 2020-09 Docket & Image Privacy – Dated August 4, 2021 - lowpolicyCCC · FY 2021
Three active Criminal List of 23 docket codes were unused
Of 34 Criminal docket codes associated with the List of 23, three (8%) were active but not frequently used: BEHS (Behavior Summary) last used in 2017, AFJT (Amended Final Judgment of Termination of Parental Rights), and PCPB (Petition to Commit Minor to DCF For Adoption), the latter two not used in either Clericus or CJIS as of August 19, 2020. No policy required periodic review of code usage.
in: CCC: 2020-09 Docket & Image Privacy – Dated August 4, 2021 - lowpolicyCCC · FY 2021
Criminal docket node spreadsheet lacked guidance for docket descriptions
The Criminal docket node spreadsheet did not provide guidance on when to include or exclude additional language in docket descriptions, resulting in numerous images containing more information than the basic docket description. Policies and procedures related to the docket code review process were also not documented.
in: CCC: 2020-09 Docket & Image Privacy – Dated August 4, 2021 - lowevidenceCCC · FY 2021
One Criminal image of 361 tested was docketed with incorrect code
One Criminal image tested — a Return of Service — was docketed using code NOFI (Notice of Filing), which did not match the actual document. The filing was received via the online portal with the incorrect docket code selected by the filer, and the code was not corrected by staff before docketing.
in: CCC: 2020-09 Docket & Image Privacy – Dated August 4, 2021 - lowdata accessCCC · FY 2021
One OnDemand image not made available to public in timely manner
Of 32 OnDemand images tested, one was requested for viewing on October 22 and again on October 30, 2020, but was not made available until management was notified on November 23, 2020 — over a month later. The delay was caused by an IT control error that incorrectly assigned a 'Courts 23 rule banner' to the image in Dr. Watson, resulting in over-restriction.
in: CCC: 2020-09 Docket & Image Privacy – Dated August 4, 2021 - lowpolicyCCC · FY 2021
Records scenario question answer key lacked sufficient detail and guidance
The redaction and confidentiality scenario question answer key provided limited explanations. Specific deficiencies included: answer 15.2 described confidential status when the statute required sealed; answer 23 lacked explanation for why tattoo descriptions did not apply to defendants; answer 39 was unclear that customers could only view the redacted document; and the document did not clarify how many legal authorities applied to each scenario.
in: CCC: 2020-09 Docket & Image Privacy – Dated August 4, 2021 - lowpersonnelCCC · FY 2021
Records scenario questions provided limited guidance to Civil and Criminal teammates
The redaction and confidentiality scenario questions were designed primarily for the Records Department, yet the materials were intended to be distributed to Civil and Criminal teammates as well. Only two of the scenario questions (numbers 13 and 41) were related to Criminal and Civil Courts.
in: CCC: 2020-09 Docket & Image Privacy – Dated August 4, 2021 - lowdata accessCCC · FY 2021
Civil defendant incorrectly flagged as juvenile in Clericus
For one Civil image included in testing, the defendant/relevant party born in 1965 was incorrectly marked as juvenile in Clericus, causing their name to not appear on the Online Court Records Search. Management corrected the issue during the audit and the party's name was made available online.
in: CCC: 2020-09 Docket & Image Privacy – Dated August 4, 2021 - lowpolicyCCC · FY 2021
No policies exist for handling court documents in foreign languages
Civil, Criminal, and Records had no documented policies or procedures for handling court documents written in a foreign language. During testing, one OnDemand image included a Plea form written in Spanish with an English translation also docketed, but teammates had limited documented guidance for reviewing such documents to ensure confidential information was not publicly released.
in: CCC: 2020-09 Docket & Image Privacy – Dated August 4, 2021 - lowevidenceCCC · FY 2021
Documentation of verified wills prior to destruction not fully remediated
The original audit found that documentation of deposited wills verified prior to destruction was not being maintained. The corrective action plan for this item was only partially completed as of the follow-up date, because no deposit wills had been destroyed since the original 2020-05 audit engagement. As a result, Civil management had not yet been able to finalize updates to the destruction procedures to ensure complete and accurate guidance.
in: CCC: 2020-05 Deposit Will Follow-up Memo – Dated August 5, 2021 - lowpolicyBCC · FY 2021
Extended Cycle Count Process Lacks Written Documentation
The existing Cycle Count Procedures did not document all key steps performed throughout the year. Management performed extended cycle counts using a turnover report generated around August for items with no usage, but this process was not captured in any written procedure. Undocumented procedures undermine consistency, compliance, and training capability.
in: BCC: Utilities Warehouse Inventories – Dated December 20, 2021 - lowotherBCC · FY 2021
Inventory System Reflects Incorrect Bin Locations for Several Items
Of the 103 items tested at Embassy Warehouse, five items (5%) — #22003, #07007M, #82048, #500586, and #230112 — were located in a different area than reflected in the inventory system or could not be identified at all. Management stated the inventory had been reorganized due to spacing issues but the system was not updated at the time of the audit.
in: BCC: Utilities Warehouse Inventories – Dated December 20, 2021 - lowpolicyBCC · FY 2020
POC Quarterly Monitoring Logs contained incorrect and duplicative information
The POC Quarterly Monitoring Logs contained incorrect information and appeared to duplicate the Quarterly Quality Control Review Report required by the MOU. Specific issues included: the log referenced supervisor field logs that Stormwater did not actually use; the log referred to an incorrect search code; and the log indicated that signed authorization forms for all users were verified quarterly, even though the POC could not locate those forms when requested.
in: BCC: Stormwater DAVID Contract Attestation – Date March 24, 2020 - lowpolicyCCC · FY 2020
Documented verification frequency inconsistent with actual staff practice
The Deposit Will Verification procedure specified that verification was to occur weekly, every Friday. However, teammates interviewed stated that verification occurred within two to three days of receiving and entering the will into Clericus, and no one indicated they verified only on Fridays. The disconnect between the documented frequency and actual practice meant the written procedure did not accurately reflect or govern the workflow.
in: CCC: 2020-05 Deposit Will Audit – Dated September 17, 2020 - other$6,942,527BCC · FY 2023
Inmate welfare fund balance confirmed transferred to BCC
Trial balances for the inmate welfare fund for September 30, 2022 and October 1, 2022 were reviewed. The balance of $6,942,527.55 was reflected as a transfer to the BCC on the Sheriff's trial balance. No significant variances were noted.
in: BCC: Pasco County Jail Transfer – Dated January 20, 2023 - otherBCC · FY 2023
Two capital assets not initially observed during physical testing
Of 44 capital and tangible asset items selected for physical existence verification, two items were not observed during initial testing. The existence of one asset was subsequently documented with a photograph, and the second asset was confirmed as disposed with supporting disposal documentation from the Jail. All other observed assets appeared to be in working condition.
in: BCC: Pasco County Jail Transfer – Dated January 20, 2023 - policyCCC · FY 2021
Noncompliance with deposit will procedures corrective action completed
The original audit identified instances of noncompliance with deposit will procedures. The follow-up review confirmed that the corrective action plan addressing this condition was fully completed by Civil management.
in: CCC: 2020-05 Deposit Will Follow-up Memo – Dated August 5, 2021 - policyCCC · FY 2021
Incomplete documented policies and procedures corrective action completed
The original audit found that documented policies and procedures did not provide current, complete, or detailed guidance for some steps in the deposit will process. The follow-up confirmed this corrective action was completed, though portions of the original plan no longer applied or a compensating control was implemented.
in: CCC: 2020-05 Deposit Will Follow-up Memo – Dated August 5, 2021 - policyCCC · FY 2021
Segregation of duties deficiency in verification process corrective action completed
The original audit found that segregation of duties was not effective for the deposit will verification process. The follow-up confirmed this corrective action was completed, with portions of the plan either no longer applicable or addressed through a compensating control.
in: CCC: 2020-05 Deposit Will Follow-up Memo – Dated August 5, 2021 - policyCCC · FY 2021
Inconsistencies between DC and NPR corrective action completed
The original audit identified inconsistencies between the Downtown Courthouse (DC) and New Port Richey (NPR) locations regarding deposit will processes. The follow-up confirmed this corrective action was completed, with portions no longer applicable or compensating controls implemented.
in: CCC: 2020-05 Deposit Will Follow-up Memo – Dated August 5, 2021 - policyCCC · FY 2021
Inconsistent deposit will verification requirement corrective action completed
The original audit found that the requirement for deposit will verification was not applied consistently throughout the office. The follow-up confirmed that the corrective action plan addressing this condition was fully completed.
in: CCC: 2020-05 Deposit Will Follow-up Memo – Dated August 5, 2021 - cash handlingBCC · FY 2020
Minor issues discussed informally with management and resolved
The IG noted some minor issues and recommendations during the unannounced cash counts of the Central Permitting Department's 16 cash drawers. These items were discussed directly with Development Services management and had been addressed by the time the report was finalized. No significant findings were formally documented or reported.
in: BCC: Change Fund Audit – Dated February 18, 2020