Clerk & Comptroller
Audit findings · policy
93 findings match the current filter. Sorted by severity, then dollar amount.
- highpolicyCCC · FY 2023
Civil Marchman Act filing type assigned incorrect public privacy level
One of 96 Civil test samples, a filing type 'Invol Asm Stab' associated with Marchman Act cases, was assigned a public privacy level in Clericus when it was required to be sealed under AO2017-064(II)(A)(9). Marchman Act case files and dockets must be sealed by the Clerk of the Circuit Court unless otherwise ordered by the court. Management immediately corrected the privacy level upon notification.
in: CCC Docket Image Privacy Follow-Up - Final Report dated February 14 2023 - highpolicyCCC · FY 2022
Majority of DAVID Searches for Audit Period Could Not Be Verified
Of the 1,660 DAVID searches conducted during the audit period, 955 (58%) could not be verified as proper, authorized, business-related searches. Reasons for unverifiability included incorrect purpose codes, missing case/citation numbers, incorrect case/citation numbers, inability to locate the searched person in Clericus, impound searches using names instead of tag numbers, verbally requested searches with no documentation, and deleted email documentation. Documented policies and procedures providing guidance for conducting verifiable searches were limited, and verbal search requests were not required to be documented.
in: CCC: DAVID Attestation-Admin - Dated July 12, 2022 - highpolicyCCC · FY 2020
Segregation of duties not enforced in deposit will verification process
At the Dade City location, the same person who inputted a deposit will into Clericus was permitted to verify their own work, provided they waited 24 hours, because the documented procedures did not explicitly require a separate teammate to perform verification. Additionally, the Deposit Will Verification procedure allowed the verifier to make corrections as necessary, which effectively eliminated the segregation of duty control over data entered by the intake clerk. These gaps created risk of undetected errors or irregularities in case records.
in: CCC: 2020-05 Deposit Will Audit – Dated September 17, 2020 - mediumpolicy$750BCC · FY 2021
Undocumented cat trap rental program holding nine unprocessed customer checks
On February 2, 2021, auditors found a binder inside the Animal Services Adoption Center safe containing nine customer checks totaling $750 associated with an informal cat trap rental program. The program lacked documented policies and procedures; some customers received traps without a contract or deposit, checks dated as far back as late 2019 had not been processed even though associated traps were reportedly not returned, and one check had no associated contract. The program was operating without formal approval or oversight.
in: BCC: Unannounced Cash Count – Public Services and County Attorney – Dated May 18, 2021 - mediumpolicy$651BCC · FY 2022
Inventory adjustments lacked formal written request and approval process
Inventory adjustments made by lead inventory specialists were only verbally approved by management before entry into the EAM system. The IG could not verify that the combined 16 adjustments totaling $651.09 for the audit period were properly reviewed and approved because no supporting documentation existed. The absence of a formal written approval process increased the risk of unauthorized adjustments.
in: BCC: Utilities Warehouse Inventories Follow-up – Dated December 13, 2022 - mediumpolicy$651BCC · FY 2021
Inventory Adjustments Lack Formal Written Approval Process
Inventory adjustments made by lead inventory specialists were only verbally approved by management before entry into the system. The IG could not verify that the combined 16 adjustments totaling $651.09 during the audit period were properly reviewed and approved, as no supporting documentation existed. This lack of documentation increases the risk of unauthorized adjustments.
in: BCC: Utilities Warehouse Inventories – Dated December 20, 2021 - mediumpolicy$11CCC · FY 2021
Unauthorized and untracked items found in Official Records safe
The safe at Official Records in Dade City was found to contain an unprocessed check dated August 11, 2020, for $11 that management was unaware of — it had been misplaced in the safe for approximately three months and was returned to the customer as a result of the audit. The safe also contained a customer's driver license of unknown duration; management did not know what to do with it and had not notified their Director. No procedure existed for regular safe inspections or for handling customer-owned sensitive items found in the safe.
in: CCC: Unannounced Cash Count – Dated January 9, 2021 - mediumpolicyBCC · FY 2024
P-Card Policy Violations Not Enforced During Program Implementation
Of the 16,879 total P-Card transactions reviewed, 87 were not approved in accordance with the P-Card Policy, yet card users were still permitted to make charges. The P-Card Policy requires transactions to be processed by Fiscal teams within five business days of import into Munis. BCC personnel confirmed that during the initial implementation of the new card provider (J.P. Morgan Chase Bank) from January 16, 2024 through May 31, 2024, corrective actions by the P-Card Administrator for policy violations were not applied, with enforcement only beginning in June 2024.
in: BCC: Purchasing Card Transactions - Dated November 25, 2024 - mediumpolicyCCC · FY 2025
Change fund control forms not updated or missing
Departments did not always send updated control forms to Finance when cashier personnel changed, as required by FI-CF012. At the time of audit, two forms reflected outdated information (one Division Change Fund Control Form and one Custodian/Cashier Change Fund Control Form), and Custodian/Cashier Change Fund Control Forms did not exist for three custodians.
in: CCC: Unannounced Cash Verification - Dated May 5, 2025 - mediumpolicyCCC · FY 2025
DAVID Procedures and Guidelines Incomplete, Outdated, or Undocumented
Multiple DAVID process procedures were not documented, were incomplete, or did not reflect current operations. Undocumented areas included: updating agency contact information in DAVID within 10 calendar days, monitoring restricted DAVID network folder access, assigning and reviewing user permission roles, assigning a back-up DAC for quarterly reviews, and guidance for conducting standard searches and logging out. The DAVID Quarterly Audit Guideline also lacked proper segregation of duties, complete search procedures, and updated case/citation verification processes.
in: CCC: DAVID Attestation- Dated July 28, 2025 - mediumpolicyBCC · FY 2024
Developer Credit Reconciliation Process Not Fully Followed
During process observations, two procedures were not performed in accordance with the Developer Credits Reconciliation SOP (Version No. 1.3). Specifically, the Additional Information tab on the Trust Account Balance spreadsheet did not include required columns titled Comments and Long String. Additionally, the monthly developer credit reconciliation was not emailed to all recipients listed in the SOP.
in: BCC: Developer Credits Policies and Procedures- Dated July 30, 2024 - mediumpolicyBCC · FY 2024
Trust Account Balance Not Updated in Accela Timely
A trust account balance was not updated in Accela in a timely manner. A trust account balance was reduced in Accela on December 12, 2023 for a credit reimbursement that had been issued on September 8, 2023 — a lag of over three months. The update process was manual, relying on flagged check request emails as reminders to reduce the balance once payment was issued by the Clerk & Comptroller's Finance Department.
in: BCC: Developer Credits Policies and Procedures- Dated July 30, 2024 - mediumpolicyBCC · FY 2024
SOP for Developer Credit Transmittal Summary Contains Multiple Gaps
The Developer Credit Transmittal Summary SOP (Version No. 2.0) lacked detailed guidance across numerous areas, including: procedures for researching and correcting errors; timing requirements for submitting the summary to the Accountant II; guidance for answering the question about whether credits can be sold outside the development; criteria for mobility fee automation in Accela; defined roles for completing the summary; signature requirements; retention requirements; processing timeframes; secondary review requirements before submission to Fiscal; cross-references to related SOPs covering general ledger and trust account setup; detailed procedures for Accela automation setup; and detailed criteria for the Fiscal review step.
in: BCC: Developer Credits Policies and Procedures- Dated July 30, 2024 - mediumpolicyBCC · FY 2024
Developer Credits Reconciliation SOP Lacks Key Controls and Procedures
The Developer Credits Reconciliation SOP (Version No. 1.3) contained limited guidance and omitted several key controls: it did not require the preparer to sign and date the completed reconciliation; did not define roles for performing the reconciliation; lacked a contingency plan for alternate reconcilers; did not specify retention requirements; provided insufficient guidance for researching and correcting discrepancies; did not require a secondary review before submission to the Clerk's Finance Department; did not include controls for segregation of duties (the same individual processed trust account activity and performed the monthly reconciliation); and used individual names rather than position titles for email distribution, without identifying all required recipients.
in: BCC: Developer Credits Policies and Procedures- Dated July 30, 2024 - mediumpolicyBCC · FY 2024
Credit Loads and Transfers SOP Missing Multiple Procedural Controls
The Developer Credits – Credit Loads and Transfers SOP (Version No. 1.3) omitted key controls and guidance, including: defined roles for performing credit loads, transfers, and refunds/reimbursements; a requirement to verify trust account balances before processing refunds to confirm sufficient credit; defined timeframes for processing; guidance for ineligible requests; defined retention requirements; a specific citation to the applicable section of the Pasco County Land Development Code; and guidance for check requests and timely trust account balance updates upon refund/reimbursement.
in: BCC: Developer Credits Policies and Procedures- Dated July 30, 2024 - mediumpolicyBCC · FY 2024
Trust Account/Credit Letter Processing SOP Lacks Key Controls
The Trust Account/Credit Letter Processing SOP (Version No. 3.0) did not require management approval before the Accounting Clerk deletes impact fees in Accela; did not provide standardized memo criteria or documentation requirements when credit letters and payments are returned for correction; did not include directives for storing original credit letters; and did not provide guidance for handling lost original credit letters.
in: BCC: Developer Credits Policies and Procedures- Dated July 30, 2024 - mediumpolicyCCC · FY 2024
Driver license reinstatements issued without meeting eligibility criteria
Of 198 combined cases tested, 9 cases had D6 clearances or ARDLs issued without verifying court costs, fines, and fees were paid in full, without confirming court requirements were met, or without having an accurate, completed, or signed payment plan docketed as required by internal policies. In some instances, teammates handling phone customers issued the clearance or ARDL at the time they mailed payment plan paperwork rather than after receipt of a signed agreement. Compliance with established criteria before issuing reinstatement documents is required by internal procedures and Florida Statute.
in: CCC Driver License Reinstatements - Dated December 27, 2024 - mediumpolicyCCC · FY 2024
Inconsistent payment processing creates numerous unmatched reinstatement records
Inconsistencies in processing payments for payment plans and reinstating driver licenses resulted in 1,722 unmatched records across the D6 Transaction Report, ARDL Report, Payment Report, and Payment Plan Report. Issues included suspensions cleared without proper documentation, ARDLs issued to wrong case numbers, ARDL fees assessed but not collected or not applied, and 14 cases where the reason for the mismatch could not be determined. The ARDL report also lacked a data field to identify the teammate who issued the ARDL, limiting accountability.
in: CCC Driver License Reinstatements - Dated December 27, 2024 - mediumpolicyCCC · FY 2024
Vague and inconsistent documented procedures for reinstatements and quality control
Documented policies and procedures related to the driver license reinstatement process, seven-year dismissals, and quality control review were vague, did not reflect current processes or all relevant steps, or did not exist. Key controls were not required or addressed in the documented procedures. Additionally, different locations (Dade City and New Port Richey) used different procedures, resulting in inconsistencies between departments in how reinstatements were processed and how quality control reviews were performed.
in: CCC Driver License Reinstatements - Dated December 27, 2024 - mediumpolicyCCC · FY 2024
Compliance due dates in Clericus not always monitored or updated timely
Suspension letters and suspensions were not always processed in compliance with timeliness standards reflected in Clericus due dates. Compliance dates were not always entered into Clericus, as pre-conversion cases lacked compliance tabs unless manually added. Payment plans were not always reviewed timely to confirm good standing. Delays were partly attributable to the COVID-19 moratorium backlog on driver license suspensions from March 19, 2020, through January 7, 2021.
in: CCC Driver License Reinstatements - Dated December 27, 2024 - mediumpolicyCCC · FY 2024
Satisfactions of Certified Judgments not docketed for 20 fully paid cases
Upon full payment of all outstanding court costs, fines, and fees, a Satisfaction of Judgment for Costs and Fees must be created, triggering Official Records via docket code SJCC. For 20 cases where all court costs, fines, and fees had been paid in full, a satisfaction was not docketed to the case, meaning Official Records was not properly notified to record the satisfaction.
in: CCC Driver License Reinstatements - Dated December 27, 2024 - mediumpolicyCCC · FY 2024
Backlog of seven-year dismissals from 2013 left unprocessed
Pursuant to a July 2, 1999 order by Judge Webb, license suspensions on cases outstanding for seven or more years must be recalled, canceled, and satisfied. At the time of audit, a backlog of seven-year dismissals dating to 2013 had not been reviewed, and management indicated these were processed only as time permitted, indicating a lack of timely, systematic processing.
in: CCC Driver License Reinstatements - Dated December 27, 2024 - mediumpolicyCCC · FY 2023
Comprehensive list of Civil docket codes associated with List of 23 did not exist
No comprehensive list of Civil docket codes related to the List of 23 existed prior to the initiation of the audit. The list was not provided in a timely manner and required multiple revisions after IG review. The initial verbal request was made June 5, 2020 and the final usable list was not provided until July 20, 2020. Without such a list, teammates lacked proper guidance to ensure images were docketed and maintained confidential in compliance with Rule 2.420.
in: CCC Docket Image Privacy Follow-Up - Final Report dated February 14 2023 - mediumpolicyCCC · FY 2023
Civil docket code for Child Abuse and Sexual Offences List of 23 item did not exist
No Civil docket code existed for records associated with item #13 on the List of 23 (child abuse and sexual offenses) as required under Rule 2.420. Civil instead used a specific case type for sexual violence protective injunctions and relied on teammates to manually mark documents as confidential, increasing the risk that confidential documents could be missed or improperly marked and made available to the public.
in: CCC Docket Image Privacy Follow-Up - Final Report dated February 14 2023 - mediumpolicyCCC · FY 2023
Civil docket descriptions online included more information than basic docket description
For 130 (26%) of 495 Civil images tested, the docket description on the public website included more information than the basic docket description in Clericus. Of these, 42 (32%) were sealed images. This was a legacy issue from the prior case management system (FACTS) when detailed descriptions were entered because images were not available online.
in: CCC Docket Image Privacy Follow-Up - Final Report dated February 14 2023 - mediumpolicyCCC · FY 2023
Comprehensive list of Criminal docket codes associated with List of 23 did not exist
No comprehensive list of Criminal docket codes related to the List of 23 existed prior to the audit. The list required four revisions after IG review and was not provided in a timely manner. Grand Jury indictment codes (INDT, INDC) were initially omitted. Some docket codes were shared between confidential and non-confidential documents, increasing risk of publicizing confidential records.
in: CCC Docket Image Privacy Follow-Up - Final Report dated February 14 2023 - mediumpolicyCCC · FY 2023
Criminal compensating controls for docket privacy not documented
For 60 Criminal images tested, case privacy levels were confidential but image and docket privacies were OnDemand and Public respectively. Compensating controls were in place (IT security matrix, VOR process, extensive training, case-level sealing/expunging) but none were formally documented in written policies or procedures, creating risk of inconsistent application.
in: CCC Docket Image Privacy Follow-Up - Final Report dated February 14 2023 - mediumpolicyCCC · FY 2023
Records policies, procedures, and training materials required significant improvement
Existing Records training materials (Redaction and Confidentiality Guide, Scenario Questions, PowerPoint, Redaction Validation procedure) provided limited guidance and failed to address all key controls. Deficiencies included lack of full statute language, absence of envelope placement guidance, no explanation of case parties, insufficient escalation guidance, no glossary, undocumented queue authorization levels, and no requirement for supervisory approval to change a Courts 23 Rule in Dr. Watson.
in: CCC Docket Image Privacy Follow-Up - Final Report dated February 14 2023 - mediumpolicyBCC · FY 2023
Refunds lacked required supporting Sunbiz documentation per policy
Four of 40 refunds tested (10%) did not have proper supporting Sunbiz documentation as required by the Private Provider Refund Policy and Procedure. For one refund, the name on the Release, Satisfaction, and Settlement Agreement did not match the Sunbiz documentation on file. For three refunds, Sunbiz documents were requested by the IG but not included in management's response, suggesting the documentation did not exist at the time of the refund. Documents later provided by the Department bore an electronic date stamp of May 10, 2022, indicating they may have been created after the fact.
in: BCC: Development Services Private Provider Refunds - Dated June 30, 2023 - mediumpolicyBCC · FY 2023
FLHSMV not properly notified of agency head and POC changes
The MOU required changes in the agency head, POC, address, telephone number, and/or email address to be updated in DAVID within 10 calendar days of occurrence. FLHSMV was not properly notified when there was a change in the agency head and POC.
in: BCC: Stormwater DAVID Contract Attestation - Dated November 13, 2023 - mediumpolicyBCC · FY 2023
Quarterly quality control review reports incomplete and improperly documented
The MOU required Quarterly Quality Control Review Reports (QQCRRs) to be completed within 10 days after the end of each quarter and maintained for two years. Two QQCRRs reflected zero users reviewed despite actual activity; one QQCRR was completed before the quarter ended; two QQCRRs reflected incorrect active user counts; required Quarterly User Reports and Quarterly Monitoring Review Reports were not completed; the POC did not notify the Public Works Assistant Director upon completion; and QQCRRs were not digitally signed by the Public Works Assistant Director.
in: BCC: Stormwater DAVID Contract Attestation - Dated November 13, 2023 - mediumpolicyBCC · FY 2023
Monthly monitoring reports incomplete and lacking required approval signatures
The DAVID SOP required the POC to conduct monthly monitoring of all authorized users, complete Monthly Monitoring Reports, and submit them to the Public Works Assistant Director for review, approval, and digital signature. The Monthly Monitoring Reports provided for the audit period were incomplete, inaccurate, and lacked the required digital signature of the Public Works Assistant Director.
in: BCC: Stormwater DAVID Contract Attestation - Dated November 13, 2023 - mediumpolicyCCC · FY 2023
Certificates of Receipt for Evidence Procedure Manual Not Maintained
The Evidence Procedure Manual required teammates to sign and date a Certificate of Receipt confirming they received and read the manual. Signed Certificates of Receipt were not maintained for Civil and Criminal teammates who handled evidence and had access to Courthouse Evidence Vaults.
in: CCC: Evidence Final Report - Dated December 8, 2023 - mediumpolicyCCC · FY 2023
Inconsistent Requirements for Evidence Procedure Manual Acknowledgment Receipts
The Evidence Procedure Manual required teammates to sign a Certificate of Receipt confirming they received and read the manual. Management responses revealed confusion across departments about which teammates were required to complete and submit the certificate. This inconsistency undermines the purpose of the acknowledgment as a compliance tool and creates gaps in documented evidence-procedure awareness.
in: CCC: Evidence Final Report - Dated December 8, 2023 - mediumpolicyCCC · FY 2022
DAVID Users Not Conducting Searches Per Policies and Procedures
Six of the 12 (50%) Criminal Courts DAVID users were consistently using incorrect purpose codes for their DAVID searches and/or were not including a case/citation number in their search during the audit period February 1, 2021 through February 1, 2022. Additionally, there were several instances where impound searches were conducted on names rather than plate numbers, contrary to the CR-CC066 procedure which required use of the '020 – Other' code, inclusion of the case/citation number, and plate-based impound searches.
in: CCC: DAVID Attestation-Admin - Dated July 12, 2022 - mediumpolicyCCC · FY 2022
Internal Policies Did Not Fully Address All MOU Requirements
The documented policies and procedures for the DAVID system did not fully address all requirements from Sections IV(B), V, and VI of the MOU (HSMV-0615-19). Criminal Courts procedures failed to address 14 of the 24 applicable MOU requirements, and IT procedures failed to address 13 of the 24 requirements, leaving significant gaps in the internal control framework relative to the MOU's obligations.
in: CCC: DAVID Attestation-Admin - Dated July 12, 2022 - mediumpolicyCCC · FY 2022
Quarterly Reviews Did Not Flag Improper Purpose Codes or Missing Citation Numbers
The procedures for conducting quarterly Quality Control Reviews did not specify what steps the POC should take upon identifying incorrect purpose codes or missing case/citation numbers. As a result, 72 of 95 (76%) DAVID searches reviewed in the 2021 Quarterly Quality Control Reviews did not use the '020 – Other' purpose code and/or lacked a case/citation number, yet management was never notified and no corrective action was taken.
in: CCC: DAVID Attestation-Admin - Dated July 12, 2022 - mediumpolicyBCC · FY 2022
Extended cycle count process not documented in SOPs
The existing Inventory Cycle Counts Procedures did not document the extended cycle count process performed on items with no usage. Management generated a turnover report near fiscal year-end (around August) to ensure all inventory items were counted, but this process lacked any written documentation. Undocumented procedures undermine consistency, training, and continuity of operations.
in: BCC: Utilities Warehouse Inventories Follow-up – Dated December 13, 2022 - mediumpolicyCCC · FY 2021
Civil Marchman Act filing type assigned incorrect public privacy level
A Civil filing type 'Invol Asm Stab' associated with Marchman Act cases was assigned a public privacy level in Clericus, when AO2017-064 required Marchman Act case files and dockets to be sealed. This was discovered in one of 96 test samples with a pending redaction status. Management responded immediately and corrected the privacy level prior to report publication.
in: CCC: 2020-09 Docket & Image Privacy – Dated August 4, 2021 - mediumpolicyCCC · FY 2021
Comprehensive list of Civil List of 23 docket codes did not exist
A comprehensive list of Civil docket codes related to the List of 23 did not exist prior to the audit. When requested, the list was not provided timely and required multiple revisions for completeness. Rule 2.420(d) requires the Clerk to designate and maintain confidentiality of court record information.
in: CCC: 2020-09 Docket & Image Privacy – Dated August 4, 2021 - mediumpolicyCCC · FY 2021
No Civil docket code exists for Child Abuse and Sexual Offences category
No Civil docket code existed for records associated with item #13 (Child Abuse and Sexual Offences) on the List of 23. Civil used a specific case type for sexual violence protective injunctions and teammates manually marked documents as confidential, increasing the risk of confidential documents being made publicly available due to human error.
in: CCC: 2020-09 Docket & Image Privacy – Dated August 4, 2021 - mediumpolicyCCC · FY 2021
Civil online docket descriptions contained more detail than basic description
For 130 (26%) of 495 Civil images tested, the online docket description included more information than the basic docket description in Clericus. Of those 130, 42 (32%) were sealed images. This occurred because legacy FACTS procedures instructed teammates to enter detailed descriptions, and those entries were not reviewed when Clericus was implemented.
in: CCC: 2020-09 Docket & Image Privacy – Dated August 4, 2021 - mediumpolicyCCC · FY 2021
Comprehensive list of Criminal List of 23 docket codes did not exist
A comprehensive list of Criminal docket codes related to the List of 23 did not exist prior to the audit. The list required four revisions for completeness and was not provided timely. Additionally, Grand Jury indictment codes (INDT and INDC) were mistakenly removed from the list, and some codes were shared between confidential and non-confidential documents, increasing the risk of inadvertent public disclosure.
in: CCC: 2020-09 Docket & Image Privacy – Dated August 4, 2021 - mediumpolicyCCC · FY 2021
Criminal compensating internal controls for privacy misalignments not documented
For 60 Criminal images tested, case privacy levels were confidential while image and docket privacies were OnDemand and Public respectively. Compensating controls existed (IT security matrix, View on Request process, teammate training, and case-level sealing/expungement) but none were documented in written policies and procedures.
in: CCC: 2020-09 Docket & Image Privacy – Dated August 4, 2021 - mediumpolicyCCC · FY 2021
Records training materials and policies insufficient for effective teammate performance
Existing Records training materials (Redaction and Confidentiality Guide, Scenario Questions, PowerPoint Presentation, and Redaction Validation procedure) contained limited guidance and did not address all key controls and procedures. Deficiencies included: insufficient Florida Statute guidance, missing instructions for envelope placement, no explanation of Parties to a case, limited escalation guidance, no glossary, undocumented queue authorization levels, and no secondary review required for Courts 23 rule changes in Dr. Watson.
in: CCC: 2020-09 Docket & Image Privacy – Dated August 4, 2021 - mediumpolicyBCC · FY 2021
Bin Location Changes Allow Undetected Inventory Misappropriation Risk
For two items (#31251 and #2424C) at Embassy Warehouse, bin locations were changed to 'as needed' prior to year-end, excluding them from inventory count sheets. Lead inventory specialists made these decisions without required management approval, and changes were not tracked or monitored. This creates a risk that County assets could be mismanaged or misappropriated without detection.
in: BCC: Utilities Warehouse Inventories – Dated December 20, 2021 - mediumpolicyBCC · FY 2020
Authorization and Acknowledgement Forms not maintained or current
Completed Access Authorization Request and Acknowledgement of Penalties for Misuse forms were not current and could not be located. Original forms from 2016 were missing and had to be re-executed on November 18, 2019. Acknowledgement of Penalties for Misuse forms dated May 28, 2017 lacked supervisor signatures, a deficiency previously identified in audit #2016-05. Additionally, the acknowledgment form for the Auditor III who was granted DAVID access was not on file with the Division.
in: BCC: Stormwater DAVID Contract Attestation – Date March 24, 2020 - mediumpolicyBCC · FY 2020
DAVID Access Standard Operating Procedures not up-to-date
The DAVID Access SOPs had not been updated since April 20, 2016, and contained numerous deficiencies across multiple areas: incorrect titles for responsible personnel; missing requirements for authorization forms; outdated or absent procedures for user activation, deactivation, and monitoring; SOP attachments with incorrect information or no longer in use; procedures that did not match actual operating practices; missing guidance for securely inputting DAVID data into citations and storing documentation; and absence of MOU-required misuse reporting details and agency head certification requirements.
in: BCC: Stormwater DAVID Contract Attestation – Date March 24, 2020 - mediumpolicyBCC · FY 2020
FLHSMV not timely notified of agency head change
The FLHSMV was not notified of the change of agency head within the required 10 calendar days as mandated by MOU Section IV, Statement of Work, Subsection B(10). The former County Administrator retired and was replaced on May 1, 2017, but the FLHSMV was not notified until February 26, 2019 — nearly two years after the change occurred.
in: BCC: Stormwater DAVID Contract Attestation – Date March 24, 2020 - mediumpolicyCCC · FY 2020
Staff noncompliance with deposit will intake procedures identified
At the Dade City location, intake clerks entered each decedent as a new person in the system rather than updating matching existing records with the date of death as required by the Deposit Will procedure. At the New Port Richey location, if a CP (probate) case for the decedent already existed, clerks placed the will directly into that case instead of creating a separate DW case as required. Both practices deviated from the documented intake procedure.
in: CCC: 2020-05 Deposit Will Audit – Dated September 17, 2020 - mediumpolicyCCC · FY 2020
Policies and procedures incomplete and missing key process steps
The existing policies and procedures for deposit will intake, verification, and probating processes contained limited guidance and did not reflect numerous key steps observed and described by the Probate team. Missing documentation spanned the intake stage (e.g., verifying will originality, handling mailed wills lacking required information), the docketing stage (e.g., who is responsible for scanning, combining pages, checking in images), the verification stage (e.g., envelope labeling, barcode affixing, error discussion with intake clerk), and the post-deposit will process (e.g., associating DW and CP cases, recording with Official Records, handling ancillary documents). Without comprehensive procedures, consistent and correct handling of wills across teammates and locations could not be assured.
in: CCC: 2020-05 Deposit Will Audit – Dated September 17, 2020 - mediumpolicyCCC · FY 2020
Processing inconsistencies identified between Dade City and New Port Richey locations
Multiple operational inconsistencies were found between the two Probate locations. For wills received by mail without required information, Dade City returned the will to the sender while New Port Richey held it in a department safe. For verification documentation, Dade City used docket code 1567 in Clericus while New Port Richey did not use any docket code. Dade City imposed a 24-hour wait before verification while New Port Richey had no such waiting requirement. For case linking, Dade City linked caveat or trust-related case numbers while New Port Richey linked only the DW case to the new CP case. For will transfers, Dade City saved and uploaded a PDF to the File and Serve system while New Port Richey uploaded the image directly from the DW case to the CP case in Clericus.
in: CCC: 2020-05 Deposit Will Audit – Dated September 17, 2020 - lowpolicy$23BCC · FY 2020
Unsigned credit card receipt found at Land O' Lakes Library
On January 29, 2020, an unsigned credit card receipt in the amount of $22.75, dated January 10, was found stored in the safe at the Land O' Lakes Library. Branch staff were unaware of procedures for handling unsigned receipts. The credit card charge had been included in a deposit submitted to Financial Services, and management was attempting to contact the cardholder.
in: BCC: Change and Petty Cash Fund Audit – Dated June 2, 2020 - lowpolicyBCC · FY 2024
P-Card Policies and Procedures Not Fully Formalized
Although the BCC had adequate P-Card policies and procedures in place, not all procedures were incorporated into the formal P-Card Policy document. Specifically, procedures related to the timeline for when P-Cards are suspended and the reactivation process were absent from the written policy. The lack of a single complete document increases the risk that personnel may not follow or consistently apply all required procedures.
in: BCC: Purchasing Card Transactions - Dated November 25, 2024 - lowpolicyCCC · FY 2025
No lost and found procedures for valuable or sensitive items
On July 15, 2024, the IG found a debit card stored in a safe that a citizen had left at a service window in October 2023—approximately nine months prior. The Operations Supervisor was uncertain of the process for returning such items. The card was returned to the issuing bank the same day the IG identified it. No officewide policy existed for receiving, storing, documenting, and returning lost valuable or sensitive items.
in: CCC: Unannounced Cash Verification - Dated May 5, 2025 - lowpolicyCCC · FY 2025
Cashiers not notified when supervisors process transaction voids
A void appeared on one drawer's Daily Receipt Recap Details report, but the cashier had no documentation and was unaware of it. Only leads and supervisors can process voids in the cashiering system; the Operations Lead voided a transaction identified during quality review without informing the cashier. No officewide policy addressed communication of voids to affected cashiers.
in: CCC: Unannounced Cash Verification - Dated May 5, 2025 - lowpolicyCCC · FY 2025
No document version control process for control form templates
The Division Change Fund Control Form on file for one division was a different version than the one published on Office Net at the time of audit, making it unclear which version was correct. No formal version control process existed to track and manage revisions to change fund control forms.
in: CCC: Unannounced Cash Verification - Dated May 5, 2025 - lowpolicyCCC · FY 2025
Inconsistent signature formats on change fund control forms
Signature formats on Custodian/Cashier Change Fund Control Forms were not consistent; some had wet signatures, others had digital signatures, and others had only typed names on signature lines. No officewide policy specified acceptable signature types for control forms.
in: CCC: Unannounced Cash Verification - Dated May 5, 2025 - lowpolicyCCC · FY 2025
Control forms signed without proper delegation of authority
Control forms did not consistently reflect proper delegation of authority: leads signed for supervisors and managers, assistant directors signed for directors, and in one instance the Operations Supervisor signed on behalf of the cashier/custodian. No formal signature delegation process existed for change fund control forms.
in: CCC: Unannounced Cash Verification - Dated May 5, 2025 - lowpolicyCCC · FY 2025
DAVID Searches Missing Required Reason Codes
The DAVID Quarterly Audit Guideline requires a reason code to be entered for every search performed. Of 67 DAVID searches reviewed during testing, four searches by one user included a case or citation number but lacked a required reason code. The auditor confirmed all four searches were for valid business purposes.
in: CCC: DAVID Attestation- Dated July 28, 2025 - lowpolicyCCC · FY 2025
DAVID Access Authorization Request Form Lists Incorrect Department
One DAVID Access Authorization Request Form on file was not updated to reflect the teammate's correct department, representing an inaccuracy in the official access control documentation maintained by the Office.
in: CCC: DAVID Attestation- Dated July 28, 2025 - lowpolicyCCC · FY 2025
Fragmented DAVID Guidance and Lack of Policy Management Software
Criminal and IT departments maintained independent versions of DAVID audit procedures; Criminal's older documents were confirmed obsolete but some Criminal users remained unaware of current documented procedures. Updates to DAVID procedures were communicated informally through Criminal Department Bulletins (CDBs) rather than being promptly reflected in formal procedure documents.
in: CCC: DAVID Attestation- Dated July 28, 2025 - lowpolicyCCC · FY 2024
Inconsistent documentation of custody for assigned change funds
Practices for documenting custody of assigned change funds were inconsistent across divisions. One change fund had multiple Division Change Fund Control Forms bearing the same date but signed by different individuals as supervisor/designee. In another instance, a supervisor signed both the Division Change Fund Control Form and the Custodian/Cashier Change Fund Control Form as custodian/cashier and supervisor/designee for a fund split among six cashier drawers and two cash boxes, without obtaining signatures from the individual cashiers, undermining individual accountability. Additionally, the distribution totals on Custodian/Cashier Change Fund Control Forms did not always agree with the corresponding Division Change Fund Control Form.
in: CCC: Unannounced Cash Verification - Dated May 14, 2024 - lowpolicyBCC · FY 2024
Outdated Control Form Used; Updated Form Not Filed with General Ledger
When a change fund was reopened, an outdated version of the BCC Change Fund Control Form was used instead of the current March 2023 revision. As a result, the updated control form was not on file with the Financial Services General Ledger Division. The department indicated it was unaware that a revised form had been issued, as the updated version had not been distributed to BCC Fiscal Teams or posted to the County intranet.
in: BCC: Unannounced Cash Verification - Dated June 25, 2024 - lowpolicyBCC · FY 2024
Developer Credit Transmittal Summary Checkbox Options Ambiguous
Responses to certain questions on the Developer Credit Transmittal Summary were ambiguous because only Yes or No checkboxes were available. Some answers required a Not Applicable response, which was not an option, causing staff to check No instead, creating potential for misinterpretation of the record.
in: BCC: Developer Credits Policies and Procedures- Dated July 30, 2024 - lowpolicyCCC · FY 2023
Civil docket code list associated with List of 23 contained non-confidential codes
Of 102 Civil docket codes on the List of 23 reference list, seven (7%) were determined not to be confidential. During the audit, privacy level updates were made in Clericus for five of the seven codes. Codes such as 4142 (Order to Show Cause Guardianship), 8000 (Motion to Determine Confidentiality), 4623 (Notice of Confidential Information), 3401 (Confidential Sealed Order), and 1517 (Confidential Sealed Envelope) were found not to require confidential treatment.
in: CCC Docket Image Privacy Follow-Up - Final Report dated February 14 2023 - lowpolicyCCC · FY 2023
Some Civil docket codes associated with List of 23 were inactive or unused
No documented policy or procedure required periodic review of docket codes. As a result, eight (8%) of the 102 Civil docket codes associated with the List of 23 were active but had either been replaced or not recently used, some not since 2003 or earlier. This created risk of erroneous use of obsolete codes.
in: CCC Docket Image Privacy Follow-Up - Final Report dated February 14 2023 - lowpolicyCCC · FY 2023
Some Criminal docket codes related to List of 23 were unused
No documented policy requiring periodic review of docket code usage existed in Criminal. Three (8%) of 34 Criminal docket codes associated with the List of 23 were active but not frequently or recently used, including codes BEHS (not used since 2017), AFJT, and PCPB (neither used in Clericus or CJIS as of August 19, 2020).
in: CCC Docket Image Privacy Follow-Up - Final Report dated February 14 2023 - lowpolicyCCC · FY 2023
Criminal docket node spreadsheet lacked guidance for docket descriptions
The Criminal docket node spreadsheet did not provide guidance on when to include or exclude additional language in docket descriptions. As a result, docket descriptions for numerous images contained more information than the basic docket description. Policies and procedures related to the docket code review process were also not documented.
in: CCC Docket Image Privacy Follow-Up - Final Report dated February 14 2023 - lowpolicyCCC · FY 2023
Records redaction and confidentiality scenario answer key lacked adequate detail
The existing scenario question answer key provided limited explanations for correct answers. Specific issues included: scenario 15.2 referencing confidentiality when statute required sealing; scenario 23 lacking guidance on why tattoo descriptions did not apply to defendants; scenario 39 being unclear that customers may only view redacted documents; and the number of legal authorities per scenario being unclear from the outset of the document.
in: CCC Docket Image Privacy Follow-Up - Final Report dated February 14 2023 - lowpolicyCCC · FY 2023
Records scenario questions provided limited guidance to Civil and Criminal teammates
The redaction and confidentiality scenario questions were designed for the Records department but were intended to be distributed to Civil and Criminal teammates as well. Of the scenario questions, only two (numbers 13 and 41) were related to Criminal and Civil Courts, providing insufficient department-specific training guidance.
in: CCC Docket Image Privacy Follow-Up - Final Report dated February 14 2023 - lowpolicyCCC · FY 2023
No policies existed for court documents written in foreign languages
No documented policies or procedures existed in Civil, Criminal, or Records for handling court documents written in a foreign language. During testing, one OnDemand image contained a plea form written in Spanish with an accompanying English translation, but there was limited documented guidance for teammates handling such documents to ensure confidential information was properly protected.
in: CCC Docket Image Privacy Follow-Up - Final Report dated February 14 2023 - lowpolicyBCC · FY 2023
Change fund control form not updated after custodian separation
The control form on file with Financial Services for Land O' Lakes Heritage Park still reflected an employee who had separated from service as of November 21, 2022, at the time of the January 23, 2023 unannounced audit. The control form was not updated to reflect the current custodian until January 27, 2023, after the IG's visit, and the IG verified the updated form was subsequently filed with Financial Services.
in: BCC: Unannounced Cash Verification - Dated August 2, 2023 - lowpolicyBCC · FY 2023
DAVID standard operating procedures outdated and missing required guidance
The DAVID SOP contained outdated and inconsistent information and lacked detailed guidance for certain MOU requirements, including: incorrect agency head, backup POC, and internal case system references; an attachment with outdated Florida Statute language; inconsistent five-year retention requirements for access forms; no requirement to generate a User by Agency Report from DAVID for comparison to the Division's user list; no designation of who is responsible for notifying the IG upon receipt of an FLHSMV attestation request; and no designation of who is responsible for notifying FLHSMV of changes in agency head, POC, or contact information.
in: BCC: Stormwater DAVID Contract Attestation - Dated November 13, 2023 - lowpolicyCCC · FY 2022
2021 Quarter 1 Review Selected Users With No DAVID Activity
For the 2021 Quarter 1 Review, the 10 randomly selected users had no DAVID activity or searches for the selected week. Reviewing user reports with no activity did not test for compliance and merely documented a lack of activity, rendering the quarterly review ineffective for that period.
in: CCC: DAVID Attestation-Admin - Dated July 12, 2022 - lowpolicyBCC · FY 2021
Minor discrepancies in quarterly DAVID activity review completion dates
The IG noted discrepancies regarding the completion dates for some of the quarterly DAVID user activity reviews required under MOU #HSMV-0444-16. Because monthly reviews were also conducted throughout the engagement period in compliance with department policies and procedures, the auditors considered these discrepancies minor. The matter was brought to management's attention rather than elevated as a formal finding.
in: BCC: DAVID Voluntary Termination – Dated March 9, 2021 - lowpolicyCCC · FY 2021
Policy and Procedure Manual outdated for time monitoring processes
The Department's Policy and Procedure Manual did not reflect current procedures for internal processes related to monitoring of time. The Audit Project Time Tracker, required by policy, was no longer being used because it was designed for a former teammate and was deemed obsolete, but the manual was never updated to remove the requirement. Audit Time Reports were generated periodically rather than weekly as required, and budget reassessment workpapers were not always completed at the end of each engagement phase as specified in policy.
in: Department of Inspector General 2021 Internal Quality Self-Assessment Final Report - lowpolicyCCC · FY 2021
No documented procedures for continuous monitoring and post-engagement surveys
The Department Policy and Procedure Manual lacked detailed guidance for two processes effective October 1, 2020: verifying and reporting the continuous tracking of open recommendations and corrective actions, and the sending and receiving of post-engagement surveys. The absence of documented procedures risked inconsistent execution. Additionally, the engagement lead auditor was both sending and receiving completed post-engagement surveys, creating a lack of separation of duties.
in: Department of Inspector General 2021 Internal Quality Self-Assessment Final Report - lowpolicyCCC · FY 2021
Budget amendment revision process inefficient due to email submission requirement
Per the Department's Procedure Manual, requests to revise the audit budget by more than 10% were required to be submitted to the Inspector General via email. The self-assessment determined that email submissions were less efficient and less substantiated compared to using the AutoAudit system, which offers built-in review and tracking features.
in: Department of Inspector General 2021 Internal Quality Self-Assessment Final Report - lowpolicyCCC · FY 2021
Civil List of 23 docket code list contained non-confidential codes
Of 102 Civil docket codes on the List of 23 reference list, seven (7%) were determined not to be confidential. During the audit, privacy level updates were made in Clericus for five of the seven codes. Two codes (1397 and 1579) related to name change cases were public record, and others such as codes 4142, 8000, 4623, 3401, and 1517 did not contain confidential information.
in: CCC: 2020-09 Docket & Image Privacy – Dated August 4, 2021 - lowpolicyCCC · FY 2021
Eight active Civil List of 23 docket codes were unused or replaced
Of 102 Civil docket codes associated with the List of 23, eight (8%) were active but had either been replaced by other codes or had not been recently used, with some last used as far back as 2003. No documented policy requiring periodic review of docket code usage existed, creating a risk of codes being used in error.
in: CCC: 2020-09 Docket & Image Privacy – Dated August 4, 2021 - lowpolicyCCC · FY 2021
Three active Criminal List of 23 docket codes were unused
Of 34 Criminal docket codes associated with the List of 23, three (8%) were active but not frequently used: BEHS (Behavior Summary) last used in 2017, AFJT (Amended Final Judgment of Termination of Parental Rights), and PCPB (Petition to Commit Minor to DCF For Adoption), the latter two not used in either Clericus or CJIS as of August 19, 2020. No policy required periodic review of code usage.
in: CCC: 2020-09 Docket & Image Privacy – Dated August 4, 2021 - lowpolicyCCC · FY 2021
Criminal docket node spreadsheet lacked guidance for docket descriptions
The Criminal docket node spreadsheet did not provide guidance on when to include or exclude additional language in docket descriptions, resulting in numerous images containing more information than the basic docket description. Policies and procedures related to the docket code review process were also not documented.
in: CCC: 2020-09 Docket & Image Privacy – Dated August 4, 2021 - lowpolicyCCC · FY 2021
Records scenario question answer key lacked sufficient detail and guidance
The redaction and confidentiality scenario question answer key provided limited explanations. Specific deficiencies included: answer 15.2 described confidential status when the statute required sealed; answer 23 lacked explanation for why tattoo descriptions did not apply to defendants; answer 39 was unclear that customers could only view the redacted document; and the document did not clarify how many legal authorities applied to each scenario.
in: CCC: 2020-09 Docket & Image Privacy – Dated August 4, 2021 - lowpolicyCCC · FY 2021
No policies exist for handling court documents in foreign languages
Civil, Criminal, and Records had no documented policies or procedures for handling court documents written in a foreign language. During testing, one OnDemand image included a Plea form written in Spanish with an English translation also docketed, but teammates had limited documented guidance for reviewing such documents to ensure confidential information was not publicly released.
in: CCC: 2020-09 Docket & Image Privacy – Dated August 4, 2021 - lowpolicyBCC · FY 2021
Extended Cycle Count Process Lacks Written Documentation
The existing Cycle Count Procedures did not document all key steps performed throughout the year. Management performed extended cycle counts using a turnover report generated around August for items with no usage, but this process was not captured in any written procedure. Undocumented procedures undermine consistency, compliance, and training capability.
in: BCC: Utilities Warehouse Inventories – Dated December 20, 2021 - lowpolicyBCC · FY 2020
POC Quarterly Monitoring Logs contained incorrect and duplicative information
The POC Quarterly Monitoring Logs contained incorrect information and appeared to duplicate the Quarterly Quality Control Review Report required by the MOU. Specific issues included: the log referenced supervisor field logs that Stormwater did not actually use; the log referred to an incorrect search code; and the log indicated that signed authorization forms for all users were verified quarterly, even though the POC could not locate those forms when requested.
in: BCC: Stormwater DAVID Contract Attestation – Date March 24, 2020 - lowpolicyCCC · FY 2020
Documented verification frequency inconsistent with actual staff practice
The Deposit Will Verification procedure specified that verification was to occur weekly, every Friday. However, teammates interviewed stated that verification occurred within two to three days of receiving and entering the will into Clericus, and no one indicated they verified only on Fridays. The disconnect between the documented frequency and actual practice meant the written procedure did not accurately reflect or govern the workflow.
in: CCC: 2020-05 Deposit Will Audit – Dated September 17, 2020 - policyCCC · FY 2021
Noncompliance with deposit will procedures corrective action completed
The original audit identified instances of noncompliance with deposit will procedures. The follow-up review confirmed that the corrective action plan addressing this condition was fully completed by Civil management.
in: CCC: 2020-05 Deposit Will Follow-up Memo – Dated August 5, 2021 - policyCCC · FY 2021
Incomplete documented policies and procedures corrective action completed
The original audit found that documented policies and procedures did not provide current, complete, or detailed guidance for some steps in the deposit will process. The follow-up confirmed this corrective action was completed, though portions of the original plan no longer applied or a compensating control was implemented.
in: CCC: 2020-05 Deposit Will Follow-up Memo – Dated August 5, 2021 - policyCCC · FY 2021
Segregation of duties deficiency in verification process corrective action completed
The original audit found that segregation of duties was not effective for the deposit will verification process. The follow-up confirmed this corrective action was completed, with portions of the plan either no longer applicable or addressed through a compensating control.
in: CCC: 2020-05 Deposit Will Follow-up Memo – Dated August 5, 2021 - policyCCC · FY 2021
Inconsistencies between DC and NPR corrective action completed
The original audit identified inconsistencies between the Downtown Courthouse (DC) and New Port Richey (NPR) locations regarding deposit will processes. The follow-up confirmed this corrective action was completed, with portions no longer applicable or compensating controls implemented.
in: CCC: 2020-05 Deposit Will Follow-up Memo – Dated August 5, 2021 - policyCCC · FY 2021
Inconsistent deposit will verification requirement corrective action completed
The original audit found that the requirement for deposit will verification was not applied consistently throughout the office. The follow-up confirmed that the corrective action plan addressing this condition was fully completed.
in: CCC: 2020-05 Deposit Will Follow-up Memo – Dated August 5, 2021