Clerk & Comptroller
Audit findings · Low · policy
36 findings match the current filter. Sorted by severity, then dollar amount.
- lowpolicy$23BCC · FY 2020
Unsigned credit card receipt found at Land O' Lakes Library
On January 29, 2020, an unsigned credit card receipt in the amount of $22.75, dated January 10, was found stored in the safe at the Land O' Lakes Library. Branch staff were unaware of procedures for handling unsigned receipts. The credit card charge had been included in a deposit submitted to Financial Services, and management was attempting to contact the cardholder.
in: BCC: Change and Petty Cash Fund Audit – Dated June 2, 2020 - lowpolicyBCC · FY 2024
P-Card Policies and Procedures Not Fully Formalized
Although the BCC had adequate P-Card policies and procedures in place, not all procedures were incorporated into the formal P-Card Policy document. Specifically, procedures related to the timeline for when P-Cards are suspended and the reactivation process were absent from the written policy. The lack of a single complete document increases the risk that personnel may not follow or consistently apply all required procedures.
in: BCC: Purchasing Card Transactions - Dated November 25, 2024 - lowpolicyCCC · FY 2025
No lost and found procedures for valuable or sensitive items
On July 15, 2024, the IG found a debit card stored in a safe that a citizen had left at a service window in October 2023—approximately nine months prior. The Operations Supervisor was uncertain of the process for returning such items. The card was returned to the issuing bank the same day the IG identified it. No officewide policy existed for receiving, storing, documenting, and returning lost valuable or sensitive items.
in: CCC: Unannounced Cash Verification - Dated May 5, 2025 - lowpolicyCCC · FY 2025
Cashiers not notified when supervisors process transaction voids
A void appeared on one drawer's Daily Receipt Recap Details report, but the cashier had no documentation and was unaware of it. Only leads and supervisors can process voids in the cashiering system; the Operations Lead voided a transaction identified during quality review without informing the cashier. No officewide policy addressed communication of voids to affected cashiers.
in: CCC: Unannounced Cash Verification - Dated May 5, 2025 - lowpolicyCCC · FY 2025
No document version control process for control form templates
The Division Change Fund Control Form on file for one division was a different version than the one published on Office Net at the time of audit, making it unclear which version was correct. No formal version control process existed to track and manage revisions to change fund control forms.
in: CCC: Unannounced Cash Verification - Dated May 5, 2025 - lowpolicyCCC · FY 2025
Inconsistent signature formats on change fund control forms
Signature formats on Custodian/Cashier Change Fund Control Forms were not consistent; some had wet signatures, others had digital signatures, and others had only typed names on signature lines. No officewide policy specified acceptable signature types for control forms.
in: CCC: Unannounced Cash Verification - Dated May 5, 2025 - lowpolicyCCC · FY 2025
Control forms signed without proper delegation of authority
Control forms did not consistently reflect proper delegation of authority: leads signed for supervisors and managers, assistant directors signed for directors, and in one instance the Operations Supervisor signed on behalf of the cashier/custodian. No formal signature delegation process existed for change fund control forms.
in: CCC: Unannounced Cash Verification - Dated May 5, 2025 - lowpolicyCCC · FY 2025
DAVID Searches Missing Required Reason Codes
The DAVID Quarterly Audit Guideline requires a reason code to be entered for every search performed. Of 67 DAVID searches reviewed during testing, four searches by one user included a case or citation number but lacked a required reason code. The auditor confirmed all four searches were for valid business purposes.
in: CCC: DAVID Attestation- Dated July 28, 2025 - lowpolicyCCC · FY 2025
DAVID Access Authorization Request Form Lists Incorrect Department
One DAVID Access Authorization Request Form on file was not updated to reflect the teammate's correct department, representing an inaccuracy in the official access control documentation maintained by the Office.
in: CCC: DAVID Attestation- Dated July 28, 2025 - lowpolicyCCC · FY 2025
Fragmented DAVID Guidance and Lack of Policy Management Software
Criminal and IT departments maintained independent versions of DAVID audit procedures; Criminal's older documents were confirmed obsolete but some Criminal users remained unaware of current documented procedures. Updates to DAVID procedures were communicated informally through Criminal Department Bulletins (CDBs) rather than being promptly reflected in formal procedure documents.
in: CCC: DAVID Attestation- Dated July 28, 2025 - lowpolicyCCC · FY 2024
Inconsistent documentation of custody for assigned change funds
Practices for documenting custody of assigned change funds were inconsistent across divisions. One change fund had multiple Division Change Fund Control Forms bearing the same date but signed by different individuals as supervisor/designee. In another instance, a supervisor signed both the Division Change Fund Control Form and the Custodian/Cashier Change Fund Control Form as custodian/cashier and supervisor/designee for a fund split among six cashier drawers and two cash boxes, without obtaining signatures from the individual cashiers, undermining individual accountability. Additionally, the distribution totals on Custodian/Cashier Change Fund Control Forms did not always agree with the corresponding Division Change Fund Control Form.
in: CCC: Unannounced Cash Verification - Dated May 14, 2024 - lowpolicyBCC · FY 2024
Outdated Control Form Used; Updated Form Not Filed with General Ledger
When a change fund was reopened, an outdated version of the BCC Change Fund Control Form was used instead of the current March 2023 revision. As a result, the updated control form was not on file with the Financial Services General Ledger Division. The department indicated it was unaware that a revised form had been issued, as the updated version had not been distributed to BCC Fiscal Teams or posted to the County intranet.
in: BCC: Unannounced Cash Verification - Dated June 25, 2024 - lowpolicyBCC · FY 2024
Developer Credit Transmittal Summary Checkbox Options Ambiguous
Responses to certain questions on the Developer Credit Transmittal Summary were ambiguous because only Yes or No checkboxes were available. Some answers required a Not Applicable response, which was not an option, causing staff to check No instead, creating potential for misinterpretation of the record.
in: BCC: Developer Credits Policies and Procedures- Dated July 30, 2024 - lowpolicyCCC · FY 2023
Civil docket code list associated with List of 23 contained non-confidential codes
Of 102 Civil docket codes on the List of 23 reference list, seven (7%) were determined not to be confidential. During the audit, privacy level updates were made in Clericus for five of the seven codes. Codes such as 4142 (Order to Show Cause Guardianship), 8000 (Motion to Determine Confidentiality), 4623 (Notice of Confidential Information), 3401 (Confidential Sealed Order), and 1517 (Confidential Sealed Envelope) were found not to require confidential treatment.
in: CCC Docket Image Privacy Follow-Up - Final Report dated February 14 2023 - lowpolicyCCC · FY 2023
Some Civil docket codes associated with List of 23 were inactive or unused
No documented policy or procedure required periodic review of docket codes. As a result, eight (8%) of the 102 Civil docket codes associated with the List of 23 were active but had either been replaced or not recently used, some not since 2003 or earlier. This created risk of erroneous use of obsolete codes.
in: CCC Docket Image Privacy Follow-Up - Final Report dated February 14 2023 - lowpolicyCCC · FY 2023
Some Criminal docket codes related to List of 23 were unused
No documented policy requiring periodic review of docket code usage existed in Criminal. Three (8%) of 34 Criminal docket codes associated with the List of 23 were active but not frequently or recently used, including codes BEHS (not used since 2017), AFJT, and PCPB (neither used in Clericus or CJIS as of August 19, 2020).
in: CCC Docket Image Privacy Follow-Up - Final Report dated February 14 2023 - lowpolicyCCC · FY 2023
Criminal docket node spreadsheet lacked guidance for docket descriptions
The Criminal docket node spreadsheet did not provide guidance on when to include or exclude additional language in docket descriptions. As a result, docket descriptions for numerous images contained more information than the basic docket description. Policies and procedures related to the docket code review process were also not documented.
in: CCC Docket Image Privacy Follow-Up - Final Report dated February 14 2023 - lowpolicyCCC · FY 2023
Records redaction and confidentiality scenario answer key lacked adequate detail
The existing scenario question answer key provided limited explanations for correct answers. Specific issues included: scenario 15.2 referencing confidentiality when statute required sealing; scenario 23 lacking guidance on why tattoo descriptions did not apply to defendants; scenario 39 being unclear that customers may only view redacted documents; and the number of legal authorities per scenario being unclear from the outset of the document.
in: CCC Docket Image Privacy Follow-Up - Final Report dated February 14 2023 - lowpolicyCCC · FY 2023
Records scenario questions provided limited guidance to Civil and Criminal teammates
The redaction and confidentiality scenario questions were designed for the Records department but were intended to be distributed to Civil and Criminal teammates as well. Of the scenario questions, only two (numbers 13 and 41) were related to Criminal and Civil Courts, providing insufficient department-specific training guidance.
in: CCC Docket Image Privacy Follow-Up - Final Report dated February 14 2023 - lowpolicyCCC · FY 2023
No policies existed for court documents written in foreign languages
No documented policies or procedures existed in Civil, Criminal, or Records for handling court documents written in a foreign language. During testing, one OnDemand image contained a plea form written in Spanish with an accompanying English translation, but there was limited documented guidance for teammates handling such documents to ensure confidential information was properly protected.
in: CCC Docket Image Privacy Follow-Up - Final Report dated February 14 2023 - lowpolicyBCC · FY 2023
Change fund control form not updated after custodian separation
The control form on file with Financial Services for Land O' Lakes Heritage Park still reflected an employee who had separated from service as of November 21, 2022, at the time of the January 23, 2023 unannounced audit. The control form was not updated to reflect the current custodian until January 27, 2023, after the IG's visit, and the IG verified the updated form was subsequently filed with Financial Services.
in: BCC: Unannounced Cash Verification - Dated August 2, 2023 - lowpolicyBCC · FY 2023
DAVID standard operating procedures outdated and missing required guidance
The DAVID SOP contained outdated and inconsistent information and lacked detailed guidance for certain MOU requirements, including: incorrect agency head, backup POC, and internal case system references; an attachment with outdated Florida Statute language; inconsistent five-year retention requirements for access forms; no requirement to generate a User by Agency Report from DAVID for comparison to the Division's user list; no designation of who is responsible for notifying the IG upon receipt of an FLHSMV attestation request; and no designation of who is responsible for notifying FLHSMV of changes in agency head, POC, or contact information.
in: BCC: Stormwater DAVID Contract Attestation - Dated November 13, 2023 - lowpolicyCCC · FY 2022
2021 Quarter 1 Review Selected Users With No DAVID Activity
For the 2021 Quarter 1 Review, the 10 randomly selected users had no DAVID activity or searches for the selected week. Reviewing user reports with no activity did not test for compliance and merely documented a lack of activity, rendering the quarterly review ineffective for that period.
in: CCC: DAVID Attestation-Admin - Dated July 12, 2022 - lowpolicyBCC · FY 2021
Minor discrepancies in quarterly DAVID activity review completion dates
The IG noted discrepancies regarding the completion dates for some of the quarterly DAVID user activity reviews required under MOU #HSMV-0444-16. Because monthly reviews were also conducted throughout the engagement period in compliance with department policies and procedures, the auditors considered these discrepancies minor. The matter was brought to management's attention rather than elevated as a formal finding.
in: BCC: DAVID Voluntary Termination – Dated March 9, 2021 - lowpolicyCCC · FY 2021
Policy and Procedure Manual outdated for time monitoring processes
The Department's Policy and Procedure Manual did not reflect current procedures for internal processes related to monitoring of time. The Audit Project Time Tracker, required by policy, was no longer being used because it was designed for a former teammate and was deemed obsolete, but the manual was never updated to remove the requirement. Audit Time Reports were generated periodically rather than weekly as required, and budget reassessment workpapers were not always completed at the end of each engagement phase as specified in policy.
in: Department of Inspector General 2021 Internal Quality Self-Assessment Final Report - lowpolicyCCC · FY 2021
No documented procedures for continuous monitoring and post-engagement surveys
The Department Policy and Procedure Manual lacked detailed guidance for two processes effective October 1, 2020: verifying and reporting the continuous tracking of open recommendations and corrective actions, and the sending and receiving of post-engagement surveys. The absence of documented procedures risked inconsistent execution. Additionally, the engagement lead auditor was both sending and receiving completed post-engagement surveys, creating a lack of separation of duties.
in: Department of Inspector General 2021 Internal Quality Self-Assessment Final Report - lowpolicyCCC · FY 2021
Budget amendment revision process inefficient due to email submission requirement
Per the Department's Procedure Manual, requests to revise the audit budget by more than 10% were required to be submitted to the Inspector General via email. The self-assessment determined that email submissions were less efficient and less substantiated compared to using the AutoAudit system, which offers built-in review and tracking features.
in: Department of Inspector General 2021 Internal Quality Self-Assessment Final Report - lowpolicyCCC · FY 2021
Civil List of 23 docket code list contained non-confidential codes
Of 102 Civil docket codes on the List of 23 reference list, seven (7%) were determined not to be confidential. During the audit, privacy level updates were made in Clericus for five of the seven codes. Two codes (1397 and 1579) related to name change cases were public record, and others such as codes 4142, 8000, 4623, 3401, and 1517 did not contain confidential information.
in: CCC: 2020-09 Docket & Image Privacy – Dated August 4, 2021 - lowpolicyCCC · FY 2021
Eight active Civil List of 23 docket codes were unused or replaced
Of 102 Civil docket codes associated with the List of 23, eight (8%) were active but had either been replaced by other codes or had not been recently used, with some last used as far back as 2003. No documented policy requiring periodic review of docket code usage existed, creating a risk of codes being used in error.
in: CCC: 2020-09 Docket & Image Privacy – Dated August 4, 2021 - lowpolicyCCC · FY 2021
Three active Criminal List of 23 docket codes were unused
Of 34 Criminal docket codes associated with the List of 23, three (8%) were active but not frequently used: BEHS (Behavior Summary) last used in 2017, AFJT (Amended Final Judgment of Termination of Parental Rights), and PCPB (Petition to Commit Minor to DCF For Adoption), the latter two not used in either Clericus or CJIS as of August 19, 2020. No policy required periodic review of code usage.
in: CCC: 2020-09 Docket & Image Privacy – Dated August 4, 2021 - lowpolicyCCC · FY 2021
Criminal docket node spreadsheet lacked guidance for docket descriptions
The Criminal docket node spreadsheet did not provide guidance on when to include or exclude additional language in docket descriptions, resulting in numerous images containing more information than the basic docket description. Policies and procedures related to the docket code review process were also not documented.
in: CCC: 2020-09 Docket & Image Privacy – Dated August 4, 2021 - lowpolicyCCC · FY 2021
Records scenario question answer key lacked sufficient detail and guidance
The redaction and confidentiality scenario question answer key provided limited explanations. Specific deficiencies included: answer 15.2 described confidential status when the statute required sealed; answer 23 lacked explanation for why tattoo descriptions did not apply to defendants; answer 39 was unclear that customers could only view the redacted document; and the document did not clarify how many legal authorities applied to each scenario.
in: CCC: 2020-09 Docket & Image Privacy – Dated August 4, 2021 - lowpolicyCCC · FY 2021
No policies exist for handling court documents in foreign languages
Civil, Criminal, and Records had no documented policies or procedures for handling court documents written in a foreign language. During testing, one OnDemand image included a Plea form written in Spanish with an English translation also docketed, but teammates had limited documented guidance for reviewing such documents to ensure confidential information was not publicly released.
in: CCC: 2020-09 Docket & Image Privacy – Dated August 4, 2021 - lowpolicyBCC · FY 2021
Extended Cycle Count Process Lacks Written Documentation
The existing Cycle Count Procedures did not document all key steps performed throughout the year. Management performed extended cycle counts using a turnover report generated around August for items with no usage, but this process was not captured in any written procedure. Undocumented procedures undermine consistency, compliance, and training capability.
in: BCC: Utilities Warehouse Inventories – Dated December 20, 2021 - lowpolicyBCC · FY 2020
POC Quarterly Monitoring Logs contained incorrect and duplicative information
The POC Quarterly Monitoring Logs contained incorrect information and appeared to duplicate the Quarterly Quality Control Review Report required by the MOU. Specific issues included: the log referenced supervisor field logs that Stormwater did not actually use; the log referred to an incorrect search code; and the log indicated that signed authorization forms for all users were verified quarterly, even though the POC could not locate those forms when requested.
in: BCC: Stormwater DAVID Contract Attestation – Date March 24, 2020 - lowpolicyCCC · FY 2020
Documented verification frequency inconsistent with actual staff practice
The Deposit Will Verification procedure specified that verification was to occur weekly, every Friday. However, teammates interviewed stated that verification occurred within two to three days of receiving and entering the will into Clericus, and no one indicated they verified only on Fridays. The disconnect between the documented frequency and actual practice meant the written procedure did not accurately reflect or govern the workflow.
in: CCC: 2020-05 Deposit Will Audit – Dated September 17, 2020