Department of Fish and Game Examination of Annual Internal Control Questionnaire
July 9, 2015 · Read the full official report (PDF) ↗
source
“DFG’s 2014 ICQ had inaccurate responses on the subjects of its internal control systems, internal control plan (ICP), risk assessment, and capital-asset inventory.”
Read the plain-English breakdown
This is a limited state audit of whether the Department of Fish and Game accurately filled out its annual internal-control questionnaire for fiscal year 2014.
“This report details the audit objectives, scope, methodology, findings, and recommendations for the audit period, July 1, 2013 through June 30, 2014.”
The audit checked whether selected answers DFG gave to the state comptroller were accurate and backed up by records.
“The objective of our audit was to determine whether certain responses provided by DFG to OSC in its fiscal year 2014 ICQ were accurate.”
Internal controls are the basic safeguards that help a state agency follow rules, manage money and assets, and reduce risk.
“Without establishing an ICP in accordance with OSC guidelines, DFG may not be able to achieve its mission and objectives effectively; efficiently; and in compliance with applicable laws, rules, and regulations.”
For residents, the practical issue is whether public assets and public programs are being tracked and protected properly.
“Finally, without performing and documenting an annual physical inventory, DFG is not ensuring that its capital assets are properly safeguarded against loss, theft, or misuse and that its inventory records are complete and accurate.”
The auditor did not say DFG lost money or assets; the main finding was that DFG’s paperwork and support for its internal controls did not match what it reported.
“Some of the information that the Department of Fish and Game (DFG) reported in its Internal Control Questionnaire (ICQ) to the Office of the State Comptroller (OSC) for fiscal year 2014 was inaccurate or not supported by documentation.”
DFG was told to fix the identified problems, follow comptroller requirements, and ask the comptroller for help if needed.
“DFG should take the measures necessary to address the issues we identified during our audit and should ensure that it adheres to all of OSC’s requirements for developing an ICP and accurately reporting information about its ICP, risk assessment, annual physical inventory, and department representations on its ICQ.”
The audit matters because the comptroller and outside auditors rely on these questionnaire answers to judge whether the state’s controls are adequate.
“The purpose of the ICQ is to provide an indication of the effectiveness of the Commonwealth’s internal controls.”
ICQ means the yearly questionnaire agencies complete about internal controls. ICP means the agency’s internal control plan. OSC is the Office of the State Comptroller. A risk assessment is a documented look at what could go wrong, including fraud.
“In the Representations section of the questionnaire, the department head, chief fiscal officer, and internal control officer confirm that the information entered in the questionnaire is accurate and approved.”
What the Auditor checked
- Did not comply In its 2014 ICQ, did DFG give accurate responses in the following areas? internal control plan (ICP)
- Did not comply In its 2014 ICQ, did DFG give accurate responses in the following areas? capital-asset inventory, for both generally accepted accounting principles (GAAP) and non-GAAP assets
- Complied In its 2014 ICQ, did DFG give accurate responses in the following areas? personally identifiable information
- Complied In its 2014 ICQ, did DFG give accurate responses in the following areas? audits and findings (reporting variances, losses, shortages, or thefts of funds or property immediately to OSA; see Appendix A)
What the Auditor found
Why it matters: Inaccurate ICQ information prevents OSC from assessing DFG's internal controls effectively, and lack of documented inventory increases risk that capital assets are not safeguarded or accurately recorded.
Standard: OSC internal control guidelines, OSC ICQ instructions, COSO enterprise risk management framework, OSC fixed asset inventory policies, and Chapter 647 of the Acts of 1989. ( Chapter 11, Section 12, of the Massachusetts General Laws; Chapter 647 of the Acts of 1989; OSC’s Accounting and Management Policy and Fixed Asset Acquisition Policy )
2 recommendations
- DFG should address the audit issues and follow OSC requirements for developing an internal control plan and accurately reporting ICQ information.agency: agreed
- DFG should request OSC guidance if necessary.agency: agreed
Agency response & Auditor reply
Agency: "Finally, consistent with the State Auditor’s recommendations . . . DFG intends to take the measures necessary to address the issues identified by the State Auditor during the DFG audit and to request guidance from the Office of the State Comptroller (OSC), if needed."
Auditor: "We believe that DFG’s intention to implement our recommendation concerning this matter is responsive to our concerns."