FOR IMMEDIATE RELEASE:

December 21, 2018

Contact: Sen. Cowles: (608) 266-0484 / Rep. Kerkman: (888) 529-0061

State Financial Audit Identifies Continuing Concerns with IT Security

MADISON– Today, the nonpartisan Legislative Audit Bureau (LAB) released its financial audit of the State of Wisconsin’s fiscal year (FY) 2017-18 financial statements (report 18-20). The Department of Administration (DOA) prepares the State’s Comprehensive Annual Financial Report (CAFR) in accordance with generally accepted accounting principles (GAAP). LAB provided unmodified opinions on the State’s FY 2017-18 financial statements presented in the CAFR. An unmodified audit opinion is provided when audit evidence supports the conclusion that the financial statements provide a fair view of an entity’s financial activity in accordance with GAAP.

LAB identified ten deficiencies in internal control over financial reporting, two of which, when combined, were considered to be a material weakness in internal control. The material weakness related to the reporting of capital assets by the Department of Transportation (DOT). LAB previously had identified deficiencies in DOT’s internal control over financial reporting during the FY 2016-17 audit (report 18-3). In report 18-20, LAB also reported significant deficiencies in certain financial reporting processes at DOA, the Office of the Commissioner of Insurance, and the Department of Health Services (DHS).

LAB continued to identify several significant deficiencies related to weaknesses in information technology (IT) security policies, procedures, and controls, including those related to STAR, which is the State’s enterprise resource planning system. LAB recommends that DOA and other state agencies make improvements to address these deficiencies. Given that it first reported its concerns about overall security policies and standards to DOA in FY 2014-15, LAB recommends DOA report its progress addressing continued IT security findings to the Joint Legislative Audit Committee by March 29, 2019.

“Maintaining oversight of our IT systems’ security is of the upmost importance to the state. Several of these findings are ongoing concerns that still need to be addressed from prior audits. It is my hope that state agencies will implement the LAB recommendations quickly and put these IT security issues behind us. I look forward to their responses in March,” said Senator Robert Cowles (R-Green Bay).

“Although the state has made improvements, we still need to be vigilant in our oversight of financial reporting, said Rep. Samantha Kerkman (R-Salem Lakes). “The transparency supplied by the audit is a crucial component in addressing the challenges identified especially those related to information technology. I join Co-Chair Cowles in looking forward to receiving follow-up communications from the Department of Administration in March.”

In addition, LAB noted other concerns, including certain deficiencies in DHS’s internal control in administering federal awards that resulted in significant delays in receipt of federal reimbursement. LAB also indicated DOA was noncompliant with statute when it did not deposit proceeds from the sale of certain property into the bond security and redemption fund in order to repay principal and interest on the debt.

Copies of report 18-20 may be obtained from LAB’s website at www.legis.wisconsin.gov/lab or by calling (608) 266-2818. Report concerns related to state government activities to LAB by calling the toll-free hotline at 1‑877‑FRAUD‑17.

###

 

 

Mailing Address: P.O. Box 7882, Madison, WI 53707-7882; Office: 118 South, State Capitol

Office: (608) 266-0484; District: (920) 448-5092Email: Sen.Cowles@legis.wisconsin.gov