Sam Houston State University
A Follow-Up Audit Report on Management Controls at Sam Houston State University
October 1998
Report Number 99-006
Overall Conclusion
Sam Houston State University (University) has taken a number of actions to address the recommendations in An Audit Report on Management Controls at Sam Houston State University (SAO Report Number 97-044, March 1997). Although the previous report identified control weaknesses in several areas, management has implemented or is in the process of implementing many of the report's recommendations. Twenty-two of the 37 (60 percent) recommendations reviewed have been resolved. However, some recommendations related to monitoring investment performance, human resources, and information systems remain unresolved. As a result of the University's progress, there is additional assurance that management controls are adequate to ensure resources are spent appropriately.
Key Facts and Findings
The University implemented most of the recommendations related to improving its internal audit function. In February 1998, the University hired a new Director of Internal Audit who has developed a comprehensive approach to evaluating University operations.
The University will not fully implement certain recommendations until the next fiscal year. The University has redesigned its performance appraisal system, but certain procedures will not be phased in until fiscal year 1999. We commend management's efforts to address the issues noted in the previous report; however, management should continue its commitment to implementing all the corrective actions.
The University has not implemented some specific recommendations that could potentially have a significant impact on its operations. These include:
Set appropriate benchmarks to evaluate the performance of the University's $49 million investment portfolio.
Continue to improve planning for human resources staffing and monitoring. Adequately planning for human resources is critical since related expenditures totaled $43.6 million in fiscal year 1997.
Test disaster recovery plans to ensure information systems can be restored in case of disaster.
Contact the SAO about this report.
Download the PDF version of this report. (.pdf)
HTML Equivalent (utilizing Adobe's PDF Conversion by Simple Form).