The latest biennial audit report released by Illinois Auditor General Frank Mautino found that the Illinois State Police did not properly manage equipment inventory, could not reconcile their accounting records, and may have lost confidential information contained on missing computers. The audit concluded that misstatements in ISP’s accounts were “both material and pervasive.”
The findings of inadequate inventory control were the most extensive. Sixty missing items were computers and other storage devices that may have contained confidential information, but there is no record of the data they contained. The auditors found a $1.7 million discrepancy between equipment and data processing expenditures entered on two different state government forms. Auditors were unable to reconcile property control documents, with more than $4 million in “unknown activity” in 2022 and more than $5 million in 2021.
In the 2022 inventory, there were 719 missing items worth $1.5 million, and in 2021 the inventory reported 1,413 missing items worth nearly $2.5 million. The Auditor General found that ISP does not have a policy for identifying equipment considered subject to theft, a finding that has been repeated since 2002. According to the auditor’s report, ISP “indicated the policies and directives had not been updated due to a lack of resources available to complete the task.”
Auditors reviewed payroll records for 12 employees who had been separated during the audit period and found that one remained on the payroll for 14 pay periods after termination, resulting in an overpayment of $37,116.
FOID cards and Concealed Carry applications and renewals suffered delays in processing, and ISP was unable to document that more than $8 million in fees were deposited in the correct funds.
ISP responded to the findings within the body of the report. It said that it takes the loss of property seriously, especially when it contains confidential information. It has taken measures to ensure adequate encryption of data on all devices.
ISP spokesperson Melaney Arnold told Illinois Times in an email that several audit findings can be attributed to the previous Public Safety Shared Services Center, which performed personnel, procurement and financial process duties for state agencies. The PSSSC was created in 2006 to standardize administrative functions so that state agencies could “share management knowledge and capitalize on synergies and economies of scale.” Arnold wrote that trained employees from ISP were transferred to PSSSC, limiting ISP’s ability to perform tasks criticized in the audit.
According to Arnold, in 2019 those administrative tasks were returned to ISP from PSSSC, but not all the staff were returned. She wrote that, “ISP has been working to rebuild the department since 2019, but faces many of the same hiring challenges faced by entities nationwide.” She said that poor record keeping by PSSSC “created a number of longstanding challenges that are not easily or quickly fixed.”
The Department of Innovation and Technology was created in 2018 and is responsible for the information technology functions of executive agencies like ISP, and some of those functions overlap with inventory control and accounting. Arnold says that ISP is working with DoIT to address system errors that “did not manifest themselves overnight and are not easily reversed” and that the department is implementing corrective action plans to address the audit findings. In its response to the auditor’s report, ISP cited those system errors as the root cause for problems in the Fiscal Year 2022 report, and those system errors have been resolved. ISP also blamed the long processing times for FOID and Concealed Carry paperwork on staff shortages, which it has addressed by hiring more staff.
Annual appropriations to ISP have increased from $658.3 million to $733.4 million over the past four years, but personnel shortages persist, according to ISP. Nowhere in its response to the audit does ISP commit to any deadline for remedying the deficiencies identified other than the system errors cited above, nor does the Auditor General impose any.
According to the Auditor General administrative manager, Jim Dahlquist, the Auditor General recommends actions to be taken in the event of adverse findings but does not have the authority to impose requirements on state agencies to implement those recommendations. Instead, their opinions are intended to help the legislature when “considering general improvements in governmental operations.” That is, without legislative action, remediation of issues identified in audits rely upon voluntary action by the audited agency.
The full report can be found at http://www.auditor.illinois.gov/Audit-Reports/Compliance-Agency-List/ISP/FY22-ISP-Comp-Full.pdf
Don Howard is an intern at Illinois Times while completing his master’s degree in Public Affairs Reporting at University of Illinois Springfield. He can be reached at dhoward@illinoistimes.com or 336-455-6966.
This article appears in Freshman class.
