Geneseo Central School District - Online Banking (2019M-172) | Office of the New York State Comptroller

Issued Date

December 13, 2019

[read complete report - pdf]

Audit Objective

Determine whether District officials ensured online banking transactions were appropriate and secure.

Key Findings

District officials did not:

Follow the Board’s online banking policy or develop procedures to adequately segregate online banking duties.
Ensure that authorized access to online bank accounts was limited.
Provide information technology (IT) security awareness training to employees.

In addition, sensitive IT control weaknesses were communicated confidentially to District officials.

Key Recommendations

Enforce the online banking policy and develop procedures to adequately segregate online banking duties.
Designate one computer to be used strictly for online banking transactions.
Ensure that officials and employees receive adequate IT security awareness training.

District officials agreed with our recommendations and indicated they have begun to initiate corrective action.

Background

The Geneseo Central School District (District) serves the Towns of Geneseo, Groveland, Sparta and West Sparta, all in Livingston County.

The District is governed by a Board of Education (Board), which is composed of seven elected members.

The Business Administrator is responsible for reviewing and authorizing online banking transactions. The District Treasurer (Treasurer) initiates bank and wire transfers using online banking, and the payroll clerk initiates online banking payroll transactions. The District uses network resources to perform online banking transactions. The Technology Coordinator is responsible for managing the network’s security and the data it contains.

Quick Facts
Employees	350
Enrollment	850
2019-20 Appropriations	$21.2 Million
Bank Balance as of July 31, 2019	$5.8 Million

Audit Period

July 1, 2017 – August 6, 2019