OIG Risk Assessment of the Department's Purchase Card Program for Fiscal Year 2013

Published by the Department of Education, Office of Inspector General on 2015-02-10.

Below is a raw (and likely hideous) rendition of the original report. (PDF)

                                          OFFICE OF INSPECTOR GENERAL

                                                                                                                AUDIT SERVICES

February 10, 2015

TO:              Thomas P. Skelly
                 Delegated to Perform the Functions and Duties of the Chief Financial Officer
                 Office of the Chief Financial Officer

FROM:            Patrick J. Howard /s/
                 Assistant Inspector General for Audit

SUBJECT:         Completion of OIG Risk Assessment of the Department’s Purchase Card Program
                 for Fiscal Year 2013
                 Control Number ED-OIG/S19O0005

The purpose of this memorandum is to inform you of the results of the Office of Inspector
General’s (OIG) risk assessment of the Department of Education’s (Department) purchase card
program, as required by the Government Charge Card Abuse Prevention Act of 2012 (Charge
Card Act). The Charge Card Act requires Inspectors General (IGs) to conduct periodic risk
assessments of their agency’s purchase card program to identify and analyze the risks of illegal,
improper, or erroneous purchases and payments. IGs will use these risk assessments to
determine the necessary scope, frequency, and number of IG audits or reviews of the program.

In order to assess the risk of illegal, improper, and erroneous purchases made through the
Department’s purchase card program, we reviewed the Department’s policies and procedures
in conjunction with purchase card internal control requirements identified in the Charge Card
Act and related Office of Management and Budget (OMB) guidance, 1 determined whether
corrective actions resulting from prior audits of the Department’s purchase card program have
been implemented, examined documentation from the Department’s purchase card monitoring
efforts, and reviewed data on disciplinary action taken by the Department resulting from
purchase card misuse. Additionally, we contacted OIG Investigations and Hotline staff regarding
information on purchase card misuse and reviewed the OIG Data Analytics System (ODAS)2 to
identify and assess high-risk categories of potentially inappropriate purchases.

 OMB Memo M-13-21 and OMB Circular A-123, Appendix B
 ODAS includes a download provided by the charge card vendor of all Department purchase card transactions for
a given fiscal year.
                                400 MARYLAND AVENUE, S.W., WASHINGTON, DC 20202-1510

                Promoting the efficiency, effectiveness, and integrity of the Department’s programs and operations.
Page 2 – Thomas Skelly

Based on our review, we determined that the purchase card program does not pose a high risk
to the Department and an audit of the program is not necessary. However we did identify a few
areas where the Department could strengthen its controls over the purchase card program.

Although we found that the Department generally has policies and procedures in place that
address the applicable purchase card internal control requirements, we noted that the
Department can help ensure that all required safeguards and internal controls are in place by
completing the compliance summary matrix found in the U.S. General Services Administration
(GSA) Smart Bulletin No. 021. The bulletin instructs agencies to use the compliance summary
matrix to compare existing internal controls within their purchase card programs to the
requirements in the matrix to document the operational effectiveness of the agency’s current
control activities.

We also found that the Department’s Contracts and Acquisition Management group (CAM)
within the Office of the Chief Financial Officer (OCFO) does not utilize all potential resources
when reporting data on disciplinary actions. CAM reports data on disciplinary actions taken to
OMB each quarter based on inquiries it makes to each principal office. CAM does not contact
the Department’s Human Capital and Client Services group (HCCS) for any data it maintains on
disciplinary actions.

As a result of the items noted above, we are providing the following suggestions to OCFO to
assist in strengthening the purchase card program:

       •   Complete the compliance summary matrix found in GSA Smart Bulletin No. 021, and
           ensure internal controls are documented and implemented that address the internal
           control requirements in the Charge Card Act and related OMB guidance.
       •   Coordinate with HCCS regarding the required reporting of data to OMB on
           disciplinary actions.

No response to this memorandum is necessary. We appreciate the cooperation given us during
this review. If you have any questions, please call Michele Weaver-Dugan at (202) 245-6941.

James Hairfield, Acting Director, CAM/OCFO