This document is an HTML formatted version of a printed document. The printed document may contain agency comments, charts, photographs, appendices, footnotes and page numbers which may not be reproduced in this electronic version. If you require a printed version of this document contact the United States Securities and Exchange Commission, Office of Inspector General, Mail Stop 11-7, 450 Fifth Street N.W., Washington, D.C. 20549 or call (202) 942-4460.
BOSTON DISTRICT OFFICE
Audit No. 370
Limited Audit of Financial and Administrative Controls
The Office of Inspector General conducted a limited audit of selected financial and administrative controls in the Commission's District office in Boston, MA (BDO). The audit procedures were limited to interviewing BDO staff, reviewing supporting documentation, and conducting limited tests of transactions. The purpose of the audit was to provide the Commission with negative assurance concerning these controls.1 We performed our audit from March to April 2003, in accordance with generally accepted government auditing standards.
The Boston District Office assists the Northeast Regional Office in administering Commission programs in Connecticut, Delaware, Maine, Maryland, Massachusetts, New Hampshire, New Jersey, New York, Pennsylvania, Rhode Island, Vermont, Virginia, West Virginia, New Hampshire, and the District of Columbia. In carrying out its responsibilities, the BDO exercises a broad range of financial and administrative functions, including maintaining time and attendance records; procuring supplies and services; arranging for staff travel; maintaining an inventory of property; and recording budgeted and actual expenditures of the office.
During the limited audit described above, no material weaknesses in the BDO's financial and administrative controls came to our attention.
We informally discussed a number of non-material findings and recommendations with BDO management, including the finding below. Management generally concurred with the findings and agreed to implement the recommendations.
PROTECTING NON-PUBLIC INFORMATION AND EQUIPMENT
The BDO is located on the sixth floor of a commercial office building. Physical access to the BDO suite is obtained by swiping a passcard through a monitor.
Within the suite, most offices and rooms, including the file room, mail room and supply room, do not have locks and are left open at night and on weekends. Although the suite entrance is protected from public access, door locks would provide additional protection to the BDO's non-public information (such as case files), mail and supplies.
Case files containing non-public information were stored in unsecured boxes in the BDO suite area. Reminding BDO staff to safeguard non-public information appears appropriate.
The BDO should install door locks as appropriate and remind its staff to safeguard non-public information in common areas.
1 Negative assurance means that no material internal control weaknesses came to our attention during our limited audit.