This document is an HTML formatted version of a printed document. The printed document may contain agency comments, charts, photographs, appendices, footnotes and page numbers which may not be reproduced in this electronic version. If you require a printed version of this document contact the United States Securities and Exchange Commission, Office of Inspector General, Mail Stop 11-7, 450 Fifth Street N.W., Washington, D.C. 20549 or call (202) 942-4460.
Semiannual Report to Congress
During this reporting period (October 1, 1996 to March 31, 1997) the Office of Inspector General (Office) of the Securities and Exchange Commission issued nine audit reports and two audit memoranda. In addition, the Office issued two investigative reports on management issues.
Program audits were completed of the effectiveness of the Commissionís integrity program; insurance products regulation; economic analysis program; enforcement surveillance of markets; the Office of Filings and Information Services; and the local area network. In addition, the Office completed financial or administrative audits of space utilization; a contract for ADP services; and the Atlanta District Office.
Fifteen investigations were closed during the period. Five cases were referred to the Commission; three were also referred to the Department of Justice (which declined prosecution). The staff member involved in one of the investigations resigned from the Commission; another received a written reprimand.
Although the Commission has made many improvements in controls over the collection of filings fees, the overall control structure remains inadequate. This condition will remain until a new fee system, which is currently in procurement, is implemented. In addition, although the Commission has contracted with a contractor to recommend improvements in the information technology area, information resources management continues to be a significant problem. Specifically, systems development contracting, information resources management planning, and ADP security remain problem areas.
The Commission successfully tested its disaster recovery plans for its Electronic Data Gathering, Analysis and Retrieval (EDGAR) system. With the completion of the testing, its contingency backup recovery procedures for EDGAR are now operational.
The Office issued nine audit reports and two audit memoranda during the reporting period. It also issued two investigative reports on management issues. A total of one hundred and nineteen recommendations were made in these reports, which are further described below. Management generally concurred with the recommendations.
The Office of Insurance Products (OIP) is responsible for the regulation of variable insurance products under the Investment Company Act of 1940. The Office consists of 13 staff and is part of the Division of Investment Management. The primary objective of the audit was to evaluate the efficiency and effectiveness of the Office of Insurance Products.
Variable insurance products, which include variable annuities and variable life insurance, differ from traditional "fixed dollar" insurance contracts in the way in which benefits are funded. Premium payments are held in a "separate account" that provides the contract owner with a variety of investment options. The benefits ultimately realized by the contract owner depend on the investment performance of the separate account. Sales of variable annuities and life insurance have grown significantly in the past few years.
We found that in general the Office of Insurance Products does a satisfactory job of regulating variable insurance. However, delays in performing certain tasks suggest that OIP needs to improve the management of its workload to assure the timely completion of its work.
Our recommendations to improve the effectiveness and efficiency of the Office of Insurance Products included: preparing a plan to reduce their backlog of filings; detailing staff from other parts of the Division to reduce and prevent backlogs; considering sampling or excluding certain filings to better manage workload; encouraging more requests for selective review; developing improved guidance for reviewers; determining whether Name Relationship Search Index System searches should be conducted when reviewing new registrations; and reviewing its recordkeeping policies.
The Division of Investment Management generally concurred with the recommendations presented in the report.
The SEC Office Automation (SECOA) computer network links all Commission staff, providing electronic mail, word processing, spreadsheets, and mainframe and external access, among other capabilities. SECOA has approximately fifty file servers (computers dedicated to network operations) running a network operating system called Netware.
The Communications and Systems Support Office in the Office of Information Technology (OIT) has primary responsibility for managing and operating the network. Other Commission staff and contractors provide assistance.
Our objective was to determine whether the SECOA network was effectively managed and operated. We considered the following issues: configuration management, application management, network security, network availability and performance, and administrative management.
During the audit, we interviewed Commission staff; observed conditions in headquarters, the Operations Center, and three regional offices; reviewed available documentation; and tested management controls.
We found that the SECOA network was generally managed and operated effectively. The Office of Information Technology has recently taken steps to improve the network's infrastructure, and further improvements are planned, including a change in operating system.
With client server initiatives being introduced, the Commission will rely even more on the network, increasing risk. We made several recommendations to help ensure the network's continued effective operation.
The Offices of Information Technology, Administrative and Personnel Management, and the General Counsel provided written comments on a draft of this report. Generally, they concurred with our findings and recommendations.
The Office of Filings & Information Services (OFIS) is responsible for the receipt and initial handling of all public documents filed at the Commissionís headquarters office. It determines whether the documents are acceptable; extracts data from them for entry into automated systems; calculates filing fees; performs cursory and substantive examinations of filings; and prepares correspondence to filers.
OFIS is also responsible for the Commissionís records management program; for authenticating documents produced for administrative or judicial proceedings; and for providing filer support services. In addition, OFIS manages the Commissionís public reference facilities, which provide public access to filings (in addition to the electronic dissemination through EDGAR).
The objective of our survey was to gather information about OFIS to assist in audit planning. We also sought to determine whether controls in that office were adequate.
We reviewed available documentation and interviewed staff in OFIS, the divisions of Corporation Finance and Market Regulation, the Office of Information Technology, and the National Association of Securities Dealers. We tested management controls by selecting a judgment sample from case files and reports of various form types.
Controls in the Office of Filings and Information Services are generally adequate, and OFIS has recently made changes to improve its operations. We made several recommendations for further improvements, including updating OFISís procedures for broker-dealer withdrawal applications; updating issuersí changes in fiscal years (filed on Form 8-K) for several entities; and improving the accuracy of OFISís internal database used to track open investigation files.
OFIS generally concurred with our findings and recommendations. In addition, the Division of Market Regulation suggested several editorial revisions to the draft report.
The Office of Market Surveillance in the Division of Enforcement is an important source of intelligence information for the Commissionís Enforcement program. It obtains information through referrals from Self-Regulatory Organizations (SROs), which have primary responsibility for surveillance of their markets, and through its own surveillance, including reviews of filings and trading data (for example, from blue sheets and external data bases).
When the Office receives or identifies information on suspicious trading patterns (insider trading or market manipulation), it conducts additional analysis. If warranted, based on materiality and other considerations, the Office refers the matter internally within the Division of Enforcement or to the appropriate regional office.
The objective of the audit was to evaluate the effectiveness of Enforcementís market surveillance activities.
We interviewed current and former Commission staff, and visited the New York Stock Exchange and the Chicago Board Options Exchange, and Commission regional offices in New York and Chicago. We also sent a questionnaire to regional contacts for the Office of Market Surveillance and interviewed the Chairman of the Intermarket Surveillance Group. Finally, we reviewed available documentation, observed conditions in the market surveillance room, and tested the accuracy and timeliness of referral data in Commission tracking systems.
We found that given its limited staff and analytical resources, Enforcementís Office of Market Surveillance is generally effective in its market surveillance activities. SRO referrals are generally distributed on a timely basis, and the Office provides quality investigative support services, based on our interviews. It coordinates well with the Intermarket Surveillance Group, and the SRO referral tracking system (the SRO Case Referral Listing) appears accurate and complete.
In August 1991, the Commission signed a fifteen year lease with two five years options for the Operations Center in Alexandria, Virginia. The lease provided for 81,313 net usable square feet (NUSF) of space, of which 60,587 was classified as office space, 18,574 as data center space, and 2,152 as other (e.g., warehouse) space. In January 1994, the Commission acquired an additional 11,836 NUSF, and in July 1996, another 21,329 NUSF. The cost of the lease for 1996 was $1,815,566. The cost does not include utilities and guard costs.
In August 1993, the Commission signed a fifteen year lease for the Annex building. The lease provided for 18,000 NUSF, of which 3,000 was classified as office space and 15,000 as other space. The leasing cost for fiscal year 1996 was $219,717. The cost does not include utilities and guard costs of approximately $130,500.
Our objective was to evaluate whether the Commissionís space at the Operations Center and Annex building could be better utilized, thereby increasing leasing effectiveness or reducing costs. Our analysis was based on conditions as of May 1996, except we adjusted it, where possible, to reflect the acquisition of additional space at the Operations Center in July 1996. We also considered, as appropriate, storage use at headquarters and a leased warehouse facility in Southeast Washington, D.C.
During the audit, we interviewed Commission staff; performed analytical procedures; reviewed building floor plans, leases, and other documentation; and toured the buildings.
Our audit initially found that the Commission had excess space at the Operations Center and Annex building, for several reasons. These included budget and staffing uncertainties, and the configuration of the Operations Center, which was not designed as a government building.
In July 1996, the Commission acquired additional space in the Operations Center. It moved 99 staff from OAPM, the Comptrollerís Office and the Freedom of Information Act Office into this space and other Operations Center space in November 1996.
As part of that move, OAPM is improving space utilization in the Operations Center (e.g., by reducing the number of staff with private offices and enhancing the use of conference rooms and the training areas). A total of 17 staff from the Office of Information Technology have moved to a modular layout (formerly, many had private offices of approximately 150 square feet). Plans are underway to extend this effort throughout the Operations Center.
We had several additional short and long term recommendations to further improve the Commissionís use of leased space, or reduce leasing costs.
We evaluated the Commissionís integrity program (i.e., the ethics program and personnelís staff conduct program) through sixteen workshops involving approximately eight percent of Commission employees. A recognized internal audit methodology (Control Self Assessment or CSA) was used to systematically collect information from staff and managers on how successfully the Commission achieves its integrity objectives.
Composite ratings by the participating staff and managers indicated that all supporting objectives were generally being implemented, although some obstacles are impairing full implementation. We believe that, taken as a whole, the Commission is achieving its primary objective to promote high individual and agency integrity.
Perhaps the most noteworthy finding was that, with almost no exceptions, the participants indicated that they felt a personal sense of responsibility for maintaining the integrity of the Commission. This is both critical and necessary for the primary integrity objective to be realized. Most of the participants also felt a strong sense of an ethical tradition at the Commission and that the staff live up to the Commissionís integrity expectations. Workshop participants overwhelmingly reported that integrity is a high priority at, and an integral value of, the Commission. There were also no material control weaknesses identified by any participant during the workshops. It is evident from all available evidence that Commission employees place a high premium on ethical integrity.
The participants in the workshops expressed a desire for better communication of policies from management; more frequent ethics training; readily accessible and understandable material concerning ethics and conduct issues; selective, responsive, and well-trained ethics advisors; and enhanced accountability for misconduct. The Office of Inspector General generally endorsed these recommendations and made additional recommendations in the report.
A discussion of the CSA methodology as a part of the Officeís Strategic Plan is included below in the section entitled "Other Matters." A more complete description of the CSA audit methodology used in the audit is attached as Appendix A.
The Office of Economic Analysis (OEA) was created several years ago from the merger of the Chief Economistís Office and the Directorate of Economic and Policy Analysis (DEPA). A number of former DEPA staff subsequently left OEA.
Currently, the office has a staff of approximately 20, and is managed by the Chief Economist and Deputy Chief Economist (an Associate Chief Economist position was recently approved). Most of the staff are economists or in related fields. The office also has three secretaries and one Administrative Officer. Four staff are college professors appointed to a one to two year term under the Intergovernmental Personnel Act program.
Our objectives were to gather information on the economic analysis program and to identify possible risks and improvements to the program. During the survey, we interviewed Office of Economic Analysis and other Commission staff and reviewed OEA work products and files. We did not attempt to evaluate the quality, timeliness, and usefulness of OEA work, nor did we test management controls.
Based on our interviews, management significantly improved the economic analysis program starting in July 1995. The improvements have continued under current management, and the Office of Economic Analysis is now functioning effectively.
OEAís biggest challenge is to instill a culture as a service provider, while retaining its ability to provide independent advice to the Commission. It also needs to attract and retain highly qualified management and staff.
We made some recommendations to help OEA continue enhancing its effectiveness, with which OEA concurred.
Under a task order with the Office of Inspector General, Tichenor & Associates, an independent CPA firm, audited $2.3 million of incurred costs claimed by Universal Hi-Tech Development, Inc. (UHD) under contract SECHQ1-91-D-0186. The audit was to determine whether UHD complied with certain provisions of the contract related to allowability and allocability of costs, and whether all claimed costs were allowable and allocable under the contract. The audit included testing of costs and compliance with certain provisions of the contract for the period August 5, 1991 through December 31, 1995, the performance period of the contract.
Except for $11,088 of questioned costs, the audit disclosed that UHD generally complied with the provisions of the contract related to allowability and allocability of costs, and that all incurred costs claimed were allowable and allocable under the contract. UHD and Commission management did not concur with the $11,088 of questioned costs, although UHD concurred with several recommendations regarding its internal controls.
The Atlanta District Office (ADO) is headed by a District Administrator and divided into offices headed by Assistant District Administrators (Enforcement and Regulation). In turn, the offices are divided into branches (enforcement, broker-dealer and transfer agent examinations, investment company/investment adviser examinations, and reorganization).
The ADO Administrative Officer is responsible for most day-to-day administrative matters. His duties include time and attendance, travel, personnel, purchasing, and budgeting and accounting.
We reviewed administrative and financial controls of the Atlanta District Office. Our objective was to determine whether the ADOís controls were adequate, were being implemented economically and efficiently, and were in compliance with Commission policies and procedures.
The audit steps included interviews with administrative and financial staff and tests of controls. Because of time and resource constraints, the scope of testing was more limited than it would have otherwise been.
The audit found that ADO controls were generally functioning adequately. We recommended that the ADO improve controls over the transportation subsidy program; improve physical security over the imprest fund; correct several errors in its accounting records; separate the functions of authorizing and approving overtime authorizations; and provide the Administrative Officer with adjustments to travel vouchers. Generally, the ADO agreed with our findings and recommendations.
While conducting interviews on other matters, we became aware that compliance with EDGAR system requirements is incomplete, in contrast to Commission pronouncements. In particular, a significant number of filings, mandated for electronic filing, are still being accepted in paper.
This audit memorandum addressed the issues involved. It also made a recommendation that the Commission review the matter and issue clarifying guidance to the staff and the industry.
This memorandum summarized the results of a January 23, 1997 meeting between staff of the Office of Administrative and Personnel Management, the Office of Inspector General, and the Commissionís security guard contractor. The memorandum recommended improvements to crime scene procedures, including securing crime scenes when appropriate; prompt notification to the Office of Inspector General of crimes; guard training; and written procedures on crime scenes.
Two investigative reports on management issues were issued during the period. These reports are public and do not contain allegations, evidence, or names of subjects, but rather focus exclusively on corrective actions needed to strengthen controls. More traditional referral reports to management, Justice, etc. are also issued, as appropriate.
Contract Security Violations
We investigated allegations of contract security violations by a Commission contractor. The investigation disclosed that the contractor violated the contract by allowing non-public Commission materials to be left in non-secure locations. The violations were referred to Commission management, which required the contractor to take corrective action.
Controls over Certain Examiner Activities
While conducting an investigation of the conduct of an examiner, we identified a need for improved controls over certain activities by examiners. We recommended that examiners who conduct examination work alone should prepare brief written reports, and that all managers with knowledge of an employeeís performance should have an opportunity to provide input on that performance to the employeeís supervisors. Management concurred with the recommendations, and indicated that it is planning other improvements to its management controls.
Fifteen investigations were closed during the period. Five matters investigated by the Office were referred to the Commission; three cases were also referred to the Department of Justice (which declined prosecution). At the close of the period, four investigations were pending. These investigations included allegations of false statements, destroying evidence, contract irregularities, and unauthorized outside employment.
The staff member involved in one closed investigation resigned from the Commission; another received a written reprimand. Two investigative reports on management issues were issued (see prior section). The most significant cases are described below.
We investigated allegations of misconduct by a Commission staff attorney in an enforcement investigation. The allegations included an alleged personal vendetta against the subject of the investigation, an alleged breach of an agreement not to contact investors, alleged improper statements to investors, alleged harassment of witnesses, alleged lies to an associate of the subject, and alleged confidentiality violations. The evidence developed in the investigation did not support any of the allegations.
In our last report, we described an investigation which developed evidence that a Commission staff member had inflated travel expenses for reimbursement over an extended period of time. Since then, the employee resigned and the Commission has recovered over $10,000 in excess travel claims. The United States Attorney declined prosecution.
A thorough investigation was conducted into an allegation that a broker-dealer had paid off a Commission staff attorney in order to induce the staff attorney to commence investigations of certain companies in which the broker-dealer held short positions. The evidence developed during the investigation did not support the allegations.
An investigation developed evidence that a Commission staff member had claimed inflated travel expenses for reimbursement over an extended period of time. The investigation also developed evidence that the staff member failed to perform assigned duties while on travel status. The staff member resigned before administrative action could be taken. The United States Attorney declined prosecution.
A Commission manager was alleged to have had a conflict of interest with respect to a Commission contractor. The evidence developed during the investigation did not support the allegations; in fact, substantial contrary evidence was obtained.
An investigation developed evidence that a Commission employee had negotiated future employment with a contractor while the employee performed work on the contract. We also obtained evidence that the employee made false statements regarding this conduct. Management issued a written reprimand to the employee. The United States Attorney declined prosecution.
No new significant problems were identified, based on work completed during the period.
Our prior audit of the collection of filing fees confirmed the Commissionís previous assessment that the management controls were not in material conformance with accounting standards. Although Commission management has made significant progress in correcting the most serious weaknesses, some corrective actions must await the implementation of a new computerized collection system. Until these corrective actions are implemented, the overall control structure will continue to fail to provide adequate assurance that accountability over filing fees is adequate.
Audit and investigative work in a prior reporting period identified significant weaknesses in the Commissionís implementation of information technology. These weaknesses related to contracting for systems development, information resources planning, and ADP security.
The Office of Information Technology has taken numerous, positive steps to address these and other problems, and further steps are planned. For example, the Commission has contracted with a contractor to recommend improvements in the information technology area. In addition, a senior ADP committee is being established, and ADP guidance will be issued in phases. We will continue to monitor the Commissionís actions to address these weaknesses.
The Commission successfully tested its disaster recovery plans for the Electronic Data Gathering, Analysis and Retrieval (EDGAR) system during this reporting period. Consequently, we no longer consider EDGAR disaster recovery to be a significant problem.
The Office of Inspector General has received access to all information required to carry out its activities. No reports to the Chairman, concerning refusal of such information, were made during the period.
Staff from the National Credit Union Administration performed a peer review of the Office during this reporting period. The peer review team found that the Office met all applicable generally accepted government auditing standards.
The Office actively participates in the activities of the Executive Council on Integrity and Efficiency (ECIE). The Inspector General attends ECIE meetings and is an active member of its Financial Institutions Regulatory Committee.
The Counsel and Associate Counsel to the Inspector General are members of the Presidentís Council on Integrity and Efficiency, Council of Counsels. The Council considers legal issues relevant to the Inspector General community.
In our Five-year Strategic Plan for calendar years 1996-2000 we indicated that:
The Office expects to experiment with a new workproduct during the period of the plan -- "Control Self Assessments" (CSA). CSA is a new audit procedure, developed by industry, which employs teams of auditors, employees, and managers working together to access the adequacy of controls and identify opportunities for improvement. In structured workshops, teams determine an organization's effectiveness in achieving operational, financial, and legal compliance objectives. This procedure would allow the organization being evaluated to align its vision, goals, and objectives; improve communications; and increase employee understanding of and focus on Commission objectives. CSA reports and recommendations would be tracked by the Commission's audit followup procedures.
In addition to more traditional formal controls, CSA also focuses on informal controls such as integrity, ethical values, employee competence, communications, and management philosophy. These informal controls are critical to Commission operations but are not effectively addressed by traditional audit techniques.
If the pilot efforts are successful, we expect that CSA reports will complement (not replace) the other audit workproducts. By offering a variety of evaluation services to management, the Office intends to remain a cost-effective resource in improving Commission operations.
During this period the Office successfully completed its first CSA audit (see the description of Audit 250 above) of the Commissionís integrity program. We believe the result of the audit was superior to what could have been achieved using any traditional audit methodology. Moreover, many management officials and some of the staff that participated in the workshops commended the CSA audit process and the outcome of the audit. A more complete description of the methodology used is attached to this report as Appendix A.
The Office has completed the field work on a CSA audit of the Commissionís Compliance Inspection and Examination program. It has also started a CSA audit of the comment letter process with respect to the Commissionís review of disclosure filings. We are currently in the process of obtaining additional CSA resources and are planning to use the methodology for improved risk assessments of Commission programs, as well as audits.
Number (in thousands)
Management decisions have been made on all audit reports issued before the commencement of this reporting period (October 1, 1996).
No management decisions were revised during the period.
The Office of Inspector General agrees with all significant management decisions regarding audit recommendations, including "Funds Put to Better Use" and "Questioned Costs."
The Control Self Assessment (CSA) methodology used in Audit 250 ("Enhancing Excellence") consists of four primary tasks: identify management objectives, convene workshops to discuss and rate each objective, evaluate the workshop data, and prepare an audit report.
At the beginning of the audit, the audit staff worked closely with management to develop concise objectives for the conduct and ethics programs. Examples of possible objectives were initially discussed in several joint meetings of management and auditors.
The objectives selected for evaluation were those that management thought were both important and for which evaluation data would be useful. For example, although financial disclosure is important, the Office of Government Ethics had recently conducted a compliance audit of the matter and so it was not selected. Management revised their objectives further based on experience gained in the pilot workshop, which consisted of staff from the ethics and staff conduct programs.
The primary integrity objective developed by management was:
Nine supporting objectives were also developed that reflect the activities that make achievement of the primary objective more likely.
CONDUCT OF MANAGERS - Ensure that the behavior of executives and managers reflects the SECís integrity values and principles and that they acknowledge their critical role in reinforcing these values with their subordinates.
ORGANIZATIONAL CLIMATE - Foster an organizational climate that promotes high standards of ethical behavior.
SENSITIVITY TO UNINTENDED CONSEQUENCES - Promote staff objectivity in their official interactions with the private sector to prevent unfair impact on persons outside the Commission.
LINK INTEGRITY TO PERSONNEL DECISIONS - Ensure that managers consider employeesí ethical behavior when deciding on their performance ratings, awards, promotions, selection to supervisory positions, or other personnel actions to reward behavior that furthers SEC integrity.
FAIR NOTICE OF CONDUCT PARAMETERS - Provide staff with fair notice of the parameters of acceptable and prohibited behaviors, along with information on the consequences of non-compliance.
DISCIPLINARY PROCESS - Deal with staff misconduct in a fair, consistent, and timely manner.
STAFF COUNSELING - Provide employees with an opportunity to obtain authoritative answers to ethics and integrity questions in order to enable them to make ethical decisions.
INTEGRITY TRAINING - Promote staff awareness and commitment to integrity.
INTERNAL MANAGEMENT CONTROLS - Administer effective financial, administrative, and program controls to deter misconduct.
Once the objectives were finalized, sixteen workshops were convened by Office personnel. The workshops were set up to be roughly representative of staff allocation within the Commission. For example, because about one-third of Commission staff work in the regions, five of the workshops were conducted with regional staff.
For logistical reasons, division and office heads were asked to select staff to participate in the workshops based on criteria provided by the Office (e.g., a professional working in the regulation program, must have worked at the Commission at least one year). They were also asked to select staff to be as representative as possible, after the auditorís selection criteria were met. Each workshop was designed to be homogeneous with respect to management, professional, or support staff so that comparisons could later be made. The workshop participants were also exclusively either headquarters or regional staff or managers.
Prior to the workshops, each participant received a handbook which described what was expected and encouraged them to think about the management objectives in advance.
Each workshop began with a 30 - 45 minute presentation on the work of the Office. A 10 minute video was then presented, in which management introduced the workshop and provided background information. The workshops took from 4 to 6 hours to complete.
Two flip charts were used to summarize and record the strengths and weaknesses identified by participants for each objective. Participant recommendations were also solicited and recorded. Prior to the workshops, the auditors developed sets of questions that related to each objective. The questions gave structure to the discussions and facilitated the conduct of the workshops.
At the end of the discussion on each objective, participants were asked to use 4x6 inch cards to anonymously rate how well the management objective was achieved using a scale of 1 to 7. The cards were passed down to one of the participants who read them out loud. Each anonymous rating was recorded on the flipchart. Another participant simultaneously calculated an average rating using a calculator. This rating procedure was then repeated to rate how important (or desirable) the participants thought the objective was. Two ratings (i.e., actual and desired) were collected for each of the objectives.
After each workshop, the auditors typed the summary successes, obstacles, and recommendations from the flipcharts to a formatted word-processing document (one page per objective). Participants were asked to review the worksheets from their workshop and verify its accuracy.
The anonymous assessment ratings of the workshop participants were keyed into Statistical System Analysis (SAS) software for analysis. Comparative results from SAS were transferred to Excel software for graphical presentation. Several comparisons (e.g., how well ratings aligned) were performed. These included analysis of:
The detailed graphs from the Excel software were shared and discussed with program management.
All of the successes, obstacles, and recommendations (comments) from the workshop participants were recorded on worksheets and subsequently verified by the participants. Seventy-five "resulting issues" were identified by the audit staff by reading through all of the comments. Each success, obstacle, and recommendation was then coded and electronically transferred to a "resulting issue worksheet." This brought all comments about a particular issue together in one document and facilitated discussion and evaluation of the issues. Each comment retained a cross-reference code to its original workshop so that the context of the comment could be obtained, if required.
The seventy-five resulting issue worksheets were reviewed by both management and the auditors. Several meetings were held to discuss the issues and identify what actions could be taken to enhance the integrity program. These analyses were the basis for the audit report.
Although the scope of the audit was Commission-wide, the workshops also provided information with respect to individual organizational units. The worksheets (which did not associate individuals with their comments or ratings) were shared with the management of those units. Although many of the issues raised were outside of the scope of the audit, management indicated that they found the information extremely useful and had taken corrective actions in many instances. This information is also being used in the Officeís risk assessments, used to select future audit topics.
Although the Office drafted the audit report, discussions with management and their written comments were used to prepare it. This departure from the traditional comment process provided input at an earlier stage in the writing process. It also gave management a better understanding of the audit results, since they also analyzed the resulting issue worksheets.
Management ideas, expressed during the discussions preceding the preparation of the audit report, exceeded the expectations of the Office. We believe that the content of the final report is superior to what it would have been if only comments on the report itself were received from management. We estimate that the process took about the same amount of time as the traditional comment approach.