AP NEWS

Cuyahoga County auditor critical of IT Department that is focus of corruption probe

August 2, 2018

Cuyahoga County auditor critical of IT Department that is focus of corruption probe

CLEVELAND, Ohio - A draft audit report on Cuyahoga County’s troubled IT Department raises questions about the authority and oversight of the department’s general counsel, Emily McNeeley, who is a focus of an ongoing corruption investigation.

Internal Auditor Cory Swaisgood suggests that the general counsel, whom he doesn’t name, had been given too much authority and was not adequately supervised by the county Law Department despite assurances to the contrary by county Law Director Robert Triozzi.

Swaisgood also suggests the county seek to recover $119,782 in payments to OneCommunity, a high-speed internet provider, for services that could not adequately be reconciled during the audit. Scot Rourke, the county’s IT director, is OneCommunity’s former chief executive.

Rourke also is a focus of the corruption probe by the County Prosecutor’s Office, and has been placed on leave along with McNeeley.

A draft copy of the audit was leaked Thursday to cleveland.com after the administration of County Executive Armond Budish tried for weeks to keep the document secret by claiming it was not a public record – an assertion disputed by an expert on Ohio’s public records laws.

Here are some of Swaisgood’s findings:

The IT Department lacked adequate segregation of duties, which resulted in McNeeley performing legal reviews and approvals of contracts while also serving on the department’s leadership team.McNeeley had access to perform – and at times did perform - multiple functions: requesting a procurement, giving departmental approval for the procurement, obtaining documents from vendors, and giving legal approval of the same procurement.Swaisgood suggested that the legal review of contracts should be independent from the department requesting the contract in order to reduce the risk of procurement fraud. The deputy chief information officer and McNeeley made the decision to go live with a new version of the OnBase data management system in July of 2017 against the desires of the director of Office and Procurement and Diversity, resulting in flawed performance.  While Triozzi reported that his department supervised McNeeley’s work, Swaisgood obtained no evidence that the Law Department adequately supervised McNeeley and noted McNeeley was categorized as an IT employee and paid out of IT’s budget.Nearly half of the IT Department contracts, purchase orders and other deals reviewed for the audit – 47 of 96 – were awarded without competitive bidding and Swaisgood found no evidence that efforts were made to identify other possible vendors. The deals were worth more than $3.6 million. Swaisgood noted that competitive bidding ensures that taxpayers get the best value and reduces the risk of fraud. The user ID of a terminated employee from the Office of Budget and Management was used 25 times to perform requited OBM approvals of more than $27 million in ontracts. In one case, the user ID was used 120 days after the employee’s termination date. The audit report notes that a new version of the software prevents terminated employees from gaining access.The IT Department set effective dates on 29 contracts and other deals totaling more than $6 million before the deals were approved.The IT Department failed to obtain all required review authorizations on 30  contracts or other deals totaling more than $27 million.Required review authorizations were made on 62 contracts or other deals totaling more than $31 million after the deals already had been approved.Swaisgood could not properly analyze data in the OnBase system because it did not have the capacity to generate adequate reports. A technical advisory committee established in 2012 to advise whether IT purchases and contracts comply with county standards has not been operating in compliance with state open meetings law.

Swaisgood began the audit as a matter of routine review of county operation. He expanded the scope in light of the corruption investigation. The audit includes a review of procurement practices, contract-related transactions and various controls to make sure systems are working as intended. 

Budish released the following statement after his office was informed that a copy of the draft audit had been leaked to cleveland.com.

“We appreciate the good work of the Internal Auditor. With the exception of issues relating to two employees (who are subject to a separate investigation), the legacy weaknesses identified in systems of IT and procurement have generally existed for many years. The timing of this audit is particularly helpful, as it enables us to improve our processes at the same time we are beginning to implement a new, integrated, system-wide computer program (ERP). As can be seen from the management responses, we are adopting almost all of the recommendations made in the audit. The integration of process improvements into the new ERP system should make us much more efficient and save money in future years.

The auditor’s process is to draft a report, get and incorporate management responses, and then send it to the audit committee for consideration, possible changes, approval and release. At this time, the auditor has not yet had a chance to incorporate management responses or provide a draft to the audit committee. Management responses are important because they show that almost all of the changes recommended by the auditor have already been made or are being made. Accordingly, we are attaching draft management responses, although the Auditor has not yet had a chance to review and include them.”

Cleveland.com will update this post later today with responses from Budish and his administration.

AP RADIO
Update hourly