AUDIT SUMMARY

 

We audited the Virginia Information Technologies Agency’s (VITA) contract management, contract payment, centralized information technology security audit service, and right-to-use asset accounting business cycles for the fiscal year ended June 30, 2024.  We found:

 

• • proper recording and reporting of right-to-use assets, in all material respects, in the Commonwealth’s lease accounting system and the Department of Accounts’ (Accounts) Internal Service Fund Attachment, after adjustment for the misstatements noted in the finding “Improve Controls Over Identifying, Tracking, Recording, and Reporting Right-to-Use Assets;” 

 

• • three prior audit matters involving internal control and its operation necessary to bring to management’s attention, one of which is considered a material weakness, where corrective action is ongoing as shown in the Findings Summary included in the Appendix; and

 

• • two instances of noncompliance with applicable laws and regulations or other matters that are required to be reported.

 

This report also includes an appendix of Risk Alerts applicable to multiple agencies that require the action and cooperation of VITA.  Our separate audit report for each agency includes the details of each risk that we identified.

 

In the section titled “Internal Control and Compliance Findings and Recommendations” we have included our assessment of the conditions and causes resulting in the internal control and compliance findings identified through our audits as well as recommendations for addressing those findings.  Our assessment does not remove management’s responsibility to perform a thorough assessment of the conditions and causes of the findings and develop and appropriately implement adequate corrective actions to resolve the findings as required by Accounts in Topic 10205 – Agency Response to APA Audit of the Commonwealth Accounting Policies and Procedures Manual.  Those corrective actions may include additional items beyond our recommendation.

 

VITA is one of several entities cited in a risk alert in Accounts fiscal year 2024 audit report.  The “Financial Reporting” risk alert identifies the increased risk that the Commonwealth may not meet the deadline for the Annual Comprehensive Financial Report, which could jeopardize the Commonwealth’s bond rating, because multiple entities have increasingly submitted inaccurate and late financial information to Accounts over the past several fiscal years.  As an entity that is contributing to this increased risk for the Commonwealth, VITA’s corrective action to correct the issues in the finding “Improve Controls Over Identifying, Tracking, Recording, and Reporting Right-to-Use Assets” is essential to reducing the risk to the Commonwealth.