NEWBURGH – An audit of the Newburgh Enlarged City School District’s financial condition and information technology security has offered recommendations on how to improve both.

The audit said appropriations were overestimated resulting in an operating surplus of $18.8 million in 2015-16 and that reserves were not used as intended and were overfunded by $7.3 million as of June 30, 2016.

Examiners found the district exceeded the four percent surplus limit set by Albany. The actual percentage was seven percent.

Among the recommendations made by the comptroller’s auditors were to adopt budgets with reasonably estimated appropriations and to use excess fund balance and reserves to benefit district residents in accordance with statutory requirements and too review all reserves and determine whether the balances are necessary, reasonable and compliant with statutory requirements.

The audit also said the IT director did not adequately monitor the electronic devices inventory resulting in items not being recorded and sensitive IT control weaknesses were communicated confidentially to district officials.

The report said 18 outdoor cameras were purchased in 2016 at a cost of $39,890 but were not recorded in inventory. Seven of those cameras, valued at over $20,000, were found in storage and not being used.

In September 2015, the district entered a three-year lease agreement with a computer vendor for 300 tablet computers and made the first payment of $123,540 in January 2016.

None of those devices were included in the district inventory records. Payments continue to be made, but they are not properly tracked, the audit said. “Without inventory records and periodic inventory verification the district has an increased risk that these items will be lost or stolen,” the report said.

Auditors also found the district did not have adequate procedures to safeguard against viruses or spyware from entering the computer system. “Employees visited social networking websites, viewed personal email, visited education, business and financial websites and shopping, real estate, travel, video and audio streaming and other entertainment websites using district IT assets,” the report said.

It also said there were “several instances” of potential exposure of confidential district information including email servers and user names, email addresses, and student information. “We also found a relatively large amount of advertising control that may indicate a spyware infection on one of these computers.”

The audit said the IT director should ensure all electronic and digital equipment are inventories and that only devices needed by the district are purchased, and that all leased computer tablets should be located and added to the inventory.

It also said personal district information should be protected and “not improperly disclosed via district web applications.”

Superintendent Dr. Roberto Padilla responded to the audit in writing criticizing “the harsh tone of the report given the fact that a budget is an estimate of revenues and expenditures that may vary from year to year in terms of actual expenditure, with school districts being restricted to a going forward unassigned fund balance of just four percent by law, while your office recommends a multiple of that for other municipalities as being fiscally prudent where the law is silent in that regard.”

Padilla said the actual unassigned fund balance was maintained within the four percent limit. “It is easy to evaluate a budget at the end of the budget cycle. It is far harder to estimate a budget with a number of undetermined variables.”