The AMAS staff has a lot of University experience and we'll do our best to give you good advice.  If you have any questions you would like to ask the Syracuse University Auditors, please feel free to email us at: amas@listserv.syr.edu   If you would like to contact a specific person in AMAS please refer to the Meet the Staff page.  The following are some recent topics we have been asked with our responses:

Q: What considerations should be taken to ensure that expenditures pertaining to business meals and entertainment are appropriate and properly documented?

A: The University’s Administrative Policy Manual states that “entertainment expenses, including meals and refreshments for guests or business contacts, are non-reimbursable unless deemed necessary for the attainment of the purposes of the trip and approved in writing by the department authorized signer. Most sponsors forbid charging entertainment costs to their projects under any circumstances.” All travel and entertainment expenses must meet the Internal Revenue Service “accountable plan” rules, whereby an employee may be reimbursed for certain travel expenses without incurring any tax liability, provided the following three conditions are satisfied:

• advances and reimbursements must be business expenses that are paid or incurred by the employee in connection with his or her services as an employee
• travelers must substantiate the amount, time, use and business purpose of each expense within a reasonable time after incurring the expense; and
• employees must return any advance amounts in excess of substantiated expenses within thirty days after completion of the trip.

So what level of documentation should be maintained in support of business meals and entertainment expenses? While University policy and IRS regulations require supporting receipts for expenditures over $75 when traveling, the policy also states that “substantiation of the business purpose and reasonableness of all expenses is required.” Additionally, the University’s Travel and Entertainment card reconciliation procedures require supporting receipts for all card charges, with business purpose and attendees indicated.

With those policy statements in mind, AMAS recommends that it is a best business practice to maintain supporting documentation for “all” expenses incurred for the purpose of business meals or other entertainment. The supporting documentation should clearly indicate the business purpose of the expense, those in attendance, and include an itemized receipt, not just the total or credit card portion of the receipt.

Q: Can you tell us the required retention period for administrative documents and records?

A: How long to retain accounting documents, transaction support, and other administrative records continues to be one of our most frequently asked questions. There is no one answer to those questions. For some documents, the University recommends shredding the documents upon verification that the data has been input to an on-line system. Documents such as policies or procedures should be retained until superseded. Some documents are required by regulatory statutes to be retained for a certain length of time, while other retention periods may be established by the University using other archival guidelines, with specific retention periods that may range up to 7 years. Records Management is the best resource on campus for record retention schedules and purge information, both of which can be found at: http://rm.syr.edu/retention.html.  Or call them at 443-8388 for any additional questions.

Q: I use a laptop computer to carry out my day-to-day job activities. How can I go about protecting the data that is stored on my laptop?

A: Many SU employees use laptop computers to carry out their day-to-day job activities. If you are one of these employees, don’t forget to periodically back up the data on your laptop to a network server. If your laptop stops working, you could possibly lose any data that had not been backed up. The ITS supported network servers are kept in a physically and logically secure environment, and are also backed up on a regular basis with some of the backups rotated to a secure offsite location. This should provide you with adequate backup protection for your data.

Backups made to removable media such as USB drives and CDs/DVDs should not be used, if possible, because of the potential for these to become lost or to fall into the hands of people that should not have access to the data. This is especially true if your laptop’s data is considered Confidential or Enterprise Data. You can read more about the classification of data in the Syracuse University Information Security Standard on the ITS website at: http://its.syr.edu/security/standards/ITSecurity-standard.pdf.

If the data on your laptop is considered Confidential or Enterprise Data, it should also be encrypted as outlined in the ITS Encryption Security Standard found at: http://its.syr.edu/security/standards/encryption-standard.pdf.

Encryption will help protect the data in the event your laptop is lost, stolen, or is accessed by an unauthorized person. One way to think of your laptop is that it is a temporary work area with the data not permanently saved until it is on the University’s network servers.

If you have any questions about backing up your laptop or the encryption of data, feel free to contact ITS Security at: itsecurity@listserv.syr.edu

Q: Our department has employees that would like to utilize department owned equipment off-premises for purposes related to University business. Are there any measures that need to be taken prior to allowing the use of University equipment off-premises?

A: The University’s administrative policies address the off-premise use of major equipment. Equipment purchased is considered "major" if the value is over $5,000 and has a useful life of more than 2 years. The use of major equipment off-premises requires proper authorization and documentation on an equipment authorization form available in the Office of the Comptroller.

Items that are valued at less than the threshold for capitalization of “major” equipment still may be of great value and importance to the department, and loss of such could interrupt operations and/or result in unplanned expense to replace. These include but are not limited to desk top computers and related equipment, laptops, cameras, video equipment, and tools. Departmental records should be maintained of all easily misappropriated equipment that is not capitalized, and periodic inventory should be taken to account for all items purchased and monitored. AMAS encourages departmental monitoring efforts to include an appropriate sign-out procedure for all departmental equipment that is to be utilized off-premises.

Q: Are there any precautions that should be taken when using wireless internet connections?

A: You need to keep in mind when using ANY wireless connection that this convenience often comes with a caveat. The process of sending and receiving data over an unsecured wireless signal is the equivalent of standing up and making a public announcement that anyone in proximity to you can hear. A few easy steps are all that need to be taken to avoid this “public announcement” scenario:

• Look for additional security software such as Virtual Private Networking or other encryption to secure your data.
• Be wary of fake “hot spots” (wireless access points) that look real; prepay for wireless in advance when traveling, and don’t connect to “ad hoc” or peer-to-peer wireless networks.
• If you aren’t sure whether or not the wireless network has high security, don’t transmit any sensitive material (via email, web, etc); it is better to be safe than sorry.
• If you have wireless internet at home, activate the security features on it to deter hackers and others from using your system for free; the product user guide will explain how.

A service called Air Orange is available free of charge to all SU faculty, staff, students, guests of the university and visitors. See the Information and Technology Services website at: http://its.syr.edu/connecting/wireless/ for more information on the SU wireless network.

Q: Is there a rule on how many days in a row an employee can work without a day off?

A: The New York State Labor Laws mandate that hourly employees receive one day of rest in seven, unless they explicitly waive this right in writing (a waiver form may be found on the HR website). Violating this provision of the labor law can subject an employer to fines, and repeated violations could result in more severe penalties. Therefore, you must be mindful of this law when scheduling hourly staff or when reviewing labor distribution reports that detail possible instances of non-compliance. As part of our continuous monitoring efforts of the Payroll process, AMAS can identify potential instances of violations; however these findings are after the fact. So be proactive and remember: if you are in charge of scheduling or reviewing payroll, be cognizant of the law and strive to ensure all hourly employees are provided one day of rest in seven. For questions/concerns related to New York Labor laws or the payroll process, contact Human Resources at extension 4042.