Internal Audit Reports

The Central Florida Expressway Authority internal auditor periodically reviews different aspects of the agency’s day-to-day operations and makes recommendations to the Audit Committee and the CFX Governing Board.

See audit reports approved by the Audit Committee below.

Fiscal Year 2021 Audit Reports

Date Document Title File Format
Apr 2021 Toll Revenue Audit PDF
Apr 2021 Crisis Management Business Continuity PDF
Apr 2021 Prior Audit Recommendations Follow-Up PDF
Jan 2021 FY21 DHSMV Data Security Audit Report PDF
Jan 2021 FY21 DAVID Data Security Audit Report PDF
Jan 2021 PCI Assessment with Report on Compliance PDF
Jan 2021 Ethics Policy Compliance Review PDF
Oct 2020 Fiscal 2020 Public Records Review Report PDF
Oct 2020 Prior Audit Recommendations Semi Annual Follow Up PDF
Oct 2020 Procurement and Contract Billing Audit Report PDF

Fiscal Year 2020 Audit Reports

Date Document Title File Format
May 2020 RPA and Automation Review PDF
May 2020 COSO ERM Governance Review PDF
May 2020 Retail Transponder Sales Review PDF
Mar 2020 P-Card and Gas Card Audit PDF
Mar 2020 Marketing and Social Media Audit PDF
Feb 2020 PCI Assessment with Report on Compliance PDF
Feb 2020 Source Code Review – Summary PDF
Jan 2020 Prior Audit Recommendations Semi-Annual Follow-Up PDF
Jan 2020 Procurement and Contract Billing Audit Report PDF
Jan 2020 DHSMV Data Security Assessment PDF
Jan 2020 DAVID Data Security Assessment PDF
Jun 2019 IT Project Management Review PDF
Jun 2019 LENS Access Control Review PDF
Oct 2019 Prior Audit Recommendations – Semi-Annual Follow-Up PDF

Fiscal Year 2019 Audit Reports

Date Document Title File Format
Apr 2019 Customer Contact Center Performance Assessment PDF
Apr 2019 Prior Audit Recommendations Follow-Up PDF
Apr 2019 DAVID Data Security Assessment PDF
Apr 2019 Cybersecurity Incident Response Review PDF
Jan 2018 PCI Assessment- January 2019 PDF
Jan 2018 DHSMV Data Security Assessment- November 2018 PDF
Jan 2018 Procurement and Contract Billing Audits- January 2019 PDF
Oct 2018 Prior Audit Recommendations Follow-Up- September 2018 PDF
Oct 2018 Penetration Test Report Summary 2018 PDF
Oct 2018 Physical Security Assessment Report Summary 2018 PDF
Oct 2018 Internal Audit Plan PDF

Fiscal Year 2018 Audit Reports

Information Security Risk Assessment Phase IIExempt

Date Document Title File Format
Jun 2018 Ethics Policy Compliance Audit PDF
Jun 2018 Tolling System Replacement Review Phase III Vulnerability Scanning PDF
Jun 2018 IT General Controls Review PDF
Jun 2018 Pay By Plate Audit (Toll Violations & Wekiva Parkway Cashless Toll Revenue) PDF
Feb 2018 Prior Audit Recommendations Follow-Up January 2018 PDF
Feb 2018 Procurement and Contract Billing Audits January 2018 PDF
Feb 2018 Safety and Maintenance Policies and Procedures Compliance Audit PDF
Feb 2018 TRAILS Program Review February 2018 PDF
Feb 2018 DHSMV Data Security Assessment December 2017 PDF
Feb 2018 PCI Assessment with Report on Compliance December 2017 PDF
Sep 2017 Prior Audit Recommendations Follow-Up- August 2017 PDF
Sep 2017 Information Security Risk Assessment Phase II EXEMPT

Fiscal Year 2017 Audit Reports

Date Document Title File Format
Aug 2016 Prior Audit Recommendations Follow-Up- August 2016 PDF
Nov 2016 Public Records Review PDF
Nov 2016 DHSMV Data Security Assessment PDF
Jan 2017 Prior Audit Recommendations: Semi-Annual Follow-Up- January 2017 PDF
Jan 2017 Procurement and Contract Billing Audit PDF
Jan 2017 Call Center Staffing Model Development PDF
Jan 2017 Vendor Security Review PDF
Aug 2016 Purchasing Spend Data Audit PDF
Apr 2017 Accounting System Access and SOD Review PDF
Apr 2017 Human Resources Process Review PDF
Apr 2017 Business Continuity Management Review – 2017 PDF
Apr 2017 Information Security Risk Assessment Phase I PDF
Apr 2017 Change Management – Tolling System Replacement Audit PDF
Apr 2017 Customer Service Center Performance Assessment PDF
Apr 2017 Discount-Rebate Program Audit PDF
Apr 2017 Internal Audit Plan PDF

Fiscal Year 2017 Audit Reports

Date Document Title File Format
Jan 2016 Prior Audit Recommendations Follow-Up – January 2016 PDF
Jan 2016 ROW Counsel Procurement and Invoice Audit PDF
Jan 2016 2016 Contracts Audit PDF
Sep 2015 Prior Audit Recommendations Follow-Up – September 2015 PDF
Jan 2016 Bond Financing Review PDF
Jan 2016 DHSMV Data Security Assessment PDF
Sep 2015 Payment Card Industry (PCI) Assessment PDF
Sep 2015 2013 COSO Framework Governance Review PDF
Sep 2015 ITS Systems Security Review Exempt
Sep 2015 PCI 3.0 Gap Assessment Exempt

Fiscal Year 2015 Audit Reports

Date Document Title File Format
Sep 2014 Prior Audit Recommendations Follow-Up PDF
Sep 2014 Sensitive Data Audit Report Exempt
May 2015 Back Office Customer Call Center Review PDF
Sep 2014 Business Impact Analysis Report Exempt
May 2015 Prior Audit Recommendations Follow-Up PDF
Sep 2014 PCI Report on Compliance Exempt
Mar 2015 DHSMV Data Security Assessment Exempt
Mar 2015 Prior Audit Recommendations Follow-Up PDF
May 2015 Ethics Policy Compliance Review- June 2015 PDF

Fiscal Year 2014 Audit Reports

Document Title File Format
Contracts Audit PDF
2014 OOCEA Maintenance and Safety Compliance Audit Report PDF
Prior Audit Recommendations Follow-up – January 2014 PDF

Reports & Policies

< Go Back

Statistical Reports
Traffic & Earnings Reports
Internal Audit Reports
Inspection Reports
Statistical Reports
Traffic Data & Statistics
Finance Policies
Agency Policies

Central Florida Expressway Authority

CFX Headquarters
4974 ORL Tower Road
Orlando, FL 32807

Phone: (407) 690-5000
Fax: (407) 690-5011
Email: info@CFXway.com

Public Records Requests

Records Management Department
Phone: (407) 690-5000
Email: PublicRecords@CFXway.com*

*Under Florida law, e-mail addresses are public records. If you do not want your e-mail address released in response to a public records request, do not send electronic mail to this entity. Instead, contact this office by phone or in writing.

Back to Top of Page