Professional Documents
Culture Documents
CAAT
CAAT
Auditor:
CASH HANDLING
CASH1
Perform Unscheduled Surprise Cash Counts of all house funds on the property on the first day of the audit.
Compliant
Not
Compliant
Did
Not
Test
Question Policy
Immediate- Current- Count all cash on property immediately.
CASH2
Verify that each bank is supported with a House Bank Contract signed by the associate. The House Bank
Contract should denote the specific bank number and amount issued.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current -Current- Compare Cash Counts to Bank Contracts
CASH3
Verify that actual House Funds total ties to the General Ledger House Funds.
Total Ties
Total
Does Not
Tie
Did Not
Test
Question Policy
Current-Current- Compare total cash count to GL account 1000000
CASH4
Verify that the complete combination to the Main Vault is only known by the General Cashier, or person acting
as such.
Compliant
Not
Compliant
Did
Not
Test
Did
Not
Test
N/A
Question Policy
Current- Current- Survey Staff / Check last month's MPA for answer
CASH5
Yes
CASH5a
Ensure Armored Car log is complete and documented properly and that no pickups have been missed.
Compliant
5/5/2016 1:12:14 PM
No
Not
Compliant
N/A
1 33
Question Policy
Current- 5 Days- View Armored Car Log. Ensure there is a deposit listed for each day with no
gaps. Ensure Armored Car Log is complete with dates, amounts, and all appropriate
signatures for logging deposits and picking up.
CASH5b
Ensure that a complete and correct bank deposit is made every day, Monday through Friday, excluding
holidays.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current- 5 Days- Ensure there is a deposit listed for each day with no gaps. This may be a
manual deposit or through a SmartVantage Safe.
CASH5.5
Yes
CASH5.5a
Are all SafeVantage policies and procedures being followed as per SafeVantage SOPs?
Compliant
Ensure that a separate bank deposit is prepared for each business day.
Compliant Not
Did N/A
Compliant Not
Test
CASH6
No
Did Not
Test
Not Compliant
Question Policy
Prior Month- 5 Days- Deposit slips. Ensure no dates are combined. Only exception is a day
with a negative deposit/due back.
CASH7
Ensure that all deposits are reflected on the Drop/Deposit Log, along with the cashier's initials and those of a
witness, time & date, for each drop and includes the date, time and signature of the person removing the
deposits, as well as a witness.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Prior Month -5 Days-View deposit log backup in Audit Packs. Must be complete with all items
filled out. For SafeVantage properties, a log should be printed of all deposits and grand total,
as well as backup from any Check Deposits from the scanner.
CASH8
Determine when the last deposit was picked up by the armored car service or deposited, and verify that
deposits not yet picked up/not deposited are on hand.
Compliant Non
Did N/A
Compliant Not
Test
Question Policy
Current- Current-View Armored Car Log. Ensure any deposits not yet picked up are fully
prepared and in the safe. Only deposits for business dates since the last pickup should be
on hand. All others should be already picked up. If not on Armored Car, all deposits should
be at the bank except prior day, or Friday/ Saturday/ Sunday if on a Monday.
5/5/2016 1:12:14 PM
2 33
CASH9
Determine that all deposits listed as in transit on prior month bank reconciliation cleared the bank during the
first week of the next month.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Prior Month- All Deposits in Transit-View Bank Rec from prior month and acquire bank
statement from Staff Accountant MTD to ensure all deposits hit.
CASH10
Ensure that over/short variances are addressed and that proper documentation is placed in the personnel file
and signed by the associate.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Prior Month-5 Days-View Over/Short recorded for the prior month in M3. If there any amounts
requiring documentation, ask for copy of documentation.
CASH11
Ensure that deposit over/short variances match the Daily Report/Income Journal.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Prior Month -5 Days-View Over/Short recorded in Income Journal/M3 for the prior month.
Compare to actual over/short in audit pack and PMS.
CASH12
Ensure that Change Orders are handled properly and according to policy.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current -Current-Ask for copies of last 3 change order documents and show that deposits
were made to offset. Deposits should be made prior to, or immediately after change order
was received.
CASH13
Randomly select Petty Cash Batch Reports to review a sample of checks paid to reimburse Petty Cash.
Ensure that each item is approved by Department Head and supported with the appropriate documentation.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Prior Month- 2 Petty Cash Batches-Review Petty Cash Batch documentation. Ensure that
department head approved each item and that there is proper documentation with valid
receipt and petty cash slip for each item. Recommend receipts are marked void to prevent
re-use.
CASH14
5/5/2016 1:12:14 PM
Compliant Not
Did N/A
Compliant Not
Test
3 33
Question Policy
Prior Month -2 Petty Cash Batches-Review Petty Cash Batches to ensure no items over $250.
Watch for split receipts.
CASH15
Verify that petty cash expenses do not include 1) items requiring reimbursement through expense reports, 2)
purchase of gift cards or other employee or vendor incentives, 3) purchases of liquor/beer/wine, without written
approval from the VP of Finance or VP Operations except in cases where local law prohibits such purchase,
4) split receipts to stay below required purchase order or Corporate approvals, 5)credit or debit card
reimbursements.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Prior Month -2 Petty Cash Batches-Review Petty Cash Batches to ensure no unauthorized
items as listed.
CASH16
Verify that checks received are logged by an employee independent from the accounting function by reviewing
all incoming mail and intercepting all checks.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Prior Month -5 Days-Review deposit information in Audit Packs for Check logs. Interview staff
to get procedures.
CASH17
Verify that the GM/Director of Accounting performs unannounced bank counts audits of all house / cashiers
banks assigned to the hotel associates at least once each month.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current -Current Counts-Review most current full-property cash count. Should have excel
version as well as signed printed version. Signatures should be of individual counting and
witness.
CASH18
Does the Property have an ATM that is owned and serviced by the Property?
Yes
CASH18a
Ensure ATM Cassette refills are done accurately, with separation of duties, and are audited regularly.
Compliant
No
Not
Compliant
Did
Not
Test
Question Policy
Current- Current Cassette Fill-View Cassette fill procedures. Do surprise count on several
ATM Cassettes after witnessing process. How is process recorded and reconciled?
Comments:
5/5/2016 1:12:14 PM
4 33
ACCOUNTS RECEIVABLE
AR19
Yes
No
AR19a
Determine that Bad Debt Write Offs are recorded on the approved Write-Off Request form. Verify that
write-offs are supported by proper documentation, and that written approvals have been obtained where
required.
Compliant
Not
Compliant
Question Policy
Prior Month -5 / As Selected-Review GL from prior month and choose 5 amounts in the Bad
Debt GL Code 7073700000. Request all backup on items. Any items over $2500 should have
an approved form signed by VPO, etc.
AR20
All direct-billed guest ledger and house account balances are checked out to city ledger and billed
within 3 business days of check-out or event conclusion, except for those occurring on holidays and
weekends. (Alternative billing terms described in a properly approved contract supersede this
requirement. In no case can any direct bill account go more than one month without being billed).
Compliant
Not
Compliant
Question Policy
Current -5 / As Selected-Choose 5 AR accounts to select invoices. Have Accounting prove
that the folios were checked out within 3 days or as policy/contract dictates.
AR21
Ensure that all direct billing invoices have appropriate support documentation attached and are
properly aged.
Compliant
Not
Compliant
Question Policy
Current -5 / As Selected-Choose 5 accounts to select invoices. Have accounting prove that all
backup is present, including any folios, vouchers, statements, etc. and verify that the aging as
shown on the Aging Report is appropriate and matches the aging on the original invoice/folio.
AR22
Does the Property have any accounts over 30 days past due?
Yes
AR22a
Verify that appropriate collection efforts are being made on any accounts over 30 days past due.
Compliant
No
Not
Compliant
Question Policy
Current- 5 / As Selected-View AR Call Sheets, interview staff.
AR23
Does the Property have any accounts that are over 60 days past due?
5/5/2016 1:12:14 PM
Yes
No
5 33
AR23a
Verify that appropriate collection efforts are being made on accounts over 60 days and documented on
a Call Sheet.
Compliant
Not
Compliant
Compliant
Not
Compliant
Question Policy
Current -5 / As Selected-View AR Call Sheets, interview staff.
AR24
All direct bill clients must have properly approved Direct Bill Credit Applications on file.
Question Policy
Current- 5 / As Selected-Select 5 AR Accounts and request completed, approved DB apps.
Must have GM or DOA signature as approved.
AR25
Ensure all active direct bill client applications are current. For credit applications to be considered
current, they must be updated every 12 months.
Compliant
Not
Compliant
Question Policy
Current -5 / As Selected- Select 5 AR Accounts and request completed, approved DB apps.
Must be current.
AR26
Ensure that active direct bill client credit applications have had bank and hotel references checked by
the Credit Exchange and are properly documented. Reference checks should be updated upon each
renewal unless an exception has been granted.
Compliant
Not
Compliant
Question Policy
Current- 5 / As Selected- Select 5 AR Accounts and request completed, approved DB apps.
Must have references checked by Credit Exchange. Only exception is apps approved prior to
Atrium transition.
AR27
Ensure all active direct bill client applications have an established credit limit approved by the
GM/DOA.
Compliant
Not
Compliant
Question Policy
Current- 5 / As Selected-Review AR Aging - all should have a credit limit in the system. Also,
Select 5 AR Accounts and request completed, approved DB apps - should be written on the
application along with signature for approval.
AR28
Compliant
Not
Compliant
Question Policy
Current -Current-Review Aging Summary. Look for accounts for employees, people's names,
or anything that does not look like a legitimate company name. Gift Certificates should be in
Balance Sheet, not AR.
5/5/2016 1:12:14 PM
6 33
AR29
Ensure ROCI is completed and that each transaction has a copy of the credit posting showing the
credit card that was credited.
Compliant
Not
Compliant
Question Policy
Prior Month -10 / As Selected-View ROCI, request backup on 10 transactions. ASK FOR ROCI
FILE. Should be readily available in a file. They should not have to pull the folios. Must have
folio with credit showing last 4 of cc.
AR30
Ensure each ROCI transaction has a photocopy showing the original charge to the credit card that was
credited.
Compliant
Not
Compliant
Question Policy
Prior Month- 10 / As Selected-View ROCI, request backup on 10 transactions. Should be
readily available in a file. Must have folio with original charge showing last 4 of cc matching
credit cc.
AR31
Ensure that each ROCI transaction was approved by the Director of Accounting or General Manager.
Transactions posted by the Director of Accounting must be approved by the General Manager, by
signature on the final, full ROCI for the month.
Compliant
Not
Compliant
Not
Compliant
Question Policy
Prior Month- Full Log-View final prior month's ROCI for signature of GM.
AR32
Determine that Retrieval Requests/Chargebacks are resolved within the required time frame. Ensure
that all chargebacks have proper supporting documentation including timely submission of the
response.
Compliant
Question Policy
Current File- 5 Chargeback/Retrieval Requests-View Chargeback files. Review 5 to make
sure that documentation is attached with proof of response via fax or email, properly dated
prior to expiration date.
AR33
Compliant
Not
Compliant
Question Policy
Current File- 5 Chargebacks -View Chargeback files. Select 5 and have DOA prove posting in
PMS.
AR34
Verify that the Aging Summary Report is completed by the 5th day of the month for all accounts with
balances aged 60 days or more, to ensure that all recorded receivables have been evaluated and
remain collectible. Verify that the Summary Report agrees with the aged receivables total.
Compliant
Not
Compliant
Question Policy
Current -Current Report-View monthly recap of AR Summary reports received. Verify that it ties
5/5/2016 1:12:14 PM
7 33
to the corresponding dated Aging report. Interview staff to verify that all items are collectible.
AR35
Verify that accounts receivable adjustments and overpayments/refunds are properly applied and are
processed prior to the close of the period the transaction occurred in.
Compliant
Not
Compliant
Question Policy
Prior Month -Full Month- -View Aging Report. No credits should be present. Have DOA explain
any credits/overpayments and prove them out. What are they doing with the balance?
AR36
Compliant
Not
Compliant
Question Policy
3 Month Prior Open Balances- 3 / As Selected - View current Aging Report Detail, as well as
from EOM 3 months prior. Choose a paid balance on 3 accounts. Have DOA prove payment
was posted and applied accurately by showing copy of check and stub.
AR37
Ensure that the amounts on the PMS Ledger Balance report for the last day of the month agree to the
GL Ledger Balance totals for the most recent End of Month. (G/L 2000005, C/L 2000010, A/D
20000010)
All
No
1 Ledger 2
Did
Ledgers Ledgers Balances Ledgers Not
Balance Balance
Balance Test
Question Policy
Prior Month -Last Day of Month- View last EOM trial balance report from PMS. View GL
balances in M3. Compare for accuracy. (G/L 2000005, C/L 2000010, A/D 20000010)
AR38
Ensure that a Credit Meeting is in place, occurring at least once per month, and minutes are retained.
Compliant
Not
Compliant
Compliant
Not
Compliant
Question Policy
Current-Current -Request last credit meeting minutes.
AR39
Determine that the PMS Credit Limit Report is reviewed, initialed, and dated daily by the GM & Director
of Accounting. Ensure that issues are immediately addressed on Method of Payment, on all Guest
Ledgers and Group/Banquet Master Accounts.
Question Policy
Prior Week -5 Days - Review 5 audit packs to ensure the Credit Limit Report is being
reviewed, initialed and retained, ensure follow up occurs.
Comments:
5/5/2016 1:12:14 PM
8 33
ACCOUNTS PAYABLE
AP40
Verify that Manager's Check over $1,000.00 are issued only with VP Finance approval.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Prior Month -One Week -Review 1 week of Managers Checks for dollar value of checks. (If 1
week is less than 5 checks, select a second week also)
AP41
Verify that Managers Checks are written only for valid purchases, and are filled out in their entirety (No blank, "cash",
or auto-fill).
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Prior Month -One Week - Review 1 week of Managers Checks for validity of approved uses
and ensure checks are written in full. Watch for signatures in a different ink/hand writing.
AP42
Ensure that Managers Checks are sent to Atrium Corporate on a daily basis (or as written) with proper
documentation and vendor setup information if applicable.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Prior Month -One Week - Review 1 weeks of Managers Checks - have DOA prove when sent
to Staff Accountant by providing copies of emails.
AP43
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current -Current - Review Vendor list. Ensure there are no employees, people's names, or
companies that do not appear legitimate. Also look for any vendors with duplicate/same
addresses.
AP44
Verify that Expense Reports are properly approved, supported, and include only bona fide business expenses.
5/5/2016 1:12:14 PM
Compliant Not
Did N/A
Compliant Not
Test
9 33
Question Policy
Prior Month -5 Expense Reports- - Review 5 Expense Reports for validity. All receipts
attached, notations made when necessary, no expenses over limits. Meals for more than one
person should include the names of guests in attendance.
AP45
Determine that Accounts Payable Invoices and Managers Checks are correctly and appropriately coded.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Prior Month- 10 Invoices & 5 Mgrs Checks / As Selected- -Review 10 Invoices and 5
Managers Checks for coding reasonableness.
AP46
Verify that Accounts Payable batches are processed and sent to the Corporate Office no less than two times per
week.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Prior Month-One Week-
AP47
Verify that all purchase orders are approved by the General Manager.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Prior Month -One Week Verify routing in BirchStreet. Have DOA prove routing by providing
screenshots or walk through of process.
AP48
Verify that purchase orders are completed prior to the purchase or ordering of any goods or services.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Prior Month-10 Invoices/ As Selected - Choose 10 invoices. Have property provide evidence of
completed, approved PO dated prior to order being placed. Must have been approved by final
approver prior to ordering.
AP49
Ensure that purchase orders are tracked and logged upon issuance and closed upon invoice receipt. PO's should
be appropriately handled when (a) rolled over to the following period or (b) partially cancelled through subsequent
unavailability of product.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Prior Month -Open PO Log-
5/5/2016 1:12:14 PM
10 33
AP50
Ensure that purchase orders are matched to the invoice for quantity and price and when applicable to bills of laden
and packing slips. (10% variance allowed). Any variance should be explained.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Prior Month -10 Invoices / As Selected-
AP51
Ensure that open purchase orders are reviewed at month end to confirm that items are properly accrued for any
goods delivered or services performed for a particular month. Accruals should be supported with a copy of the
purchase order or open PO register from E-Procurement system.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Prior Month-Open PO/Accrual List - Have property provide prior month BirchStreet Open PO
list. Verify that accruals were done in M3 if products were received.
AP52
Verify award/loyalty point purchases and guest satisfaction resolutions charged on franchise statements are
reviewed and approved by the General Manager. Review recent month franchise statements/invoices.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current- Current - Review most recent franchise invoice for loyalty points. Compare to list of
current employees. Interview staff - does GM review/approve this invoice?
Comments:
TAXES
TAX53
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Prior Month -10 Invoices/As Selected- Review 10 invoices that should have Use Tax accrued.
Verify that Use Tax was accrued properly.
TAX54
Verify that any consumed items with no original Sales or Use tax charged have been tracked and Use Tax accrued.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Prior Month -10 Invoices/As Selected - Review EOM Food Cost Credits to ensure Use Tax is
5/5/2016 1:12:14 PM
11 33
TAX55
Verify that Sales Tax Exemption reports are prepared each month.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Prior Month -Full Report - Ensure prior month's Tax Exempt report was completed. Can be
spreadsheet or ProfitSage.
TAX56
Verify that the Exemption reports are properly supported with folios.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Prior Month -Full Report -Review prior month's Tax Exempt report. Choose 5 and ask for
backup. Look for folio.
TAX57
Verify that the reports are properly supported with valid tax exemption certificates or contracts.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Prior Month -Full Report -Review prior month's Tax Exempt report. Choose 5 and ask for
backup. Look for tax exempt certificate copy or contract proving exemption.
TAX58
Verify that Miscellaneous Revenues (Misc, Gift Shop, Bottled Water, Dry Cleaning, etc.) have appropriate Sales
Tax charged on goods and that any Store Rental tax is accounted for.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Prior Month -One Week - Ask property for matrix of their tax rates and audit for accuracy. For 5
days, review postings in PMS for Misc, Gift Shop, etc. Ensure tax is posted or backed out
appropriately on Income Journal. If property has Store Rent, ensure monthly Store Rent has
same process.
Comments:
5/5/2016 1:12:14 PM
12 33
Ensure that the Monthly Program Assertion Form is completed for each End of Month.
Yes
No
Did
Not
Test
Yes
No
Did
Not
Test
Question Policy
Prior Month- Full Report - Review tracking form for receipt of last MPA.
EOM59a
Question Policy
Is the MPA Accurate?
EOM60
Verify that all End of Month documentation and Monthly reporting is completed accurately and received by Corporate Office by
due dates. (5 Being Most Accurate)
Question Policy
Prior Month- All Reporting - Interview Staff Accountant for accuracy and timeliness of EOM
reports as well as timeliness of receipt of AR Summary & MPA with Financial Analyst.
Comments:
REVENUE
REV61
Ensure that all rooms adjustments and allowances are routed for signatures with the Daily Review Cover
Sheet and F&B routed with the F&B Adjustment Daily Sheet.
Compliant
Not
Compliant
Did
Not
Test
N/A
Question Policy
Prior Week- 5 Days - Review 5 Audit Packs. Ensure all adjustments are routed daily for
signatures for rooms and F&B adjustments.
REV62
Determine that all adjustments & allowances are properly supported and are included in the Audit Pack.
Compliant
Not
Compliant
Did
Not
Test
N/A
Question Policy
5/5/2016 1:12:14 PM
13 33
Prior Week- 5 Days - Review 5 Audit Packs. Ensure all adjustments are routed daily for
signatures for rooms and F&B adjustments. Ensure all backup is present.
REV63
Ensure that the PMS Room Rate Variance/Rate Check Report is being reviewed and signed by the General
Manager on a daily basis and retained in the Audit Pack.
Compliant
Not
Compliant
Did
Not
Test
N/A
Question Policy
Prior Week-5 Days - Review 5 Audit Packs. Ensure Room Rate Variance/Rate Check Report
has been routed to and signed by GM.
REV64
Verify that Comp Rooms are properly logged and approved, by either the GM or Director of Sales.
Compliant
Not
Compliant
Did
Not
Test
N/A
Question Policy
Prior Week -5 Days - Review 5 Audit Packs for comp rooms logs. Ensure they were routed
and approved by GM or DOS.
REV65
Verify that all Comp Rooms are properly recorded to the correct Market Segment. Comps provided for Trade
Outs, Promotions, or Group Contracts should be coded to the appropriate Market Segment and not coded
to Comp.
Compliant
Not
Compliant
Did
Not
Test
N/A
Question Policy
Prior Week- 5 Days - With staff - have them look up 5 of the comps listed on the reports.
Review Market Segments for appropriateness based on the nature of the comp.
REV66
Compliant
Not
Compliant
Did
Not
Test
N/A
Question Policy
Prior Month -5 Days - Have Front Desk run NoShow report for 5 days from prior month. Have
them show you 5 reservations to ensure they were charged or legitimate reason for no
charge.
REV67
Yes
No
REV67a
Confirm each trade out is recorded on a Trade Out Agreement form, signed by a vendor representative and
the hotel General Manager, and approved in writing or electronically by VP Hotel Operations prior to the
trade out occurrence. Expiration dates should be noted and monitored. TOAs cannot extend for a period
longer than one year.
Compliant
Not
Compliant
Did Not
Test
Did Not
Test
Question Policy
Current-Current - Review Trade Out file for approved Trade Outs. Interview Staff regarding any
open Trade Outs.
5/5/2016 1:12:14 PM
14 33
REV68
Confirm a separate house or city ledger account was set up for each Trade Out program.
Compliant
Not
Compliant
Did Not
Test
Question Policy
Current- Current - Select 5 Trade Outs. Have staff pull accounts.
REV69
If any coupons, certificates, or vouchers are received by the hotel or issued under a TOA, these are cash
equivalents and must be controlled and tracked (secured, logged) properly. Secured means physically
secured in the main safe and logged means logged on an excel file with pertinent information such as
vendor name, reference to TOA, value, date issued, date redeemed, and who redeemed (if an associate
redeems a vendor coupon, payroll representative should be notified for tax purposes).
Compliant Not
Did N/A Compliant Not None
Test Received
Question Policy
Current -Current- Interview staff. Were any certificates, etc. received? If so, Where are
certificates?
REV70
Verify that the Daily Revenue Report/Income Journal is entered no later than 10am local time the following
day, or 5pm Monday for the previous Friday, Saturday, and Sunday.
Compliant
Not
Compliant
Did
Not
Test
N/A
Not
Compliant
Did
Not
Test
N/A
Question Policy
Prior Week- 5 Days - Select 5 days. Verify timestamp of upload/ posting in M3.
REV71
Verify that Franchise "free night" reporting and reimbursement procedure is correct for standard
reimbursement and for high occupancy. Verify that the reimbursement check was posted properly and
coded to Discount Transient revenue.
Compliant
Question Policy
Current- Current -Review Franchise Free Night A/R Account. Interview staff on procedure.
Nothing should be over 60 days.
REV72
Review Gift Certificate Logs to ensure policies are followed regarding issuance, redemption, and local
escheat laws.
Compliant
Not
Compliant
Did
Not
Test
N/A
Question Policy
Current -Current - Research local escheat laws. Review Gift Certificate Log for compliance.
Ensure Gift Certificates are not posted in AR. Should be on Balance Sheet.
Comments:
5/5/2016 1:12:14 PM
15 33
Ensure that every banquet event has a Catering Contract or BEO Contract (for function only or pop-up) on standard
form documenting the agreement and payment terms and incorporating contractual language fully describing the
rights and responsibilities of the Customer and the Hotel signed by both Hotel Management and the guest.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current- 10 Days -Review 10 days of Banquet Events. Select 5 to view Catering Contract or
BEO Contract. Must be signed.
S-C74
Ensure that every banquet event has a Banquet Event Order signed by the customer and hotel.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current-Prior 10 Days- Review 10 days of Banquet Events. Select 5 to view BEO signed by
customer and hotel.
S-C75
Ensure that every banquet event has a Banquet Check documenting the actual F&B consumption that is
completed by a hotel associate and signed by the customer. Verify that the Banquet checks reconcile to the
Banquet Daily Recap.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current- Prior 10 Days - Review 10 days of Banquet Events. Select 5 to view Banquet Checks
documenting actual consumption. View Daily Banquet Recaps for those days and ensure
banquet checks reconcile.
S-C76
Any non-direct billed banquet or meeting functions must have a valid method of payment before the function
begins, prior to issuance of any room keys.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current -Prior 10 Days -Select 5 prior banquet functions. Have staff prove that payment was
received prior to event start. If cc- must have been approved.
S-C77
Yes
S-C77a
For properties with over 1000sq.ft. of meeting space, ensure that a documented BEO Meeting is occurring no
less than 3 times per week.
Compliant
5/5/2016 1:12:14 PM
No
Not
Compliant
Did
Not
Test
16 33
Question Policy
Current -Most Recent - Request most current 3 BEO meeting minutes or view schedule for
upcoming week's meetings.
S-C78
Ensure that every group for the next 10 days has a Group Resume on file that has been distributed.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current- 10 Days - View groups for next 10 days - request Group Resumes for 5
S-C79
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Prior Month- Full Month- Interview Staff. Review GL account for Attrition 24350000.
S-C80
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current- Current - Review 10 bookings, look at contract. Sit with DOS and have them prove
out and verify netted revenue in sales system. Netted revenue should be at attrition point or
80% of revenue except for Government (50%) and Courtesy Blocks (10%). For Catering
should be at F&B minimum.
S-C81
Yes
S-C81a
Compliant
No
Not
Compliant
Did
Not
Test
Question Policy
Current -Current - On the Admin Screen, look up costs and see when they were updated last.
Should be within 12 months.
S-C82
Ensure that only current employees have access to Franchise and Third Party Vendor Systems.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current- Current - Request list of users with current access for Franchise system and any
Third Party Vendor Systems.
5/5/2016 1:12:14 PM
17 33
Comments:
PAYROLL
PAY83
Verify that Department Heads are signing off on their department on a Departmental Payroll Summary Report or
electronically to ensure all departmental payroll is accurate.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current- 2 Payperiods - View 2 Payroll Summary Reports or equivalent for signatures by
Department Heads. Managers should be signing off on all of their department's time and
punches. This may be done on paper or electronically.
PAY84
Ensure that proper documentation of the non-productive time taken is retained i.e. Vacation Request Form, ADP
request, etc. and approved by the GM.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current- 2 Payperiods -For 2 Payrolls, ensure there are approved requests for all Non
Productive Time.
PAY85
Determine that associates are required to sign a Punch Detail or Timecard Report to acknowledge the accuracy
of time reports and records.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current-2 Payperiods - Review 2 payrolls. Ensure employees are signing the Punch Detail
Report of their time punches or time card equivalent. This may also be done electronically.
PAY86
Determine that an Earnings Code Report or equivalent is run for each payroll to review the validity of all earnings
codes entered and that all transactions are properly supported and approved.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current-2 Payperiods- Review 2 payrolls. Ensure Earnings Code Report or equivalent is run
and reviewed. Should be completed with Payroll Validation sheet.
5/5/2016 1:12:14 PM
18 33
PAY87
Determine that total Gross Sales, Charge Sales, and Tip Reporting amounts reported in payroll are validated
against the POS reports for accuracy and that all sales and charge tips are reported for all associates and
managers.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current- 2 Payperiods - Review 2 payrolls. Ensure Sales & Tips are reconciled to Micros
reports. Should be completed with Payroll Validation sheet.
PAY88
Is the Payroll Validation spreadsheet completed and properly approved for each payroll.
Yes
No
Did Not
Test
Question Policy
Current -2 Payperiods -Request Payroll Validation spreadsheets from 2 payrolls. Must be
signed and completed.
PAY88a
Yes
No
Did Not
Test
Question Policy
Are the Validation sheets accurate?
PAY89
Determine that employees are signing a Check Distribution Report, confirming their receipt of payroll checks at
the time of issuance. Any checks/stubs not signed for should be sent out after 30 days via certified/return
receipt/ restricted delivery.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current-2 Payperiods- Review 2 payrolls. Ensure Employees are signing for their checks. Any
not signed for should be sent out certified/return receipt/restricted and backup retained.
PAY90
Ensure that only approved Incentive programs are in place. Approved incentive programs must have a completed
and authorized Incentive Exception Form on file.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current- Current - Review 2 payrolls for any incentives paid. Request backup on calculation of
incentive. Ensure incentives are approved by GM. For any abnormal incentives, request
completed and approved Incentive Exception forms
PAY91
Verify that payroll checks/direct deposit stubs are distributed by the GM at least once every six months, to ensure
that the hotel does not have any "ghost" employees. The GM must sign and date the Check Sign Off Report for
that pay cycle. All associates must present identification and sign for their own check; the only allowable
exception is terminations that occurred within the period and are documented and noted on the check sign off
report. If the terminated associate received their net payroll via direct deposit, no further action required; if the
terminated associate received their net payroll via check, the check must be mailed by certified/return
receipt/restricted delivery. Any direct deposit stubs must also be sent certified/return receipt/restricted delivery.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current-Most Recent - Request the last "ghost" audit done. All checks must have evidence
5/5/2016 1:12:14 PM
19 33
they were distributed by the GM only- must be signed and dated by GM. Any checks or stubs
not distributed must be sent certified/return receipt/restricted, and backup retained. Must be
within 6 months.
PAY91a
Comments:
HUMAN RESOURCES
HR92
Determine that each associate has a personnel file and all files are in a secure and locked area at the property.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current-10 / As Selected- Review lists of employees, choose 10 employees and request
files. Due to items below, select at least 2 drivers, 2 bartenders, 2 servers.
HR93
Verify that the location is using the scheduling function in the timekeeping system on a regular basis.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current- Current - Have staff show the scheduling function and useage.
HR94
Verify that associates have completed all required federal and state tax forms upon hire or re-hire.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current -10 / As Selected- Select 10 employees. Ensure all tax forms are completely filled out
and dated prior to hire.
HR95
Determine that new hires and re-hires (if re-hired more than 30 days after their previous termination date) have a
properly completed I-9 form at the time of hire.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current- 10 / As Selected - Select 10 employees. Ensure i9 form is completely filled out,
5/5/2016 1:12:14 PM
20 33
HR96
Verify that hotel verifies employment eligibility through the eVerify system within three days of the associates hire
date.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current -10 / As Selected - Select 10 employees. Have staff prove through Aurico that
employee was run through everify within 3 days of hire.
HR97
Ensure that Associate Handbook Acknowledgement form is signed and filed in each associate's personnel file
upon their hire or re-hire date (if re-hired more than 30 days after their previous termination date).
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current- 10 / As Selected- Review lists of employees, choose 10 employees and request
proof of signed acknowledgement.
HR98
Verify that the property is obtaining credit and criminal background checks on all persons defined within the
Background Check Policy.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current -10 / As Selected- Review lists of employees, choose 10 employees and request
background check proof.
HR99
Verify that the property is obtaining drug screening on all persons defined within the Background Check Policy.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current- 10 / As Selected -Review lists of employees, choose 10 employees and request
Drug Screening proof.
HR100
Ensure the Key Control and Privacy Policy is signed by each associate.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current-10 / As Selected - Review lists of employees, choose 10 employees and check for
Key Control & Privacy Policy form.
HR101
Verify that all required associates have properly completed CARE/TIPS training or equivalent within 30 days of
hire.
5/5/2016 1:12:14 PM
Compliant Not
Did N/A
Compliant Not
Test
21 33
Question Policy
Current -10 / As Selected - Review lists of employees, choose 10 employees and check for
Care/Tips training documentation on any serving alcohol.
HR102
Verify that all required associates have signed the DRAM shop policy statement for alcohol serving.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current -10 / As Selected - Review lists of employees, choose 10 employees and check for
DRAM shop policy signed by any employees serving alcohol.
HR103
Ensure management is entering terminations into payroll no later than the business day following the separation.
Review termination forms to confirm that they were properly completed and placed in the associate's personnel
file. Completion includes an explanation of the termination and any appropriate documentation supporting the
termination.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current- 10 / As Selected -Choose 5 terminated employees. Have staff prove employee
termination was entered into ADP on the business day following separation.
HR104
Verify that the HR Director has reviewed the Unpaid Associate/Inactivity Report and has taken the necessary
actions to resolve any discrepancies on the report on a bi-weekly basis. Note: All reports retained must be signed
and dated, and noted with any actions taken.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current- 2 Payperiods - Review 2 payrolls. Check for verification of Unpaid
Associates/Inactivity Report review. Must be signed. Should be run as part of the Payroll
Validation sheet.
HR105
Confirm that DMV Checks are conducted at the time of hire, and subsequently as per the SOP. All drivers must be
properly approved.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current -10 / As Selected- Review lists of employees, choose 10 employees and check for
DMV Checks on any that drive company vehicles.
HR106
Ensure that all employee gratuity and gifts not considered as De Minimis are appropriately reported and taxed.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Prior Month- As selected - In course of audit, check in Petty Cash/Managers Checks, etc. for
any employee gifts/gratuity. If any appears, ensure that it has been reported to payroll.
Interview Staff.
5/5/2016 1:12:14 PM
22 33
Comments:
FRONT DESK
FD107
Ensure that a method of payment is established prior to issuing a room key to the guest.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current- 5 / As Selected - Choose 5 In-House Guests. Have staff prove valid MOP was
received via screenshot, etc. prior to giving guest a key.
FD108
Verify that no personal or business checks are being accepted by the hotel at the front desk.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current- 5 Days - In course of audit, check deposits for any checks received. Look in front
desk drawers during bank counts also.
FD109
Ensure that cash or travelers check payments are accepted only at check-out. Any Franchise requirements will
supersede this requirement.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current- 5 Days-In course of audit, check deposits for any checks received. View In-House
guests for MOP.
FD110
Verify that all Paid Outs are supported with guest signature.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Prior Week -5 Days - In 5 Audit Packs, ensure that all Paid Outs have Guest Signature.
FD111
Verify that Due Backs are properly handled and reimbursed by the individual acting as the General Cashier.
5/5/2016 1:12:14 PM
Compliant Not
Did N/A
Compliant Not
Test
23 33
Question Policy
Prior Week-5 Days - In 5 Audit Packs, view deposits for any Due Backs. Interview staff for
procedure.
FD112
Verify that the Daily Housekeeping Balancing Report is completed properly and that all variances are identified
and properly explained on the report.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Prior Week- 5 Days -In 5 Audit Packs, ensure Housekeeping Report is present, verified and
balanced.
FD113
Verify that the Daily Housekeeping Balancing Report is properly supported to include at least copies of the daily
assignment sheets, a full room status detail report printed upon the completion of night audit end of day, and a
PM full room status detail report printed at the end of the housekeeping day.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Prior Week -5 Days - In 5 Audit Packs, ensure Housekeeping Report has backup attached.
FD114
Determine that each guest used Safe Deposit Box has a record cards completed with the applicable information
on the guest, room number and a closed out signature.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current- Current -View Safety Deposit Box files. Ensure cards are correct with original
signature, matching signature to retrieve items, and matching surrender signature and date.
FD115
Verify that all keys are properly logged when issued and returned and that a documented witness is included on
the log.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current- 5 Days - View Front Desk Key Log. Must have time in/out & witness in/out for all
transactions.
Comments:
5/5/2016 1:12:14 PM
24 33
Ensure that Food inventory is conducted by Executive Chef or Outlet Manager and an independent individual and
Beverage inventory is conducted by Outlet Manager and an independent individual.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Prior Month -Most Recent -View inventories for evidence of individuals that performed them.
Interview staff.
FB117
Ensure food inventory prices updated each period with current distributor prices.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Prior Month- Most Recent -Review inventories. Request several food invoices from week prior
to the inventory by checking M3. Compare pricing on items invoice vs inventory.
FB118
Ensure beverage inventory prices updated each period with current distributor prices.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Prior Month -Most Recent - Review inventories. Request several liquor invoices from week
prior to the inventory by checking M3. Compare pricing on items invoice vs inventory.
FB119
If the property has a gift/sundry shop, ensure inventory prices updated each period with current distributor prices.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Prior Month -Most Recent- Review inventories. Request several sundry invoices from week
prior to the inventory by checking M3. Compare pricing on items invoice vs inventory.
FB120
Yes
No
Did
Not
Test
N/A
Not
Compliant
Did
Not
Test
Question Policy
If no PI exists, still compare invoices to current inventory and notate results.
FB120a
Compliant
Question Policy
Current-Current -View current Perpetual Inventory. Spot check to compare PI to actual
inventory. Request several liquor invoices from the last few days. Verify orders received to
5/5/2016 1:12:14 PM
25 33
FB120b
Compliant
Not Compliant
Question Policy
Current- Current- If no PI exists, compare recent invoices to current inventory.
FB121
Ensure the Lounge using an empty bottle for full bottle exchange program.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current- Current- Interview staff, observe.
FB122
Verify bottles properly stamped/stickered uniquely, or as required by local law, upon receipt into inventory.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current-Current - Examine bottles in the bar and liquor store room for stickers.
FB123
Does the Property have food & beverage for comp services (i.e. Embassy Suites), where F&B is coded directly to
comp food, superseding the inventory process?
Yes
FB123a
For properties with food & beverage for comp services (i.e. Embassy Suites), where F&B is coded directly to
comp food, superseding the inventory process: Spot check of current received items is accurate.
Compliant
No
Not
Compliant
Did
Not
Test
Question Policy
Current-Current - Request invoices for comp food & liquor from 2 days prior to Audit. Spot
check for items on hand for high dollar food items, and for wine & liquor on hand.
FB124
Verify kitchen is using Key Entre Control Form for high cost food items maintained by the Chef. Verify that the
form is completed and signed daily by the Exec Chef and/or F&B Director and is validated to sold product
recorded in the POS.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current -Current - Request Key Entre Control forms from the last few days. Request Micros
reports for per item sales for same days. Check high dollar items (steaks, etc.). Compare to
see if item quantities on hand are reasonable to sales.
FB125
Ensure Beer, Wine & Alcohol control is in place according to SOP. Jiggers or Posi Pours should be used for all
Liquor and Beer and Wine pours should be consistent with the SOP.
5/5/2016 1:12:14 PM
Compliant Not
Did N/A
Compliant Not
Test
26 33
Question Policy
Current- Current - View bartenders at work for jigger and/or posi pour use.
FB126
Ensure the DRAM Shop policy statement is posted within the associate area of all bars including comp and
concierge floor bars.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current- Current - View bar areas for DRAM policy postings.
FB127
Ensure that F&B Coupons received by the hotel are voided when redeemed and that no coupons are issued at
the POS.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current-Current - From Audit Packs, view used coupons to ensure they are marked as void.
View procedures while in restaurant and bar.
FB128
Ensure all Food items are labled, dated, and properly stored, consistent with the SOP.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current-Current -Walk refrigerator/freezer and observe lables.
FB129
Verify that the Restaurant & Lounge use a POS to generate all transactions. Confirm that each customer is given
a receipt for every POS transaction.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current- Current -View procedures, review several restaurant checks from 5 days in Audit
Packs to ensure that no "master" checks are being used.
FB130
Verify that only management staff/MOD can void transactions and that all F&B voids are approved by the F&B
Manager.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current -Current - Interview staff, observe.
FB131
Verify that end of month food and beverage credits are calculated in accordance to policies and properly
supported.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Prior Month -EOM Reports - View EOM F&B Inventory sheets for credits. Ask staff for backup
5/5/2016 1:12:14 PM
27 33
on all credits.
FB132
Verify that banquet bars are properly requisitioned and consumption calculated and verified to collected/posted
revenue.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Prior Month- 2 Banquet Bars - Select 2 Banquet Bars. View requisition requests and
consumption reports for reasonableness.
Comments:
Ensure that unexpired Certificates of Insurance (COIs) are present for any vendors providing services to the
location. COIs should be filed alphabetically in a binder.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current -Current - View COI Binder. Certificates should be current and list hotel as Additional
Insured.
F-S134
Determine that claims by guests or any other individual on the premises are recorded on the proper accident
report, and are communicated to Gallagher Bassett at the time of occurrence (when required).
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current- Current- View Claims File for accident reports. Verify any that needed to be sent to
insurance were.
F-S135
Review the fire equipment inspection file to determine that fire inspections are conducted and documented at
least as frequently as required by the local Fire Code and applicable statutes.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current -Current - Review file. Research local fire inspection laws. Ensure that local fire
inspections have been completed.
5/5/2016 1:12:14 PM
28 33
F-S136
Verify that the maintenance of fire apparatus is performed at proper intervals i.e. all Smoke Detectors are
documented as physically checked at least once a quarter. Ensure that the fire exit signs are well maintained
and clearly visible.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current- Current -View Smoke Detector check logs. On property walk, check exit signs.
F-S137
Ensure that the property's Emergency Manual is up to date with current General Manager name and phone
number.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current -Current - View Emergency Manual for updated information.
F-S138
Verify that the Atrium Safety Training Program (Safety Source) has been completed for all required associates.
Testing certificates should be on file in the appropriate Department as well as in HR.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current -Current - Request certificate files from HR and department heads. All employees
should have a certificate on file.
F-S139
Determine that the property has a documented fire evacuation plan specific to the property's unique environment
and staffing levels.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current -Current -View Emergency Manual/Evacuation Plan and verify it is not generic and
has specific property information.
F-S140
Ensure that fire drills are conducted and documented on a quarterly basis. Fire Drill documentation should
include the completed Fire Drill Critique Form.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current- 2 Fire Drills- View evidence of the last 2 fire drills. Should be quarterly and recorded
on the Fire Drill Critique Form.
F-S141
Determine that the hotel staff is aware of OSHA regulations, and that all required OSHA postings are current and
visible to employees. Is OSHA Log Present?
Yes
No
Did Not
Test
Question Policy
Current-Current - Ensure OSHA log is being kept and is posted if between Feb 1 and April 30.
5/5/2016 1:12:14 PM
29 33
F-S141a
If the date is between Feb 1 - April 30, OSHA log should be posted.
OSHA
Log is
Posted
OSHA
N/A- Date
log is not is not
posted
between
Feb 1 April 30
Question Policy
Current -Current -Ensure OSHA log is being kept and is posted if between Feb 1 and April 30.
F-S142
Verify that SDS (Safety Data Sheets) are current and maintained in the appropriate areas with chemicals
present.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current- Current -During property walk, ensure SDS books are present in any areas with
chemicals.
F-S143
Ensure that all vehicle registrations and insurance documents are current.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current- Current - Ask staff for current vehicle registration and insurance.
F-S144
Verify that Shuttle Usage Logs and Daily Inspection Logs are being completed on a regular basis.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current -Current -View shuttle usage logs for reasonableness. Should be used daily. View
Daily Inspection Logs.
F-S145
Determine that the leased vehicle Fuel Card is secured and controlled to ensure that it is not used
inappropriately (e.g., for personal expenses). Verify that fuel purchases are made by authorized fuel card users.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current -Current -Interview staff on procedures for vehicle fuel cards. View most recent
invoices for reasonableness. Are receipts retained ? Are there missing receipts?
F-S146
Verify that an inventory of all keys, electronic and hard, has been established. Verify that a physical inventory of
all keys is performed and documented at least once per year.
Compliant Not
Did N/A
Compliant Not
Test
Question Policy
Current-Current - View key inventory. Interview staff on procedures.
5/5/2016 1:12:14 PM
30 33
Comments:
PCI COMPLIANCE
PCI147
Confirm the property uses an approved Vendor for record retention and storage. Review the property
document storage logs for the past year to ensure documents are sent to storage, logged effectively to
facilitate ease of future retrieval, stored according to Atrium Record Retention Policy & purged at appropriate
dates.
Compliant
Not
Did
Compliant Not
Test
N/A
Question Policy
Last 12 months- Last 12 Months -Interview Staff. View log. Should have copies of transmittals
for boxes sent to storage.
PCI148
Confirm the property employs due care with regard to the storage, transmission & processing of credit card
transactions. Inquire with the GM and department heads to determine if there have been any breaches in
cardholder information and data. Confirm that all breaches or notifications of inquiries regarding possible
breaches are immediately communicated to the Atrium Corporate office.
Compliant
Not
Did
Compliant Not
Test
N/A
Question Policy
Current -Current - Interview Staff. While auditing, observe processes.
PCI149
Verify that any credit cards physically left at the property are secured and handled as per Atrium policy.
Compliant Not
Did N/A - No
Compliant Not Physical
Test Cards on
Property
Question Policy
Current -Current - Interview Staff. Are any credit cards present in safe?
PCI150
Verify that credit card authorization forms are secured from access by anyone without a need for credit card
information or non-associates. Best practice is for only accounting to control the access and security of
these forms.
Compliant
Not
Did
Compliant Not
Test
N/A
Compliant
Not
Did
Compliant Not
Test
N/A
Question Policy
Current- Current - Property Walk - view area for storage. Is it locked?
PCI151
Verify that the first 12 digits of the credit card number on credit card authorization forms are rendered
unreadable. Unreadable means that the credit card number can not be legible in any way. Note: First 6 and
last 4 visible is acceptable.
Question Policy
Current- Current -In storage area, select 10 random cc auth forms. Are card numbers
truncated?
5/5/2016 1:12:14 PM
31 33
PCI152
Verify that the first 12 digits of the credit card number on credit card retrieval request and chargeback notices
are rendered unreadable. Note: First 6 and last 4 visible is acceptable.
Compliant
Not
Did
Compliant Not
Test
N/A
Question Policy
Current -Current - View Chargeback file. Ensure no full credit card numbers are visible
anywhere in file.
PCI153
Verify that credit card data is not stored within systems that deemed Non PCI Compliant i.e. Sales Pro,
desktop computers, etc.
Compliant
Not
Did
Compliant Not
Test
N/A
Compliant
Not
Did
Compliant Not
Test
N/A
Not
Did
Compliant Not
Test
N/A
Not
Did
Compliant Not
Test
N/A
Not
Did
Compliant Not
Test
N/A
Question Policy
Current- Current - Interview Staff.
PCI154
Verify that copies of credit cards are not solicited and are destroyed when received unsolicited unless an
exception is approved in writing from the VP of Finance. When an exception is approved the cardholder
information must be secured and rendered unreadable as previously defined. This includes those properties
in which taxing authorities have explicitly stated the requirement of credit card copies.
Question Policy
Current- Current -Observe during audit. Interview Staff. View tax exempt files.
PCI155
Ensure that the credit card CVV number is not copied, retained, or solicited in any media format i.e.
electronic or paper.
Compliant
Question Policy
Current -Current -Observe during audit. Interview Staff. View tax exempt files.
PCI156
Ensure that no personal guest identity identification is retained or copied such as driver's license, employee
badge cards, passports, etc. except in the case of approved tax exempt documentation in states that deem it
necessary to prove tax exempt status.
Compliant
Question Policy
Current-Current -Observe during audit. Interview Staff. View tax exempt files.
PCI157
Ensure that no generic user logins are in use or established within any system in which credit card
transactions occur or credit card data resides.
Compliant
Question Policy
Current -Current -Get user list from PMS, Micros and credit card gateway to verify no generic
logins.
5/5/2016 1:12:14 PM
32 33
PCI158
Ensure that only current employees have system access codes and that the access code are based on
employee job requirements. This includes the PMS, POS, Key Card, M3, ADP, and any other critical system.
Compliant
Not
Did
Compliant Not
Test
N/A
Question Policy
Current -Current - Get user list from PMS, Micros, credit card gateway, Key Card machine and
compare to current employee list.
Comments:
ADDITIONAL OBSERVATIONS
AO159
AO160
Additional Observation:
AO160a
AO161
Additional Observation:
AP161a
AO162
Additional Observation:
AO162a
AO163
Yes
No
Yes
No
Yes
No
Yes
No
Comments:
5/5/2016 1:12:14 PM
33 33