Management Report:
Areas for Improvement in the Bureau of the Fiscal Service's Information Systems Controls
GAO-16-655R: Published: Jul 28, 2016. Publicly Released: Jul 28, 2016.
Additional Materials:
- Full Report:
- Accessible Version:
Contact:
(202) 512-3406
simpsondb@gao.gov
Office of Public Affairs
(202) 512-4800
youngc1@gao.gov
What GAO Found
During GAO's audit of the Schedules of Federal Debt Managed by the Department of the Treasury’s Bureau of the Fiscal Service (Fiscal Service) for the fiscal years ended September 30, 2015, and 2014, GAO identified control deficiencies relating to information systems controls relevant to the Schedule of Federal Debt that it does not consider individually or collectively to be material weaknesses or significant deficiencies. GAO identified eight new deficiencies in information systems controls over key Fiscal Service financial systems relevant to the Schedule of Federal Debt. These control deficiencies related to security management, access controls, configuration management, and segregation of duties. In a separately issued Limited Official Use Only report, GAO communicated to Fiscal Service management detailed information regarding the eight new information systems general control deficiencies and made eight recommendations to address these control deficiencies.
In addition, during GAO’s follow-up on the status of Fiscal Service’s corrective actions to address information systems control-related deficiencies and associated recommendations contained in GAO’s prior years’ reports that were open as of September 30, 2014, GAO determined that corrective actions were complete for 12 of the 14 open recommendations and that corrective actions were in progress for the 2 remaining open recommendations related to security management and access controls. In the Limited Official Use Only report, GAO communicated detailed information regarding actions taken by Fiscal Service to address the control deficiencies related to the open recommendations.
These new and continuing control deficiencies (1) limit management’s ability to determine whether controls are adequate to address security risks and meet the security requirements of information systems and (2) increase the risk of inadequate or missing controls over information systems; unauthorized access to, modification of, or disclosure of sensitive data and programs; unauthorized changes to critical system resources; and disruption of critical operations, and therefore warrant the attention and action of management. The potential effect of these new and continuing control deficiencies on the Schedule of Federal Debt financial reporting for fiscal year 2015 was mitigated primarily by Fiscal Service’s compensating management and reconciliation controls designed to detect potential misstatements on the Schedule on Federal Debt.
Why GAO Did This Study
GAO is required to audit the consolidated financial statements of the U.S. government. Because of the significance of the federal debt held by the public to the government-wide financial statements, GAO audits Fiscal Service’s Schedules of Federal Debt annually. As part of these audits, GAO performs a review of information systems controls over key Fiscal Service financial systems relevant to the Schedule of Federal Debt.
This report presents the deficiencies identified during GAO’s fiscal year 2015 testing of information systems controls over key Fiscal Service financial systems relevant to the Schedule of Federal Debt. This report also includes the results of GAO’s fiscal year 2015 follow-up on the status of Fiscal Service’s corrective actions to address information systems control-related deficiencies and associated recommendations contained in GAO’s prior years’ reports that were open as of September 30, 2014.
What GAO Recommends
In a separately issued Limited Official Use Only report, GAO made eight recommendations to address the eight new information systems general control deficiencies related to security management, access controls, configuration management, and segregation of duties. In commenting on a draft of the separately issued Limited Official Use Only report, the Commissioner of the Bureau of the Fiscal Service stated that subsequent to September 30, 2015, Fiscal Service had taken steps to remediate the two findings that remained from GAO’s prior years’ audits and had actions planned or under way to address the eight new recommendations made in this year’s report. GAO plans to follow up to determine the status of corrective actions taken on these matters during its audit of the fiscal year 2016 Schedule of Federal Debt.
For more information, contact Dawn B. Simpson at (202) 512-3406 or simpsondb@gao.gov.
Nov 4, 2016
-
Inspectors General:
Improvements to IG Oversight Needed for Architect of the Capitol OperationsGAO-17-25: Published: Nov 4, 2016. Publicly Released: Nov 4, 2016.
Oct 28, 2016
-
U.S. Capitol Grounds Concerts:
Improvements Needed in Management Approval Controls over Certain PaymentsGAO-17-44: Published: Oct 25, 2016. Publicly Released: Oct 28, 2016.
Aug 19, 2016
-
DOD Financial Management:
Improvements Needed in the Navy's Audit Readiness Efforts for Fund Balance with TreasuryGAO-16-47: Published: Aug 19, 2016. Publicly Released: Aug 19, 2016.
Aug 12, 2016
-
Congressional Award Foundation:
Review of the Audit of the Financial Statements for Fiscal Year 2015GAO-16-754R: Published: Aug 12, 2016. Publicly Released: Aug 12, 2016.
Jul 29, 2016
-
DATA ACT:
Improvements Needed in Reviewing Agency Implementation Plans and Monitoring ProgressGAO-16-698: Published: Jul 29, 2016. Publicly Released: Jul 29, 2016.
Jul 28, 2016
-
Financial Management Systems:
HUD Needs to Address Management and Governance Weaknesses That Jeopardize Its Modernization EffortsGAO-16-656: Published: Jul 28, 2016. Publicly Released: Jul 28, 2016. -
Management Report:
Areas for Improvement in the Bureau of the Fiscal Service's Information Systems ControlsGAO-16-655R: Published: Jul 28, 2016. Publicly Released: Jul 28, 2016.
Jul 13, 2016
-
Management Report:
Improvements Needed in Controls over the Processes Used to Prepare the U.S. Consolidated Financial StatementsGAO-16-621: Published: Jul 13, 2016. Publicly Released: Jul 13, 2016.
Jul 11, 2016
-
Improper Payments:
CFO Act Agencies Need to Improve Efforts to Address Compliance IssuesGAO-16-554: Published: Jun 30, 2016. Publicly Released: Jul 11, 2016.
Jun 13, 2016
-
Management Report:
Improvements Needed in CFPB's Internal Controls and Accounting ProceduresGAO-16-522R: Published: Jun 13, 2016. Publicly Released: Jun 13, 2016.
Looking for more? Browse all our products here