Financial Management Service

Significant Weaknesses in Computer Controls Continue Gao ID: GAO-02-317 January 31, 2002

The Financial Management Service's (FMS) overall security control environment continues to be ineffective in identifying, deterring, and responding to computer control weaknesses promptly. Consequently, billions of dollars of payments and collections are at significant risk of loss or fraud, sensitive data are at risk of inappropriate disclosure, and critical computer-based operations are vulnerable to serious disruptions. During its fiscal year 2000 audit, GAO found new general computer control weaknesses in the entity-wide security management program, access controls, and system software. GAO also identified new weaknesses in the authorization and completeness controls over one key FMS financial application. GAO's follow-up on the status of FMS's corrective actions to address weaknesses discussed in its fiscal year 1999 report found that, as of September 30, 2000, FMS had corrected or mitigated the risks associated with 35 of the 61 computer control weaknesses discussed in that report. To assist FMS management in addressing its computer control weaknesses, GAO made four overall recommendations in this public report.

Recommendations

Our recommendations from this work are listed below with a Contact for more information. Status will change from "In process" to "Open," "Closed - implemented," or "Closed - not implemented" based on our follow up work.

Director: Team: Phone:


The Justia Government Accountability Office site republishes public reports retrieved from the U.S. GAO These reports should not be considered official, and do not necessarily reflect the views of Justia.