About | HeinOnline Law Journal Library | HeinOnline Law Journal Library | HeinOnline
LOG IN
LOG IN

GAO-08-836R 1 (2008-06-16)

handle is hein.gao/gaocrptawtx0001 and id is 1 raw text is: Siai Accountability * Integrity * Reliability United States Government Accountability Office Washington, DC 20548 June 16, 2008 Louise L. Roseman, Director Division of Reserve Bank Operations and Payment Systems Board of Governors of the Federal Reserve System Subject: Federal Reserve Banks: Areas for Improvement in Information Security Controls Dear Ms. Roseman: In connection with fulfilling our requirement to audit the financial statements of the U.S. government,' we audited and reported on the Schedules of Federal Debt Managed by the Bureau of the Public Debt (BPD) for the fiscal years ended September 30, 2007 and 2006.2 As part of these audits, we performed a review of the general and application information security controls over key financial systems maintained and operated by the Federal Reserve Banks (FRBs) on behalf of the Department of the Treasury's BPD relevant to the Schedule of Federal Debt. In our audit report on the Schedules of Federal Debt for the fiscal years ended September 30, 2007 and 2006, we concluded that BPD maintained, in all material respects, effective internal control relevant to the Schedule of Federal Debt related to financial reporting and compliance with applicable laws and regulations as of September 30, 2007, that provided reasonable assurance that misstatements, losses, or noncompliance material in relation to the Schedule of Federal Debt would be prevented or detected on a timely basis. However, we found matters involving information security controls that we do not consider to be significant deficiencies. As it relates to controls over financial reporting and compliance with applicable laws and regulations, the potential effect of such control deficiencies was mitigated by the '31 U.S.C. § 331(e). 2GAO, Financial Audit: Bureau of the Public Debt's Fiscal Years 2007 and 2006 Schedules of Federal Debt, GAO-08-168 (Washington, D.C.: Nov. 7, 2007). 3A significant deficiency is a control deficiency, or combination of control deficiencies, that adversely affects the entity's ability to initiate, authorize, record, process, or report financial data reliably in accordance with U.S. generally accepted accounting principles such that there is more than a remote likelihood that a misstatement of the entity's financial statements that is more than inconsequential will not be prevented or detected. A control deficiency exists when the design or operation of a control does not allow management or employees in the normal course of performing their assigned functions to prevent or detect misstatements on a timely basis. GAO-08-836R Information Security Controls at FRBs Page 1

What Is HeinOnline?

HeinOnline is a subscription-based resource containing thousands of academic and legal journals from inception; complete coverage of government documents such as U.S. Statutes at Large, U.S. Code, Federal Register, Code of Federal Regulations, U.S. Reports, and much more. Documents are image-based, fully searchable PDFs with the authority of print combined with the accessibility of a user-friendly and powerful database. For more information, request a quote or trial for your organization below.



Contact us for annual subscription options:

Contact Us

Already a HeinOnline Subscriber?

Log In

profiles profiles most