About | HeinOnline Law Journal Library | HeinOnline Law Journal Library | HeinOnline
LOG IN
LOG IN

GAO-10-517R 1 (2010-03-26)

handle is hein.gao/gaobaanrq0001 and id is 1 raw text is: ~G A 0 .EEEEEtAccountability , ntcqrity 'Refahility United States Government Accountability Office Washington, DC 20548 March 26, 2010 The Honorable Van Zeck Commissioner Bureau of the Public Debt Subject: Bureau of the Public Debt: Areas for Improvement in Information Security Controls Dear Mr. Zeck: In connection with fulfilling our requirement to audit the financial statements of the U.S. government,' we audited and reported on the Schedules of Federal Debt Managed by the Bureau of the Public Debt (BPD) for the fiscal years ended September 30, 2009 and 2008.2 As part of these audits, we performed a review of the general and application information security controls over key BPD financial systems. As we reported in connection with our audit of the Schedules of Federal Debt for the fiscal years ended September 30, 2009 and 2008, we concluded that BPD maintained, in all material respects, effective internal control over financial reporting relevant to the Schedule of Federal Debt as of September 30, 2009, that provided reasonable assurance that misstatements, losses, or noncompliance material in relation to the Schedule of Federal Debt would be prevented or detected and corrected on a timely basis. However, we identified information security deficiencies affecting internal control over financial reporting, which, while we do not consider them to be collectively either a material weakness or significant deficiency, nevertheless warrant BPD management's attention and action. This report presents the control deficiencies we identified during our fiscal year 2009 testing of the general and application information security controls that support key '31 U.S.C. § 331(e). 2GAO, Financial Audit: Bureau of the Public Debts Fiscal Years 2009 and 2008 Schedules of Federal Debt, GAO-10-88 (Washington, D.C.: Nov. 10, 2009). 3A significant deficiency is a deficiency, or combination of deficiencies, in internal control that is less severe than a material weakness, yet important enough to merit attention by those charged with governance. A material weakness is a deficiency, or a combination of deficiencies, in internal control such that there is a reasonable possibility that a material misstatement of the entity's financial statements will not be prevented, or detected and corrected on a timely basis. A deficiency in internal control exists when the design or operation of a control does not allow management or employees, in the normal course of performing their assigned functions, to prevent, or detect and correct misstatements on a timely basis. GAO-10-517R Information Security Controls at BPD Page 1

What Is HeinOnline?

HeinOnline is a subscription-based resource containing thousands of academic and legal journals from inception; complete coverage of government documents such as U.S. Statutes at Large, U.S. Code, Federal Register, Code of Federal Regulations, U.S. Reports, and much more. Documents are image-based, fully searchable PDFs with the authority of print combined with the accessibility of a user-friendly and powerful database. For more information, request a quote or trial for your organization below.



Contact us for annual subscription options:

Contact Us

Already a HeinOnline Subscriber?

Log In

profiles profiles most