About | HeinOnline Law Journal Library | HeinOnline Law Journal Library | HeinOnline
LOG IN
LOG IN

GAO-07-899R 1 (2007-06-14)

handle is hein.gao/gaocrptavmc0001 and id is 1 raw text is: S=GAO Accountability * Integrity * Reliability United States Government Accountability Office Washington, DC 20548 June 14, 2007 The Honorable Van Zeck Commissioner, Bureau of the Public Debt Subject: Bureau of the Public Debt: Areas for Improvement in Information Security Controls Dear Mr. Zeck: In connection with fulfilling our requirement to audit the financial statements of the U.S. government,' we audited and reported on the Schedules of Federal Debt Managed by the Bureau of the Public Debt (BPD) for the fiscal years ended September 30, 2006 and 2005.2 As part of these audits, we performed a review of the general and application information security controls over key BPD financial systems. In our audit report on the Schedules of Federal Debt for the fiscal years ended September 30, 2006 and 2005, we concluded that BPD maintained, in all material respects, effective internal control relevant to the Schedule of Federal Debt related to financial reporting and compliance with applicable laws and regulations as of September 30, 2006, that provided reasonable assurance that misstatements, losses, or noncompliance material in relation to the Schedule of Federal Debt would be prevented or detected on a timely basis. We found matters involving information security controls that we do not consider to be reportable conditions3 but that nevertheless warrant BPD management's attention and action. BPD mitigated the potential effect of such issues with physical security measures, a program of monitoring user and system activity, and compensating management and reconciliation controls. This report presents the issues identified during our fiscal year 2006 testing of the general and application information security controls that support key BPD automated financial systems relevant to BPD's Schedule of Federal Debt. This report also includes the results of our follow-up on the status of BPD's corrective actions to '31 U.S.C. § 331(e). 2GAO, Financial Audit: Bureau of the Public Debt's Fiscal Years 2006 and 2005 Schedules of Federal Debt, GAO-07-127 (Washington, D.C.: Nov. 7, 2006). 3Reportable conditions are matters coming to our attention that, in our judgment, should be communicated because they represent significant deficiencies in the design or operation of internal control, which could adversely affect the organization's ability to meet the objectives of reliable financial reporting and compliance with applicable laws and regulations. GAO-07-899R Information Security Controls at BPD Page 1

What Is HeinOnline?

HeinOnline is a subscription-based resource containing thousands of academic and legal journals from inception; complete coverage of government documents such as U.S. Statutes at Large, U.S. Code, Federal Register, Code of Federal Regulations, U.S. Reports, and much more. Documents are image-based, fully searchable PDFs with the authority of print combined with the accessibility of a user-friendly and powerful database. For more information, request a quote or trial for your organization below.



Contact us for annual subscription options:

Contact Us

Already a HeinOnline Subscriber?

Log In

profiles profiles most