Skip to main content

Federal Reserve Banks: Areas for Improvement in Computer Controls

AIMD-99-280 Published: Sep 15, 1999. Publicly Released: Sep 15, 1999.
Jump To:
Skip to Highlights

Highlights

Pursuant to a legislative requirement, GAO: (1) followed-up on the status of the Federal Reserve Banks' (FRB) corrective actions to address vulnerabilities identified in GAO's fiscal year (FY) 1997 financial statement audit; and (2) reviewed the general and application controls that support key Financial Management Service (FMS) and Bureau of the Public Debt (BPD) automated financial systems maintained and operated by the FRBs.

Recommendations

Recommendations for Executive Action

Agency Affected Recommendation Status
Board of Governors The Chairman of the Board of Governors of the Federal Reserve System should: (1) assign cognizant FRB officials responsibility and accountability for taking specific actions to correct each of the individual vulnerabilities that were identified during GAO's testing and summarized in the "Limited Official Use" version of this report; and (2) direct the Director of the Division of the Reserve Bank Operations and Payment Systems to monitor the status of all vulnerabilities, including actions taken to correct them.
Closed – Implemented
During GAO's fiscal year 1999 tests of the effectiveness of general and application controls that support key FMS and BPD automated financial systems, it followed up on the status of the FRB's corrective actions to address vulnerabilities identified in GAO's audits for fiscal years 1998 and 1997. GAO found that the FRBs had corrected or mitigated the risks associated with 19 of the 30 general and application control vulnerabilities discussed in prior reports. In commenting on a draft of GAO's fiscal year 1999 report, the Board of Governors of the Federal Reserve System stated that it has corrected or will correct most of the vulnerabilities identified in the report and will study the others before developing and implementing corrective actions. GAO is closing this recommendation because the remaining outstanding actions to correct vulnerabilities identified in this report have been included in the report on fiscal year 1999 testing results issued in May 2000. GAO will follow up on these matters during its ongoing audit of the federal government's fiscal year 2000 financial statements.

Full Report

Topics

AuthorizationComputer resourcesFederal agency accounting systemsFederal reserve banksFinancial management systemsFinancial statement auditsInternal controlsSoftwareSystem softwareData centers