Financial Management Service: Significant Weaknesses in Computer Controls

During the fiscal year 1999 testing of the effectiveness of FMS general and application controls, GAO followed up on the status of the FMS corrective actions to address vulnerabilities identified in its audits for fiscal years 1998 and 1997. GAO found that, at September 30, 1999, FMS had corrected or mitigated the risks associated with 52 of the 94 weaknesses that were identified in this report. FMS officials have informed us that it has taken further actions to correct or mitigate the risks associated with another 23 weaknesses and that it will continue to take actions to correct the remaining weaknesses. GAO is closing this recommendation because the remaining outstanding actions to correct weaknesses identified in this report have been included in GAO's report on fiscal year 1999 testing results issued in September 2000.

FRB officials have informed FMS that it has corrected or plans to correct the computer control vulnerabilities that were identified at the FRB related to FMS systems. Based on the FRBs proactive approach in addressing vulnerabilities identified in prior years, GAO considers this recommendation closed. GAO will follow up on these matters during its ongoing audit of the federal government's fiscal year 2000 financial statements.