This is the accessible text file for GAO report number GAO-04-624R entitled 'Responses to Posthearing Questions Related to GAO's Testimony on the U.S. Government's Consolidated Financial Statements for Fiscal Year 2003' which was released on April 30, 2004. This text file was formatted by the U.S. General Accounting Office (GAO) to be accessible to users with visual impairments, as part of a longer term project to improve GAO products' accessibility. Every attempt has been made to maintain the structural and data integrity of the original printed product. Accessibility features, such as text descriptions of tables, consecutively numbered footnotes placed at the end of the file, and the text of agency comment letters, are provided but may not exactly duplicate the presentation or format of the printed version. The portable document format (PDF) file is an exact electronic replica of the printed version. We welcome your feedback. Please E-mail your comments regarding the contents or accessibility features of this document to Webmaster@gao.gov. This is a work of the U.S. government and is not subject to copyright protection in the United States. It may be reproduced and distributed in its entirety without further permission from GAO. Because this work may contain copyrighted images or other material, permission from the copyright holder may be necessary if you wish to reproduce this material separately. April 30, 2004: The Honorable Todd R. Platts: Chairman: Subcommittee on Government Efficiency and Financial Management: Committee on Government Reform: House of Representatives: Subject:Responses to Posthearing Questions Related to GAO's Testimony on the U.S. Government's Consolidated Financial Statements for Fiscal Year 2003: Dear Mr. Chairman: On March 3, 2004, I testified before your subcommittee at a hearing on our report on the U.S. government's consolidated financial statements for fiscal year 2003.[Footnote 1] This letter responds to your questions related to our testimony and to subsequent questions from the Vice Chairman that you asked us to answer for the record. Questions from Chairman Platts: 1. Do you think that the Department of Homeland Security (DHS) has adequate resources to meet the November 15 financial reporting deadline for fiscal year 2004? During his March 10, 2004, testimony before your subcommittee, DHS's chief financial officer (CFO) expressed satisfaction with the current level of accounting staff in his office and in the department's bureaus but indicated that additional staff may be needed in the future. In DHS's fiscal year 2003 Performance and Accountability Report, however, DHS's independent financial statement auditor reported that one of the agency's seven material weaknesses was related to financial management and personnel.[Footnote 2] Specifically, the auditor reported that DHS's Office of the Chief Financial Officer (OCFO) "has not hired or contracted qualified personnel to properly perform financial reporting functions of an executive branch department CFO's office." The fact that DHS's independent auditor listed financial management and personnel as a material weakness and recommended that OCFO hire or contract for additional accounting personnel who possess complementary technical accounting skills suggests that additional resources may be needed as DHS continues to address the transformation of its financial systems and reporting. 2. Is there a time frame for GAO's review of whether it would be cost- beneficial to require an opinion on internal control in conjunction with federal agencies' Yellow Book audits? As we discuss in further detail later in this letter, we believe that requiring opinions on internal control over financial reporting (including safeguarding of assets) and compliance with relevant laws and regulations for CFO Act agencies and DHS is a reasonable and necessary step to evaluate and to inform the public as to whether agencies have sufficient financial reporting systems and controls in place. As discussed later in our response to Vice Chairman Blackburn's question 2, the Sarbanes-Oxley Act of 2002 requires such reporting for public companies. In this regard, 3 of the 23 CFO Act agencies[Footnote 3] already receive auditor opinions on their internal control.[Footnote 4] Importantly, in our view, extending any requirement for opinions on internal control over financial reporting to all federal agencies and Yellow Book financial statement audits would not pass a cost/benefit test. The first step is for management to conduct an assessment of its internal control. The agency head would communicate the results of this assessment in a written statement, or an assertion, and would express an overall conclusion as to the effectiveness of the controls in providing reasonable assurance that the objectives are achieved. The auditor, as part of the financial statement audit, would then provide audit assurance on the agency head's assertion and on the effectiveness of internal control. This audit assurance would be provided following generally accepted government audit standards. In this regard, at the federal level with the 1982 passage of the Federal Managers' Financial Integrity Act (FIA), the Congress required agency management to continually assess and report annually to the President as to whether the agency's system of internal control meets the Comptroller General's Standards for Internal Control in the Federal Government.[Footnote 5] The responsibility for assuring the adequacy of internal control rests with management and not the auditor. As envisioned by the Congress when it enacted FIA more than 20 years ago, the auditor though must play an important role in evaluating management's efforts to carry out the letter and intent of the act. Reporting on the adequacy of internal control would help the inspectors general in carrying out their role under FIA. It is also important to note that underlying the Sarbanes-Oxley Act requirement for the auditor to provide an opinion on internal control is a requirement of public company's management to assert as to the effectiveness of its system of internal control. If agency management has made a proper ongoing assessment of its system of internal control and is meeting its obligation under FIA, then the additional work needed by federal auditors in providing an opinion on management's assertion and on the effectiveness of an agency's system of internal control would be minimized. As you know, the Yellow Book applies to a wide range of entities that vary greatly in both size and complexity. GAO is currently developing guidance for use in considering whether and under what circumstances an auditor's opinion on an entity's internal control is appropriate and cost-beneficial for non-CFO Act federal agencies and certain state and local governments that receive financial audits under the Yellow Book.[Footnote 6] We hope to have the guidance out in draft form later this year, at which time we will request comments from all constituencies involved. The guidance will provide a framework for government entities, and those who oversee those entities, to use when considering whether an auditor's opinion on internal control would be beneficial. Questions from Vice-Chairman Blackburn, Submitted on March 10, 2004: 1. If agencies were fully compliant with FFMIA, what effect would that have on their financial statements and on their internal controls? The Federal Financial Management Improvement Act of 1996 (FFMIA)[Footnote 7] builds on the foundation laid by the CFO Act[Footnote 8] by emphasizing the need for agencies to have financial management systems that can generate reliable, timely, and useful information with which to make informed decisions and to ensure accountability on an ongoing basis. FFMIA requires that the departments and agencies covered by the CFO Act implement and maintain financial management systems that comply substantially with (1) federal financial management systems requirements, (2) applicable federal accounting standards, and (3) the U.S. government Standard General Ledger at the transaction level. As the Office of Management and Budget (OMB) discussed in its January 2001 guidance on FFMIA,[Footnote 9] agencies that are substantially compliant with FFMIA can prepare financial statements and other required financial and budget reports using information generated by their financial management systems. Agencies that do not have modern, integrated financial management systems[Footnote 10] typically must expend major effort and resources to develop information that their systems should be able to provide on a daily or other recurring basis. For example, the auditor for the Department of Health and Human Services (HHS) reported in November 2003 that systems and internal control weaknesses, such as lack of an integrated financial management system, continued to make it difficult for certain HHS operating divisions to prepare timely and reliable financial statements. The National Institutes of Health (NIH) financial system, for example, was not designed for financial reporting purposes and has not fully adopted the U.S. government Standard General Ledger. As a result, NIH must spend an inordinate amount of time consolidating and adjusting its numerous institutes' and centers' trial balances to prepare financial statements. For fiscal year 2003, this process generated about 1,900 nonstandard accounting entries with a value of about $14.2 billion. Accurate and timely recording of financial information is key to successful financial management and to being in substantial compliance with FFMIA. Timely recording of transactions can facilitate accurate reporting in agencies' financial reports and other management reports that are used to guide managerial decision making. The Comptroller General's Standards for Internal Control in the Federal Government[Footnote 11] states that transactions should be promptly recorded to maintain their relevance and value to management in controlling operations and making decisions. Systems that do not require timely recording of transactions during the fiscal year can result in agencies making substantial efforts at fiscal year-end that are susceptible to error and increase the risk of misstatements. For example, the auditor for the U.S. Agency for International Development (AID) reported for fiscal year 2003 that AID lacked an adequate system or process to recognize its worldwide accounts receivable in a timely manner and had to rely on a Web-based collection tool to determine year-end accounts receivable amounts. What is important here is that the information was not available on an ongoing basis for day-to-day management. Being substantially compliant with FFMIA means that a federal agency's financial management systems as a whole substantially comply with the three requirements mentioned earlier. Internal control is embodied in these three requirements. At the same time, internal control comprises much more than substantial compliance with FFMIA. Internal control is an integral component of an organization's management that provides reasonable assurance that the following objectives are being achieved: (1) effectiveness and efficiency of operations, (2) reliability of financial reporting, and (3) compliance with applicable laws and regulations. Internal control should be an integral part of each system that management uses to regulate and guide operations, including, but not limited to, financial management systems. 2. What additional reforms would be needed to ensure that agencies have sufficient financial systems and adequate internal controls? Over the past two plus decades, the Congress has enacted a series of management reform laws to improve the accountability and effectiveness of government programs. We believe that, in conjunction with the annual financial statement audits of the CFO Act agencies and DHS, the next logical steps are (1) for these agencies to report annually on management's assessment of the effectiveness of agency internal control over financial reporting (including safeguarding of assets) and compliance with relevant laws and regulations and (2) to require auditor opinions on both management's assessment and on the effectiveness of agencies' internal control over financial reporting (including safeguarding of assets) and compliance with relevant laws and regulations. We believe that the legislative framework in place provides the foundation for moving to this next step. The Congress passed the Federal Managers' Financial Integrity Act of 1982 (FIA) (now codified at 31 U.S.C. 3512(c), (d)) to strengthen internal control and accounting systems throughout the federal government. In the 1980s and 1990s, the Congress passed additional management reform legislation to improve the general and financial management of the federal government. The combination of reforms ushered in by (1) the Single Audit Act of 1984 and the Single Audit Act Amendments of 1996,[Footnote 12] (2) the Prompt Payment Act,[Footnote 13] (3) the CFO Act, (4) the Government Performance and Results Act of 1993,[Footnote 14] (5) the Government Management Reform Act of 1994,[Footnote 15] (6) FFMIA, (7) the Clinger- Cohen Act of 1996,[Footnote 16] (8) the Debt Collection Act of 1982[Footnote 17] and the Debt Collection Improvement Act of 1996,[Footnote 18] and (9) the Accountability of Tax Dollars Act of 2002,[Footnote 19] if successfully implemented, provides a basis for improving accountability and effectiveness of government programs and operations and routinely producing valuable cost and operating performance information, thereby making it possible to better assess and improve the government's effectiveness, financial condition, and operating performance. In the private sector, the Sarbanes-Oxley Act of 2002 requires principal executive officers and financial officers of public companies to certify their conclusions about internal control effectiveness.[Footnote 20] Auditing Standard No. 2, issued by the Public Company Accounting Oversight Board (PCAOB)[Footnote 21] in response to the requirements of the Sarbanes-Oxley Act of 2002, requires auditors of U.S. publicly traded companies to (1) report on the scope of internal control testing that was performed as part of the audit, (2) issue an opinion on whether management's assessment of the effectiveness of the company's internal control is fairly stated, and (3) issue an opinion on the effectiveness of the company's internal control.[Footnote 22] We believe that requiring auditor opinions on both the effectiveness of CFO Act agencies' and DHS's internal control and management's assessment of the effectiveness of those controls in appropriate circumstances would help the Congress assess the impact and the effectiveness of existing reform legislation and help target agencies' efforts in improving financial reporting systems and controls. Requiring officials of CFO Act agencies and DHS to certify their assessment of the effectiveness of agency internal control and requiring auditor opinions on both management's assessment and on the effectiveness of internal control are reasonable and necessary steps to evaluate whether agencies have sufficient financial reporting systems and internal controls in place. With these requirements, CFO Act agencies and DHS would operate with the same accountability and transparency related to internal control that the Congress requires for publicly traded companies. As discussed earlier in this letter, 3 of the 23 CFO Act agencies already receive auditor opinions on their internal control. In GAO's efforts to lead by example, as the Comptroller General of the United States, I annually report my assessment of the effectiveness of GAO's internal control over financial reporting (including safeguarding of assets) and compliance with relevant laws in our Performance and Accountability Report, and our independent auditors opine on the adequacy of internal control in conjunction with their audit of GAO's financial statements. As previously discussed, there are already statutory requirements for agencies to evaluate the effectiveness and report annually to the President on their assessment of the effectiveness of internal control. If agency management has done a proper assessment, we believe that the additional work needed to issue an opinion on management's assessment and the effectiveness of internal control as part of the financial statement audits should not be significant. We believe that a requirement for auditor opinions on management's assessment and the effectiveness of internal control as part of the financial statement audit is necessary and appropriate for CFO Act agencies and DHS. These measures should move the departments and agencies closer to the objectives of adequate financial systems and internal control to safeguard and manage the resources entrusted to them by the American people. 3. In your opinion, does FFMIA need improvements? In what areas and how should they be done? Our reports on FFMIA assessments since fiscal year 2000 have highlighted that auditors are providing negative assurance on agencies' compliance with FFMIA as called for in OMB Bulletin No. 01-02, Audit Requirements for Federal Financial Statements.[Footnote 23] As I testified before this subcommittee on March 3, 2004,[Footnote 24] for fiscal year 2003, 6 of the 23 CFO Act agency auditors reported that the results of tests disclosed no instances in which the agencies' systems did not substantially comply with FFMIA. These auditors did not definitively state whether the agencies' financial management systems substantially complied with FFMIA, as required by the law. This distinction is important. The auditors for these agencies reported in accordance with OMB Bulletin No. 01-02, which does not require the auditors to make a definitive statement as to an agency's financial management systems' substantial compliance with FFMIA. Rather than requiring such a definitive statement, the OMB bulletin permits auditors to report negative assurance. With negative assurance, auditors are not saying that they determined the systems to be substantially compliant. If readers of the audit report do not understand the distinction between negative and positive assurance, they may have a false impression that the agency's financial management systems have been fully tested and found to be substantially compliant with FFMIA. To provide positive assurance, or an opinion on an agency's financial management systems' substantial compliance with FFMIA, auditors will need to consider many aspects of financial management systems beyond those applicable to rendering an opinion on the financial statements. We believe that providing positive assurance and performing the work required to support such a statement are consistent with the language and intent of FFMIA. OMB's revised FFMIA implementation guidance,[Footnote 25] issued in January 2001, has also raised concerns related to the meaning of substantial compliance. Auditors for many of the CFO Act agencies are concerned about the ambiguity in this guidance, particularly the lack of a clear definition of substantial compliance. Until this term is clarified in OMB's guidance, the CFO and audit communities believe that the interpretation and application of the guidance will remain inconsistent throughout the federal government. To compel agency auditors to report in accordance with the law and to address issues concerning the definition of substantial compliance, we have recommended that OMB enhance its audit guidance related to FFMIA assessments. Specifically, we recommended that OMB (1) require agency auditors to provide a statement of positive assurance as to an agency's financial management systems' substantial compliance with FFMIA and (2) clarify the definition of substantial compliance. In its comments on our most recent FFMIA report,[Footnote 26] OMB disagreed with our recommendation that it require agency auditors to provide such a statement of positive assurance and stated that it would consider our recommendation concerning clarification of the definition of substantial compliance in the context of any future policy and guidance updates. OMB stated that, in its view, positive assurance does not measure the quality or usefulness of the financial information. We agree with OMB that the ultimate measure of whether an agency has good financial management systems is its ability to routinely provide reliable, useful, and timely financial information, not just at year- end or for financial statements, so that federal leaders will be better positioned to invest resources, reduce costs, and oversee programs. Agency systems' compliance with federal financial management systems requirements, applicable accounting standards, and the U.S. government Standard General Ledger are building blocks to help achieve this goal. At the same time, providing positive assurance, as the law requires, means that auditors must independently validate and report unequivocally whether financial management systems substantially comply with FFMIA requirements and provide a basis for achieving the end goal of routinely providing reliable, useful, and timely financial information. The Accountability of Tax Dollars Act of 2002 extended the requirement to prepare and submit audited financial statements to most executive agencies not subject to the CFO Act, including the Department of Homeland Security, unless exempted by OMB. However, the act does not require that these agencies have systems that are compliant with FFMIA. Extending the coverage of FFMIA to these agencies' financial management systems could help ensure that these systems achieve the objective of routinely providing reliable, useful, and timely financial information. 4. What actions do you recommend that would produce financial statements that accurately reflect the federal government's assets and liabilities? Presently, there are three major impediments to producing financial statements that accurately reflect the federal government's assets and liabilities that should be addressed. These major impediments are (1) serious financial management problems at the Department of Defense (DOD), (2) the federal government's inability to fully account for and reconcile transactions between federal government entities, and (3) the federal government's ineffective process for preparing the consolidated financial statements. In addition, improved clarity and transparency are needed in federal financial reporting. In the past, we have made hundreds of recommendations related to financial management and financial systems issues across government. Given the significance of DOD's activities and balances to the consolidated financial statements, until DOD improves its financial and business management systems, processes, and controls, the consolidated financial statements will not accurately reflect the federal government's assets, liabilities, and costs. The Secretary of Defense has included improving DOD's financial management as one of his top 10 priorities, and the department has taken a number of actions under its Business Management Modernization Program, including development in April 2003 of an initial business enterprise architecture to guide operational and technological changes.[Footnote 27] DOD is currently working to refine and implement that architecture and expects to issue new versions of it during 2004 and 2005. Only through major transformation, which will take time and sustained leadership and persistent attention from top management, will DOD be able to meet the mandate of the CFO Act and achieve the President's Management Agenda goal of improved financial performance. In my recent testimony on further actions needed by DOD to achieve successful financial management and business transformation, I reiterated the keys to successful business transformation and made two suggestions for legislative action: (1) that a senior management position be established to spearhead and integrate DOD-wide business transformation efforts and (2) that the leaders of DOD's functional areas, as opposed to the military services, receive and control system investment resources.[Footnote 28] I offered these suggestions for legislative consideration to improve the likelihood of meaningful, broad-based reform in financial management and related business at DOD. To address its long-standing problems with intragovernmental exchange transactions between federal agencies, OMB issued business rules in 2002 to transform and standardize intragovernmental ordering and billing, and Treasury provided federal agencies with quarterly detailed trading partner information during fiscal year 2003 to help them better perform their trading partner reconciliations. In addition, the federal government began a three-phase Intragovernmental Transactions e-gov project to define a governmentwide data architecture and provide a single source of detailed trading partner data. We have recommended that OMB (1) develop policies and procedures that document how it will enforce business rules provided in OMB Memorandum M-03-01, Business Rules for Intragovernmental Transactions,[Footnote 29] and (2) require that significant differences noted between business partners be resolved and the resolution documented.[Footnote 30] Resolving the intragovernmental transactions problem remains a difficult challenge and will require a commitment by the CFO Act agencies and continued strong leadership by OMB. To ensure that the consolidated financial statements are consistent with the underlying audited agency financial statements, balanced, and in conformity with U.S. generally accepted accounting principles, Treasury is developing a new system and procedures to prepare the consolidated financial statements for fiscal year 2004. According to Treasury officials, these actions are intended to, among other things, directly link information from federal agencies' audited financial statements to amounts reported in the consolidated financial statements. Without this direct link, the information in the consolidated financial statements may not be reliable. In October 2003, we provided many recommendations to Treasury to improve its process and correct the internal control weaknesses related to preparing the consolidated financial statements.[Footnote 31] Resolving issues surrounding preparing the consolidated financial statements will require continued strong leadership by Treasury management. Proper accounting and reporting practices are essential in the public sector. Services provided by the federal government--homeland security, national defense, Social Security, mail delivery, and food inspection, to name a few--directly affect the well-being of almost every American. Sound decisions about the future direction of vital federal programs and policies are made more difficult, however, without timely, accurate, and useful financial and performance information. Current financial reporting does not clearly and transparently show the wide range of responsibilities, programs, and activities that may either obligate the federal government to future spending or create an expectation for such spending and provides an unrealistic and even misleading picture of the federal government's overall performance and financial condition. Few agencies adequately show the results they are getting with the taxpayer dollars they spend. In addition, significant federal government commitments and obligations, such as Social Security and Medicare, are not fully and consistently disclosed in the federal government's financial statements and budget, and current federal financial reporting standards do not require such disclosure. The Federal Accounting Standards Advisory Board has a liabilities project under way to define liabilities and specify the definition's application to social insurance programs. Subsequently, the board will consider recognition, measurement, and display of social insurance obligations. I am providing copies of this letter to the Ranking Minority Member and Vice Chairman of your subcommittee. This letter is also available on GAO's Web site at www.gao.gov. If you or your staff have questions about the responses to your questions, please contact me at (202) 512-5500 or Gary T. Engel, Director, at (202) 512-3406 or engelg@gao.gov. Sincerely yours, Signed by: David M. Walker: Comptroller General of the United States: (198253): FOOTNOTES [1] U.S. General Accounting Office, Fiscal Year 2003 U.S. Government Financial Statements: Sustained Improvement in Federal Financial Management Is Crucial to Addressing Our Nation's Future Fiscal Challenges, GAO-04-477T (Washington, D.C.: Mar. 3, 2004). The fiscal year 2003 Financial Report of the United States Government, issued by the Department of the Treasury on February 27, 2004, is available through GAO's Web site at www.gao.gov and Treasury's Web site at www.fms.treas.gov/fr/index.html. [2] A material weakness is a reportable condition in which the design or operation of one or more internal controls do not reduce to a relatively low level the risk that losses, noncompliance, or misstatements in amounts that would be material in relation to the financial statements may occur and not be detected within a timely period by employees in the normal course of their assigned duties. [3] 31 U.S.C. 901(b) (2000). The Federal Emergency Management Agency (FEMA) was transferred to the new Department of Homeland Security (DHS) effective March 1, 2003. With this transfer, FEMA was no longer required to prepare and have audited stand-alone financial statements under the CFO Act, leaving 23 CFO Act agencies. DHS, along with most other executive branch agencies, is required to prepare and have audited financial statements under the Accountability of Tax Dollars Act of 2002, Pub. L. No. 107-289, 116 Stat. 2049. [4] The Social Security Administration and the Nuclear Regulatory Commission received unqualified opinions on their internal control over financial reporting as of September 30, 2003. The General Services Administration received an opinion on its internal control over financial reporting as of September 30, 2003, that was qualified for material weaknesses related to lack of reconciliation controls and control weaknesses that arose as a consequence of new systems implementation. [5] U.S. General Accounting Office, Standards for Internal Control in the Federal Government, GAO/AIMD-00-21.3.1 (Washington, D.C.: Nov. 1, 1999). [6] U.S. General Accounting Office, Government Auditing Standards, 2003 Revision, GAO-03-637G (Washington, D.C.: June 2003) (commonly referred to as the Yellow Book). [7] Pub. L. No. 104-208, div. A, § 101(f), title VIII, 110 Stat. 3009- 389. [8] Pub. L. No. 101-576, 104 Stat. 2838 (1990). [9] Memorandum from Joshua Gotbaum, executive associate director and controller of OMB, to heads of executive departments and establishments, chief financial officers, and inspectors general, "Revised Implementation Guidance for the Federal Financial Management Improvement Act" (Washington, D.C.: Jan. 4, 2001). [10] According to federal financial systems requirements, integrated financial management systems provide effective and efficient interrelationships between software, hardware, personnel, procedures, controls, and data contained within the system. Integrated systems share common data elements, transaction processing, and consistent internal control. Data needed to support financial functions should be entered only once. [11] GAO/AIMD-00-21.3.1. [12] 31 U.S.C. § 7501 et seq. [13] 31 U.S.C. § 3901 et seq. (2000). [14] Pub. L. No. 103-62, 107 Stat. 285. [15] Pub. L. No. 103-356, 108 Stat. 3410. [16] Pub. L. No. 104-106, divs. D, E, 110 Stat. 679. [17] Pub. L. No. 97-365, 96 Stat. 1749. [18] Pub. L. No. 104-134, § 31001, 110 Stat. 1321, 1321-358. [19] Pub. L. No. 107-289, 116 Stat. 2049. [20] Pub. L. No. 107-204, § 302,116 Stat. 745, 777. [21] PCAOB is a private, nonprofit corporation created by the Sarbanes- Oxley Act of 2002 to oversee the auditors of public companies to protect the interests of investors and further public interest in the preparation of informative, fair, and independent audit reports. [22] Public Company Accounting Oversight Board, Release 2004-001, Auditing Standard No. 2, An Audit of Internal Control over Financial Reporting Performed in Conjunction with an Audit of Financial Statements (Mar. 9, 2003). [23] Office of Management and Budget, Bulletin No. 01-02, Audit Requirements for Federal Financial Statements (Washington, D.C.: Oct. 16, 2000). [24] U.S. General Accounting Office, Fiscal Year 2003 U.S. Government Financial Statements: Sustained Improvement in Federal Financial Management Is Crucial to Addressing Our Nation's Future Fiscal Challenges, GAO-04-477T (Washington, D.C.: Mar. 3, 2004). [25] OMB, "Revised Implementation Guidance for the Federal Financial Management Improvement Act." [26] U.S. General Accounting Office, Financial Management: Sustained Efforts Needed to Achieve FFMIA Accountability, GAO-03-1062 (Washington, D.C.: Sept. 30, 2003). [27] See U.S. General Accounting Office, Business Systems Modernization: Summary of GAO's Assessment of the Department of Defense's Initial Business Enterprise Architecture, GAO-03-877R (Washington, D.C.: July 7, 2003). [28] U.S. General Accounting Office, Department of Defense: Further Actions Needed to Establish and Implement a Framework for Successful Financial and Business Management Transformation, GAO-04-551T (Washington, D.C.: Mar. 23, 2004). [29] Office of Management and Budget, Business Rules for Intragovernmental Transactions (Washington, D.C.: Oct. 4, 2002). [30] U.S. General Accounting Office, Process for Preparing the Consolidated Financial Statements Needs Improvement, GAO-04-45 (Washington, D.C.: Oct. 30, 2003). [31] In October 2003, we issued a report based on prior consolidated financial statement audits that discusses in greater detail weaknesses in financial reporting procedures and internal control over the process for preparing the consolidated financial statements. We made 44 recommendations that address weaknesses identified and 16 recommendations that address consolidated financial statement disclosures required by U.S. generally accepted accounting principles. See GAO-04-45.