Skip to main content

Federal Information System Controls Audit Manual

Jump To:

Overview

The Federal Information System Controls Audit Manual (FISCAM) is a joint effort between GAO and the Council of the Inspectors General on Integrity and Efficiency (CIGIE). FISCAM presents a methodology for assessing information system controls in accordance with generally accepted government auditing standards (GAGAS), also known as the Yellow Book. Information system controls are internal controls that depend on processing performed by information systems using information technology (e.g., computers and networks). These include user controls, application controls, and general controls. 

The FISCAM methodology is designed to be used primarily on federal financial audits in conjunction with the GAO and Council of the Inspectors General on Integrity and Efficiency’s (CIGIE) Financial Audit Manual (FAM). FISCAM may also be used for attestation engagements and performance audits to assess the effectiveness of information system controls.

How to Access FISCAM

You may download the full manual in PDF format or Word format. FISCAM supersedes previously issued versions and is effective beginning with fiscal year and calendar year 2026 audits of federal entity financial statements. The 2026 revision of FISCAM is effective for attestation engagements and performance audits beginning on or after October 1, 2026.

View the Current FISCAM

Download the FISCAM in Word: [DOCX]

Revisions

The current revision of FISCAM reflects changes in relevant auditing standards, guidance, control criteria, and technology since the last revision in September 2024. The revisions are primarily based on changes in (1) Standards for Internal Control in the Federal Government issued on May 15, 2025 and (2) the GAO/CIGIE Financial Audit Manual, Volume 1 issued on June 29, 2026.

Users should also consider any subsequently issued standards and guidance.

For the superseded versions, see FISCAM archives [ZIP]
 

Supplemental Material

Download the FISCAM framework in Excel: [XLSX]
Download the FISCAM framework crosswalk in Excel: [XLSX]
 

Resources

GAO Contacts

For technical or practice questions regarding the FISCAM, please e-mail FISCAM@gao.gov or contact Dawn B. Simpson at SimpsonDB@gao.gov.