Federal Reserve Banks:

Areas for Improvement in Computer Controls

GAO-02-266R: Published: Dec 10, 2001. Publicly Released: Dec 10, 2001.

Additional Materials:


Gary T. Engel
(202) 512-8815


Office of Public Affairs
(202) 512-4800

As part of its audit of the U.S. government's fiscal year 2000 financial statements, GAO reviewed computer controls over key financial systems maintained and operated by the Federal Reserve Banks (FRB) on behalf of the Department of the Treasury's Financial Management Service (FMS) and the Bureau of the Public Debt (BPD). GAO identified opportunities to improve general controls related to access at two data centers; access, system software, and service continuity at a third data center; and access and system software at a fourth data center. GAO also identified opportunities to improve authorization controls over four key applications and accuracy controls over one of these key applications. FRB had corrected or mitigated the risks associated with all vulnerabilities discussed in earlier GAO reports. Although the general and application controls identified do not pose significant risks to the FMS and BPD financial systems, they warrant action to decrease the risk of inappropriate disclosure and modification of sensitive data and programs, misuse of or damage to computer resources, and disruption of critical operations.

Recommendation for Executive Action

  1. Status: Closed - Implemented

    Comments: GAO's follow-up on the status of the FRBs' corrective actions to address the vulnerabilities identified in this report found that the FRB had corrected or mitigated the risks associated with 25 of the 29 general and application control vulnerabilities, and are in the process of addressing the remaining four. GAO will follow up on these matters during its audit of the U.S. government's fiscal year 2002 financial statements.

    Recommendation: The Director of the Federal Reserve System's Division of Federal Reserve Bank Operations should assign to cognizant FRB officials responsibility and accountability for correcting each vulnerability that GAO identified and for addressing each of the specific recommendations detailed in the enclosure to that letter.

    Agency Affected: Federal Reserve System: Board of Governors: Division of Reserve Bank Operations and Payment Systems


Explore the full database of GAO's Open Recommendations »

Sep 4, 2020

Jul 21, 2020

Jul 6, 2020

Apr 30, 2020

  • finance icon, source: Comstock

    Priority Open Recommendations:

    Department of the Treasury
    GAO-20-549PR: Published: Apr 23, 2020. Publicly Released: Apr 30, 2020.

Apr 27, 2020

Apr 21, 2020

Apr 20, 2020

Jan 24, 2020

Looking for more? Browse all our products here