Skip to main content

Department of Commerce's Second-Year Efforts To Implement the Federal Managers' Financial Integrity Act

RCED-86-21 Published: Nov 05, 1985. Publicly Released: Nov 05, 1985.
Jump To:
Skip to Highlights

Highlights

GAO reviewed the Department of Commerce's second-year implementation of the Federal Managers' Financial Integrity Act and assessed: (1) Commerce's progress in implementing actions to correct internal control weaknesses and in improving its internal control evaluation process; (2) Commerce's progress in correcting accounting systems' areas of nonconformance with the Comptroller General's principles and standards and in improving its evaluation of accounting systems; and (3) the reasonableness of the Secretary's annual report on internal controls and accounting systems.

Recommendations

Recommendations for Executive Action

Agency Affected Recommendation Status
Department of Commerce The Secretary of Commerce should direct the Assistant Secretary for Administration to revise Commerce's segmentation guidelines to specify criteria for determining when automatic data processing (ADP) should be considered a separate assessable unit.
Closed – Implemented
Commerce drafted guidance which contained specific criteria for segmenting assessable units containing major ADP activities and reviewing Commerce's major ADP sites. Commerce issued this guidance in February 1987.
Department of Commerce The Secretary of Commerce should direct the Assistant Secretary for Administration to require managers to identify specific risks and controls associated with their activities on their vulnerability assessment forms.
Closed – Implemented
Revised Office of Management and Budget (OMB) Circular A-123 now permits either a vulnerability assessment or an alternative procedure which will identify potential risks in operations. Commerce opted to use the alternative procedure involving common review criteria within each bureau to come up with a numerical ranking. Criteria for managers to identify risks was issued by May 1987.
Department of Commerce The Secretary of Commerce should direct the Assistant Secretary for Administration to require that managers, in determining a numerical average for their vulnerability, weigh identified risks according to their importance to the assessed unit.
Closed – Implemented
The criteria Commerce issued in May 1987 included a vulnerability assessment form to help managers identify risk according to their importance to the assessed unit.
Department of Commerce The Secretary of Commerce should direct the Assistant Secretary for Administration to provide criteria for evaluating ADP activities, data center operations, data origination, input, and processing.
Closed – Implemented
Commerce has obtained a computerized system to conduct risk assessments of its ADP facility. Commerce annually conducts evaluations of ADP facilities.
Department of Commerce The Secretary of Commerce should direct the Assistant Secretary for Administration to ensure that her staff, or the Office of the Inspector General's staff or bureau internal control staffs, provide necessary assistance to internal control review (ICR) teams by evaluating the completeness of the risks and controls identified by the teams.
Closed – Implemented
In order to ensure compliance of Commerce's June 1985 revised guidelines chapter on conducting ICR, departmental internal control staff were directed to meet with all bureau coordinators to reiterate that ICR teams need to receive appropriate technical assistance. Commerce will monitor bureau progress on ICR to ensure that assistance is provided.
Department of Commerce The Secretary of Commerce should direct the Assistant Secretary for Administration to ensure that her staff, or the Office of the Inspector General's staff or bureau internal control staffs, provide necessary assistance to ICR teams by evaluating their plans to test controls before the controls are actually tested.
Closed – Implemented
In June 1985, Commerce revised guidelines on conducting ICR to require that ICR team leaders seek guidance from the Department at three stages of the review to ensure that the appropriate event cycle is identified and selected, all major risks, control objectives, and techniques are identified, and appropriate testing is planned and conducted.
Department of Commerce The Secretary of Commerce should not report that the Department's accounting systems are in conformance with the Comptroller General's requirements until they have been adequately evaluated in operation.
Closed – Implemented
Commerce's position is that its reviews provide reasonable assurance that the accounting systems, taken as a whole, meet GAO principles, standards, and related requirements. Commerce evaluated systems according to revised guidelines and believes that it has a sound basis for stating that its systems comply with CG principles and standards.
Department of Commerce The Secretary of Commerce should ensure that Commerce bureaus test their accounting systems to determine operational conformance with the Comptroller General's principles, standards, and related requirements. Specifically, testing should include determining whether valid transactions are processed in accordance with applicable requirements and whether the system reacts appropriately to invalid transactions.
Closed – Implemented
Commerce's Conference Review Handbook was revised in January 1986 to include, among other things, guidelines on testing systems as outlined in appendix H of OMB Guidelines for Evaluating Financial Management/Accounting Systems. OMB testing procedures will be a required part of the review process.

Full Report

Office of Public Affairs

Topics

Accounting systemsFraudInternal auditsInternal controlsMaterialityProgram abusesProgram evaluationReporting requirementsCensusQuality assurance