Financial Audit: Panama Canal Commission's Management Letter for FY 1994

AIMD-95-104ML Published: Mar 31, 1995. Publicly Released: Mar 31, 1995.

Highlights

GAO reviewed the Panama Canal Commission's (PCC) general controls over its computer information systems and identified ways to strengthen PCC computer security. GAO noted that: (1) there are nonmaterial weaknesses in PCC computer information systems that warrant management's attention; (2) PCC needs to improve its implementation of access control software to better utilize available capabilities in the areas of user passwords, terminal access, and data protection; (3) PCC needs to strengthen control over its management information systems (MIS) by ensuring the segregation of duties and centralizing responsibility for MIS security; and (4) PCC needs to develop formal MIS security policies and procedures, document the MIS controls environment and personnel position descriptions, and develop better computer security training programs.

Full Report

Full Report (10 pages)

Office of Public Affairs

Chuck Young

Managing Director

youngc1@gao.gov

(202) 512-4800

Topics

Auditing and Financial Management

Access controlAccounting proceduresComputer securityComputer protection softwareFinancial managementFinancial statement auditsIndependent agenciesInformation systemsInternal controlsManagement information systemsPasswordsPosition descriptionsSecurity policiesSoftware