Federal Reserve Banks: Areas for Improvement in Computer Controls

During GAO's fiscal year 1999 tests of the effectiveness of general and application controls that support key FMS and BPD automated financial systems, it followed up on the status of the FRB's corrective actions to address vulnerabilities identified in GAO's audits for fiscal years 1998 and 1997. GAO found that the FRBs had corrected or mitigated the risks associated with 19 of the 30 general and application control vulnerabilities discussed in prior reports. In commenting on a draft of GAO's fiscal year 1999 report, the Board of Governors of the Federal Reserve System stated that it has corrected or will correct most of the vulnerabilities identified in the report and will study the others before developing and implementing corrective actions. GAO is closing this recommendation because the remaining outstanding actions to correct vulnerabilities identified in this report have been included in the report on fiscal year 1999 testing results issued in May 2000. GAO will follow up on these matters during its ongoing audit of the federal government's fiscal year 2000 financial statements.