Federal Reserve Banks: Areas for Improvement in Information Systems Controls
In connection with fulfilling our requirement to audit the financial statements of the U.S. government, we audited and reported on the Schedules of Federal Debt Managed by the Bureau of the Public Debt (BPD) for the fiscal years ended September 30, 2010 and 2009. As part of these audits, we performed a review of information systems controls over key financial systems maintained and operated by the Federal Reserve Banks (FRB) on behalf of the Department of the Treasury's (Treasury) BPD relevant to the Schedule of Federal Debt. As we reported in connection with our audit of the Schedules of Federal Debt for the fiscal years ended September 30, 2010 and 2009, we concluded that BPD maintained, in all material respects, effective internal control over financial reporting relevant to the Schedule of Federal Debt as of September 30, 2010, that provided reasonable assurance that misstatements, losses, or noncompliance material in relation to the Schedule of Federal Debt would be prevented, or detected and corrected on a timely basis. However, we identified information systems deficiencies affecting internal control over financial reporting, which, while we do not consider them to be collectively either a material weakness or significant deficiency, nevertheless warrant FRB management's attention and action. This report presents a control deficiency we identified during our fiscal year 2010 testing of information systems controls over key financial systems maintained and operated by the FRBs relevant to BPD's Schedule of Federal Debt. This report also includes the results of our follow-up on the status of FRB's corrective actions to address information systems control-related recommendations contained in our prior years' reports and open as of September 30, 2009. In a separately issued Limited Official Use Only report, we communicated detailed information regarding our findings to FRB management.
Recommendations for Executive Action
|Division of Reserve Bank Operations and Payment Systems||The Director of Reserve Bank Operations and Payment Systems should direct the appropriate FRB officials to implement the new detailed recommendation presented in the separately issued Limited Official Use Only report.||
In connection with our audits of the fiscal years 2013 and 2012 Schedules of Federal Debt, we reviewed the status of actions taken to address the open information systems control recommendations at the Federal Reserve Banks (FRB) identified during our prior years' audits. During GAO's follow-up on the status of FRB's corrective actions to address information systems control-related deficiencies and associated recommendations contained in GAO's prior years' reports that were open as of September 30, 2012, GAO determined that corrective action has been implemented for the recommendation issued to the FRB in connection with the audit of the fiscal year 2010 Schedule of Federal Debt.