Financial Management Service: Significant Weaknesses in Computer Controls.

Abstract

The pervasive weaknesses we identified in FMS' computer controls at each of its data centers during our fiscal year 1998 audit renders FMS' overall security control environment ineffective in identifying, deterring, and responding to computer control weaknesses in a timely manner. Our follow-up on the status of FMS' corrective actions to address weaknesses identified in our fiscal year 1997 audit found that FMS had only corrected or mitigated the risks associated with 24 of 72 computer control weaknesses discussed in our "Limited Official Use report issued on July 31, 1998. During the fiscal year 1998 audit, we found new general computer control weaknesses in entitywide security planning and management, access controls, system software, and application software development and change controls. We also identified weaknesses in the authorization controls over all six of the key FMS financial applications we reviewed. In addition, we identified an accuracy control weakness over one of the six key FMS financial applications and a completeness control weakness over another one of the six key FMS financial applications.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Oct 01, 1999
Accession Number
ADA368865

Entities

Organizations

  • United States Government Accountability Office

Tags

DTIC Thesaurus Topics

  • Application Software
  • Computer Network Security
  • Computer Programming
  • Computer Programs
  • Computer Security Software
  • Computers
  • Cybersecurity
  • Data Centers
  • Financial Management
  • Information Systems
  • Operating Systems
  • Reliability
  • Security
  • Security Personnel
  • Software Development
  • System Software
  • Vulnerability

Fields of Study

  • Computer science

Readers

  • Defense Financial Management and Audit.
  • Systems Analysis and Design