Summary of Security Control Audits of DoD Finance and Accounting Systems
Abstract
Congress emphasized the importance of developing and maintaining controls to protect Federal information and information systems in its 2001 Defense Authorization Act. The Act requires DoD to develop a cost-effective security control program that continually assesses risk, is tested and evaluated periodically, and is approved by the Director, Office of Management and Budget. The General Accounting Office has also emphasized the importance of information system security controls, as well as financial management, by placing both of these issues on its 2001 list of Government-wide high-risk areas. The Defense Finance and Accounting Service is responsible for financial management in DoD and processes payments for about 5.4 million military, civilians, retirees, and annuitants; 14.4 million invoices; and 5.4 million travel payments. The Defense Information Systems Agency provides computer services to the Defense Finance and Accounting Service and processes finance and accounting data on 47 critical finance and accounting systems at 5 computer centers containing 60 large computers. The Inspector General, DoD, issued 28 audit reports from March 1994 through February 2001 that addressed the effectiveness of security controls over DoD financial data. The 28 reports identified weaknesses in controls over DoD finance and accounting systems.
Document Details
- Document Type
- Technical Report
- Publication Date
- Nov 07, 2001
- Accession Number
- ADA396551
Entities
Organizations
- Office of the Inspector General, U.S. Department of Defense