Information Security: Corps of Engineers Making Improvements, But Weaknesses Continue
Abstract
In connection with our requirement to audit the annual U.S. government consolidated financial statements and in support of the Army Audit Agency's audit of the financial statements of the U.S. Army Corps of Engineers, Civil Works, GAO tested selected general and application controls over the Corps of Engineers Financial Management System (CEFMS). The U.S. Army Corps of Engineers relies on CEFMS to perform key financial management functions supporting the Corps' military and civil works missions. GAO previously reported (for fiscal year 1999) on general and application control weaknesses that placed CEFMS at significant risk of unauthorized disclosure and modification of sensitive data and programs, misuse or damage to computer resources, or disruption of critical operations. For the current engagement, our objective was to evaluate the design and test the effectiveness of selected Corps general and application computer controls over CEFMS for fiscal year 2001. In doing so, we also assessed the corrective actions taken by the Corps to address the weaknesses that we identified during our fiscal year 1999 review. This report also includes a summary (based on work led by the Army Audit Agency) of general control weaknesses associated with Corps entitywide security management and service continuity.
Document Details
- Document Type
- Technical Report
- Publication Date
- Jun 01, 2002
- Accession Number
- ADA402616
Entities
Organizations
- United States Government Accountability Office