Review of Data Entry and General Controls in the Collecting and Reporting of the Iraq Relief and Reconstruction Fund

Abstract

In November 2005, we initiated this audit to determine whether policies, procedures, and internal controls established by U.S. government organizations ensure valid and reliable data for management of over 13,000 Iraq Relief and Reconstruction Fund (IRRF) projects with a total value of $18.4 billion. To improve overall management of IRRF projects and funds and to improve the reporting to Congress and the other senior U.S. decision makers, the development of an information technology (IT) management reporting system was initiated by the Project and Contracting Office (PCO) in mid-2004. By mid-2005 the IT system was only partially operational and was not being utilized by all of the agencies receiving IRRF funds. In September 2005, the U.S. Army Corps of Engineers, Gulf Region Division (GRD) and PCO officials briefed the Iraq Reconstruction Management Office (IRMO) Director on a recommended solution requiring consolidation of information from multiple data sources into a single database. The proposed integrated U.S. government IT solution was named the Iraq Reconstruction Management System (IRMS). GRD-PCO1 is responsible for maintaining the operational and security aspects of IRMS. Ensuring the security and integrity of the data in the computer systems that support critical operations and decision making has never been more important because of concerns about attacks from individuals and groups with malicious intent, including terrorists. These concerns are well founded for a number of reasons, including the dramatic increase in reported computer security incidents, the ease of obtaining and using hacking tools, and the steady advance in the sophistication and effectiveness of attack technology.

Document Details

Document Type

Technical Report

Publication Date

Apr 28, 2006

Accession Number

ADA517165

Entities

Tags