A new audit report released by the Treasury Department’s Office of Inspector General (OIG) has found deficiencies in the agency’s IT controls related to cash management and federal debt information systems.
The audit report – dated Dec. 30, 2020, and covering Fiscal Years 2019 and 2020 – says most of the IT problems were found in the agency’s cash management systems, including nine unresolved or new issues with that management system. The audit also provides an update on how the Internal Revenue Service (IRS) is doing on modernizing its IT systems during the coronavirus pandemic.
“The Bureau of the Fiscal Service (Fiscal Service) relies on many information systems to manage government-wide cash and the federal debt. Fiscal Service made progress towards remediating prior-year information system control deficiencies,” the report says. “However, Fiscal Service had unresolved and newly identified control deficiencies related to its general information technology controls over the government-wide cash and federal debt information systems.”
Among the shortfalls noted in the cash management system, the OIG audit cites that Fiscal Service “did not provide reasonable assurance” that accounts were reviewed for compliance purposes, that systems were safe from unauthorized changes or losses, and that any potential security liabilities were investigated and fixed or addressed in a timely manner.
While Fiscal Service is doing comparatively better at taking corrective actions on the Federal debt information systems side, the audit still found cases where corrective actions did not go far enough to address vulnerabilities. The audit says that further details and recommendations will be provided to management at a later date.
The report does give IRS credit for IT improvements and modernization undertaken in FY2020. IRS was able to save $6 million in “technical refresh costs” by migrating an HR system to the cloud, and also retired a legacy statistical analysis system used by the Office of Tax Policy, the OIG report says.
“While operating in a pandemic environment, Treasury remains focused on improving cyber and organizational preparedness despite ongoing resource limitations,” the report says.