Management and Internal Control Program
FMFIA requires agencies to establish internal control and financial systems that provide reasonable assurance that the three objectives of internal control are achieved:
FMFIA requires that the head of the agency, based on evaluation, provide an annual Statement of Assurance on whether the agency has met these requirements. OMB Circular A-123, Management’s Responsibility for Internal Control, implements FMFIA and defines management’s responsibility for internal controls in federal agencies. FMFIA also requires agencies to establish internal controls over their programs, financial reporting and financial management systems. To help meet the requirements of FMFIA, GSA conducts internal control reviews of Agency programs to ensure that internal controls are identified, documented, tested and evaluated, and that weaknesses are corrected in a timely and effective manner. Management also has in place an effective audit follow-up system to ensure that audit findings are responded to in a timely and effective manner, and corrective action plans are implemented. In addition to these activities, GSA managers provide assurance on the effectiveness of the internal controls over operations, management systems and financial reporting for FY 2009 with consideration to all internal and external reviews of the Agency.
In FY 2009, GSA continued to strengthen management practices and internal controls to assure the integrity of its programs, operations, and business and financial management systems. GSA has fully embraced as the foundation of effective management operations and continues to meet the requirements of:
During this fiscal year, GSA management emphasized the need to coordinate and leverage reviews and evaluations to reduce redundancy. This coordinated and risk-based effort achieved benefits by leveraging existing core competencies, reducing duplicative reviews, increasing compliance with all applicable laws and regulations, and reducing the internal control review burden on all GSA programs and operations.
GSA continued to make significant strides in addressing its information technology (IT) significant deficiency, “Strengthen Segregation of Duties, Account Management, and Activity Monitoring Controls.” Additional actions will be taken to work toward remediation of this condition during FY 2010. Improvements were also achieved with respect to conducting system control reviews, improving financial systems integration for financial management systems and strengthening compliance with FISMA requirements.
For example, beginning in FY 2009, the Procurement Management Review (PMR) team collaborated with the Office of the Chief Financial Officer’s (OCFO) A-123 Internal Control Review team to simultaneously conduct the financial and acquisition reviews in several regions. A portion of PMR review efforts assessed the effectiveness of the specific control deficiencies identified by GSA’s external auditors, and PMR reviews evolved from comprehensive compliance-based reviews to risk-based reviews of procurement controls. By analyzing activities from an acquisition and financial perspective, GSA addressed control issues that involved both financial and acquisition functions. As these reviews are completed, all review results are presented to management, through the GSA Management Control and Oversight Committee and the Senior Assessment Team, as the basis for determining management assurances. Deficiencies identified through the PMR reviews are tracked through a database application and monitored for timely resolution.
GSA has made significant progress in validating balances in its budgetary accounts. Although vast improvement has been made in resolving unfilled customer orders and unliquidated obligations, incidences of invalid amounts in the Public Buildings Service (PBS) still remain. Improvement of these processes continues, and management is monitoring corrective actions. Accordingly, GSA can provide reasonable assurance that its internal controls over financial reporting are operating effectively, and no material weakness exists in the design or operation of internal control over financial reporting.
GSA was authorized $5.9 billion from the Recovery Act. Due to increased Agency spending, GSA has developed and implemented risk assessments and internal controls methodologies to ensure Recovery Act funds are awarded and distributed in a prompt, fair and reasonable manner. Moreover, GSA is ensuring that use of all Recovery Act funds is transparent to the public, and public benefits of these funds are reported clearly, accurately and in a timely manner.