Shows & Panels
Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- American Readiness: Renewable Power and Efficiency Technologies
- Ask the CIO
- Building the Hybrid Cloud
- Connected Government: How to Build and Procure Network Services for the Future
- Continuing Diagnostics and Mitigation: Discussion of Progress and Next Steps
- Federal Executive Forum
- Federal News Radio's National Cyber Security Awareness Month Special Panel Discussion
- Federal Tech Talk
- The Future of Government Data Centers
- The Future of IT: How CIOs Can Enable the Service-Oriented Enterprise
- Government Perspectives on Mobility and the Cloud
- The Intersection: Where Technology Meets Transformation
- Maximizing ROI Through Data Center Consolidation
- Mitigating Insider Threats in Virtual & Cloud Environments
- Modern Mission Critical Series
- The New Generation of Database
- Reimagining the Next Generation of Government
- Targeting Advanced Threats: Proven Methods from Detection through Remediation
- Transformative Technology: Desktop Virtualization in Government
- The Truth About IT Opex and Software Defined Networking
- Air Traffic Management Transformation Report
- Cloud First Report
- General Dynamics IT Enterprise Center
- Gov Cloud Minute
- Government in Technology Series
- Homeland Security Cybersecurity Market Report
- National Cybersecurity Awareness Month
- Technology Insights
- The Cyber Security Report
- The Next Generation Cyber Security Experts
Shows & Panels
DoD IG finds audits at DISA fall short of government standards
Monday - 8/13/2012, 5:39am EDT
Internal auditors at the Defense Information Systems Agency have significant problems with meeting the federal government's standards — significant enough to cause the Pentagon's own audit agency to issue a grade of "fail" in a recent review.
The findings come from the audit policy and oversight branch of the Defense Department's inspector general, which examined several of DISA's recent internal audits and interviewed staff. The DoD IG reported the agency's audit organization failed in several respects to comply with both its own auditor's manual and the governmentwide Generally Accepted Government Auditing Standards (GAGAS) often known as the "yellow book."
"The significant deficiencies identified do not provide DISA IG management with reasonable assurance of performing and reporting in conformity with GAGAS in all material aspects. Accordingly, as a result of the significant deficiencies … we are issuing a fail opinion on the DISA IG audit organization's system of quality control," the DoD IG's office wrote in a letter last week to Air Force Lt. Gen. Ronnie Hawkins, DISA's director.
The DoD IG report made public Friday did not call out any specific or glaring inaccuracies in the work DISA's auditors had performed and does not accuse the agency as a whole of mismanaging resources. Indeed, DISA is one of a relative handful of DoD components to have successfully put its financial statements to the scrutiny of outside auditors and come out with a clean opinion.
Rather, it focused on the quality controls that internal government auditors are supposed to have in place in order to ensure they get things right when they reach their conclusions. It found in several cases that DISA's IG does not.
In some cases, staff members were inadequately trained on government accounting standards or the agency's training materials themselves were lacking. In others, the DISA IG's audit organization lacked "professional judgment," the DoD IG found.
"We determined that the DISA IG audit organization did not exercise professional judgment due to the array of noncompliances found in the majority of auditing standards areas including quality control and assurance, supervision, evidence, documentation, reporting, independence, planning and the use and application of GAGAS," auditors wrote.
For instance, audit staff were inadequately supervised. The review found no evidence that supervisors ever reviewed the detailed fieldwork of audit staff before they included information in a final report.
In another example, the DoD IG found DISA's auditors didn't gather sufficient evidence before reaching conclusions. The agency's audit staff was trying to determine whether DISA was complying with acquisition regulations that require the military to register and track purchases of all items according to their Individually Unique Item Identification code (IUID).
"For the IUID audit, 93 percent of the testing results for the second finding were not supported by sufficient and appropriate documentation," the report found.
The DoD IG made five recommendations for improvement. DISA's Inspector General, Kristopher Miltner, agreed with each of them.
DISA, he wrote will make several changes, including:
- Providing in-house training on governmentwide accounting standards
- Adding details about tracking of continuing education requirements to its auditor's handbook
- Ensuring it performs annual reviews of its quality control procedures
- Reevaluating its 180-day goal for completing audits, which the DoD IG suggested could be overly ambitious and might be a factor leading to some of the "yellow book" shortfalls.
This story is part of Federal News Radio's daily DoD Report. For more defense news, click here.