Financial Management: FFMIA Implementation Necessary to Achieve  
Accountability (01-OCT-02, GAO-03-31).				 
                                                                 
The ability to produce the data needed to efficiently and	 
effectively manage the day-to-day operations of the federal	 
government and provide accountability to taxpayers has been a	 
long-standing challenge at most federal agencies. To help address
this challenge, the Federal Financial Management Improvement Act 
of 1996 (FFMIA) requires the 24 Chief Financial Officers Act	 
agencies to implement and maintain financial management systems  
that comply substantially with (1) federal system requirements,  
(2) federal accounting standards, and (3) the U.S. Government	 
Standard General Ledger (SGL). FFMIA also requires GAO to report 
annually on the implementation of the act.			 
-------------------------Indexing Terms------------------------- 
REPORTNUM:   GAO-03-31						        
    ACCNO:   A05219						        
  TITLE:     Financial Management: FFMIA Implementation Necessary to  
Achieve Accountability						 
     DATE:   10/01/2002 
  SUBJECT:   Financial management				 
	     Financial management systems			 
	     Reporting requirements				 
	     Federal agencies					 
	     Performance measures				 
	     Accountability					 
	     Noncompliance					 

                                                                 
Financial Management: FFMIA Implementation Necessary to Achieve  
Accountability (01-OCT-02, GAO-03-31).				 
                                                                 
The ability to produce the data needed to efficiently and	 
effectively manage the day-to-day operations of the federal	 
government and provide accountability to taxpayers has been a	 
long-standing challenge at most federal agencies. To help address
this challenge, the Federal Financial Management Improvement Act 
of 1996 (FFMIA) requires the 24 Chief Financial Officers Act	 
agencies to implement and maintain financial management systems  
that comply substantially with (1) federal system requirements,  
(2) federal accounting standards, and (3) the U.S. Government	 
Standard General Ledger (SGL). FFMIA also requires GAO to report 
annually on the implementation of the act.			 
-------------------------Indexing Terms------------------------- 
REPORTNUM:   GAO-03-31						        
    ACCNO:   A05219						        
  TITLE:     Financial Management: FFMIA Implementation Necessary to  
Achieve Accountability						 
     DATE:   10/01/2002 
  SUBJECT:   Financial management				 
	     Financial management systems			 
	     Reporting requirements				 
	     Federal agencies					 
	     Performance measures				 
	     Accountability					 
	     Noncompliance					 

******************************************************************
** This file contains an ASCII representation of the text of a  **
** GAO Product.                                                 **
**                                                              **
** No attempt has been made to display graphic images, although **
** figure captions are reproduced.  Tables are included, but    **
** may not resemble those in the printed version.               **
**                                                              **
** Please see the PDF (Portable Document Format) file, when     **
** available, for a complete electronic file of the printed     **
** document's contents.                                         **
**                                                              **
******************************************************************
GAO-03-31

a

GAO United States General Accounting Office

Report to Congressional Committees

October 2002 FINANCIAL MANAGEMENT FFMIA Implementation Necessary to
Achieve Accountability

GAO- 03- 31

Why GAO Did This Study

The ability to produce the data needed to efficiently and effectively
manage the day- to- day operations of the federal government and provide
accountability to taxpayers has been a long- standing challenge at most
federal agencies. To help address this challenge, the Federal Financial
Management Improvement Act of 1996 (FFMIA) requires the 24 Chief Financial
Officers Act agencies to implement and maintain financial management
systems that comply substantially with (1) federal systems requirements,
(2) federal accounting standards, and (3) the U. S. Government Standard
General Ledger (SGL). FFMIA also requires GAO to report annually on the
implementation of the act.

October 2002 FINANCIAL MANAGEMENT FFMIA Implementation Necessary to
Achieve Accountability

The full report, including GAO's objectives, scope, methodology, and
analysis is available at www. gao. gov/ cgi- bin/ getrpt? GAO- 03- 31. For
additional information about the report, contact Sally Thompson (202- 512-
9450 or by e- mail at thompsons@ gao. gov).

Highlights of GAO- 03- 31 report to Congressional Committees

What GAO Recommends

GAO reaffirms its prior recommendations that OMB revise its FFMIA audit
testing and reporting guidance including recommendations to

(1) provide a statement of positive assurance when reporting an agency*s
systems to be in substantial compliance with FFMIA, and (2) emphasize the
significance

of agencies* ability to provide cost management information for measuring
the results of program performance. OMB agreed to reconsider revising its
audit guidance once its overall federal financial management policy is
finalized.

United States General Accounting Office

What GAO Found

Since enactment of FFMIA in 1996, agencies have generally continued to
make progress to achieve compliance with the act. At the same time, most
agencies* systems continue to have shortcomings. As shown in the chart
below, audit reports highlight 6 recurring problems that were consistently
reported at 20 agencies whose auditors concluded that systems were not in
compliance with one or more FFMIA requirements.

Problems Reported by Auditors for Fiscal Years 2000 and 2001

Following OMB*s reporting guidance, auditors for the remaining four
agencies provided negative assurance on compliance, meaning that nothing
came to their attention indicating that these agencies* financial
management systems did not meet FFMIA requirements. GAO does not believe
that this type of reporting is sufficient. FFMIA requires the auditor to
state *whether* the agency systems are in substantial compliance, which in
our view, requires the auditor to perform sufficient audit tests to be
able to provide positive assurance.

Agencies have recognized the seriousness of their financial system
problems, and many initiatives are planned or underway to overhaul
financial management systems, including efforts to develop cost management
information which is key to measuring program performance. Increasing
attention from the highest levels of the federal government is being
targeted on improving financial management. The

President*s Management Agenda Fiscal Year 2002 included improved financial
performance as one of the five top governmentwide management goals. The
administration is aggressively pursuing strategies to reform federal
business practices, and has underscored the need for financial management
systems modernization. G A O Accountability Integrity Reliability

Highlights

Page i GAO- 03- 31 FFMIA FY 2001 Results

Contents Letter 1

Results In Brief 2 Background 6 Scope and Methodology 13 Continued System
Weaknesses Impair Financial Management Accountability 15

Crosscutting Reasons for Noncompliance Indicate Serious Problems Remain 17
Auditors Provided Negative Assurance as to Substantial

Compliance 28 Remediation Plans Have Improved 31 Agency Efforts to
Implement New Financial Systems 36 Managerial Cost Information Is Critical
for Implementing the

President*s Management Agenda 40 Increasing Emphasis On Improving
Financial Management from the Highest Levels of Government 43

Conclusions 47 Agency Comments And Our Evaluation 49

Appendixes

Appendix I: Publications in the Federal Financial Management Systems
Requirements Series 51

Appendix II: Statements of Federal Financial Accounting Concepts,
Standards, and Interpretations 52

Appendix III: AAPC Technical Releases 54

Appendix IV: Checklists for Reviewing Systems Under the Federal Financial
Management Improvement Act 55

Appendix V: Comments From the Office of Management and Budget 56

Appendix VI: GAO Contacts and Staff Acknowledgments 57 GAO Contacts 57
Acknowledgments 57

Figures Figure 1: Problems Reported by Auditors for Fiscal Years 2000 and
2001 3 Figure 2: Framework for Providing Accountability and Good

Management Information 8 Figure 3: Agency Systems Architecture 9 Figure 4:
Auditors* FFMIA Determinations for Fiscal Year 2001 16

Contents

Page ii GAO- 03- 31 FFMIA FY 2001 Results

Figure 5: Problems Reported by Auditors for Fiscal Years 2000 and 2001 18
Figure 6: Results of Review of Fiscal Year 2000 Remediation

Plans 33

Abbreviations

AAPC Accounting and Auditing Policy Committee AID Agency for International
Development ARB Activity- Based Budgeting ABC Activity- Based Costing BLM
Bureau of Land Management CFO Chief Financial Officer CIO Chief
Information Officer COTS Commercial Off- the- Shelf DOD Department of
Defense DOT Department of Transportation EPA Environmental Protection
Agency FAA Federal Aviation Administration FAM Financial Audit Manual
FASAB Federal Accounting Standards Advisory Board FEMA Federal Emergency
Management Agency FFMIA Federal Financial Management Improvement Act FFMSR
Federal Financial Management Systems Requirements FHA Federal Housing
Administration FIA Federal Managers* Financial Integrity Act FMS Financial
Management Service GAO General Accounting Office GISRA Government
Information Security Reform Act GMRA Government Management Reform Act GPRA
Government Performance and Results Act GSA General Services Administration
HHS Health and Human Services HUD Housing and Urban Development HUDCAPS
Housing and Urban Development*s Central Accounting and Program System

IFMS Integrated Financial Management System IG Inspector General IRS
Internal Revenue Service IT Information Technology JFMIP Joint Financial
Management Improvement Program

Contents

Page iii GAO- 03- 31 FFMIA FY 2001 Results

MIT Management Improvement Team NASA National Aeronautics and Space
Administration NRC National Regulatory Commission NSF National Science
Foundation OCFO Office of the Chief Financial Officer OMB Office of
Management and Budget OPM Office of Personnel Management PCIE President*s
Council on Integrity and Efficiency SBA Small Business Administration
SFFAC Statements of Federal Financial Accounting Concepts SFFAS Statements
of Federal Financial Accounting Standards SGL Standard General Ledger SSA
Social Security Administration USDA United States Department of
Agriculture

Page 1 GAO- 03- 31 FFMIA FY 2001 Results United States General Accounting
Office

Washington, D. C. 20548 Page 1 GAO- 03- 31 FFMIA FY 2001 Results

A

October 1, 2002 Lett er

The Honorable Joseph I. Lieberman Chairman The Honorable Fred Thompson
Ranking Minority Member Committee on Governmental Affairs United States
Senate

The Honorable Dan Burton Chairman The Honorable Henry A. Waxman Ranking
Minority Member Committee on Government Reform House of Representatives

The ability to produce the data needed to efficiently and effectively
manage the day- to- day operations of the federal government and provide
accountability to taxpayers and the Congress has been a long- standing
challenge at most federal agencies. To address this challenge, the Chief
Financial Officers (CFO) Act of 1990 1 calls for the modernization of
financial management systems, so that the systematic measurement of
performance, the development of cost information, and the integration of

program, budget, and financial information for management reporting can be
achieved. The Federal Financial Management Improvement Act of 1996 (FFMIA)
2 builds on the foundation laid by the CFO Act by emphasizing the need for

agencies to have systems that can generate reliable, useful, and timely
information with which to make fully informed decisions and to ensure
accountability on an ongoing basis. FFMIA requires the 24 major
departments and agencies covered by the CFO Act to implement and

maintain financial management systems that comply substantially with (1)
federal financial management systems requirements, (2) applicable federal
1 Pub. L. No. 101- 576, 104 Stat. 2838 (1990). 2 Title VIII of Public Law
104- 208 is entitled the Federal Financial Management Improvement Act of
1996.

Page 2 GAO- 03- 31 FFMIA FY 2001 Results

accounting standards, 3 and (3) the U. S. Government Standard General
Ledger (SGL) 4 at the transaction level. FFMIA also requires auditors to
report in their CFO Act financial statement audit reports whether the
agencies* financial management systems substantially comply with FFMIA*s
systems requirements. We are required to report annually on the
implementation of the act. This, our sixth annual report, discusses (1)
auditors* FFMIA determinations and widespread systems problems that affect
agency systems* compliance with FFMIA, (2) issues related to auditors
providing negative assurance as to substantial compliance with the act,
(3) agency plans to bring their systems into compliance, (4) agency

efforts to implement new financial management systems and the increasing
importance of managerial cost information, and (5) the impact of the
President*s Management Agenda and the Joint Financial Management

Improvement Program (JFMIP) Principals 5 on improving federal financial
management.

Results In Brief Federal agencies are making progress to address financial
management systems weaknesses. At the same time, the results of the fiscal
year 2001

FFMIA assessments performed by the 24 CFO Act agency inspectors general
(IG) or their contract auditors show that most agencies* financial
management systems continue to have shortcomings. While much more severe
at some agencies than others, the nature and seriousness of the problems
indicate that, generally, agency management does not yet have the full
range of information needed for accountability, performance reporting, and
decision making. Auditors for 20 of the 24 CFO Act agencies reported that
their agencies* financial management systems did not comply substantially
with certain FFMIA requirements. Auditors reported the same six types of
problems in

their fiscal year 2000 audit reports, as highlighted in figure 1. 3 The
American Institute of Certified Public Accountants recognizes the federal
accounting standards promulgated by the Federal Accounting Standards
Advisory Board (FASAB) as generally accepted accounting principles (GAAP).
4 The SGL provides a standard chart of accounts and standardized
transactions that agencies are to use in all their financial systems. 5
The JFMIP Principals are the Secretary of the Treasury, the Directors of
OMB and the Office of Personnel Management (OPM), and the Comptroller
General of the United States.

Page 3 GAO- 03- 31 FFMIA FY 2001 Results

Figure 1: Problems Reported by Auditors for Fiscal Years 2000 and 2001

Source: GAO analysis of agency audit reports for fiscal years 2000 and
2001. We did not independently verify or test the data in the agency audit
reports.

As a result of these problems, most agencies* financial management systems
are not yet able to routinely produce reliable, useful, and timely
financial information. For example, agency financial management systems
are required to produce information on the full cost of programs and
projects. Currently, some agencies are only able to provide cost
accounting information at the end of the year through periodic cost
surveys. Agencies are experimenting with methods of accumulating and
assigning costs to obtain the managerial cost information needed to
enhance programs,

improve processes, establish fees, develop budgets, prepare financial
reports, and report on performance. Auditors for the remaining four
agencies* the Departments of Energy and Labor, the General Services
Administration (GSA), and the Social Security Administration (SSA)*
provided negative assurance in reporting on FFMIA compliance for fiscal
year 2001, meaning that while they do not opine as to

13 16

14 8

12 19

14 13

12 8

14 20

Nonintegrated financial management systems

Inadequatereconciliation procedures Lack of accurate and timely

reporting Noncompliance

with the SGL Lack of

adherence to federal

accounting standards Weak

security over information

systems Agencies

Fiscal year 2000 Fiscal year 2001 0

4 8

12 16

20

Page 4 GAO- 03- 31 FFMIA FY 2001 Results

FFMIA compliance, nothing came to their attention during the course of
their planned procedures indicating that these agencies* financial
management systems did not meet FFMIA requirements. If readers do not
understand the concept of negative assurance, which is the type of
reporting specified in the Office of Management and Budget*s (OMB)

auditing guidance, they may have gained an incorrect impression that these
systems have been fully tested by the auditors and found to be
substantially compliant. Because the act requires auditors to *report
whether* agency systems are substantially compliant, the auditor needs to
provide positive

assurance, which would be a definitive statement as to whether agency
financial management systems substantially comply with FFMIA. To provide
positive assurance, more testing is necessary than that performed

for the purposes of rendering an opinion on the financial statements. In
this regard, OMB has not acted on our prior recommendations, but instead
focused on new initiatives to promote improvements in agency financial
management systems.

To address identified problems, FFMIA requires agencies to prepare
remediation plans describing the actions they took or plan to take to
overcome financial management systems problems and bring them into

FFMIA compliance. At the time of our review, the most current remediation
plans covered problems reported in fiscal year 2000 audit reports. Of the
19 agencies 6 whose systems were reported as not in substantial compliance
during fiscal year 2000, 15 prepared remediation plans. Our review of
these 15 remediation plans showed that, overall, the plans had improved

somewhat over the fiscal year 1999 plans, although some plans still lacked
fundamental elements such as staffing and funding resources required to
complete the proposed corrective actions. A lack of substance in the
plans,

including associating resources to detailed corrective actions, can limit
the likelihood of success in adequately implementing the corrective
actions. To help address our prior recommendations related to inadequate
remediation plans, OMB has implemented a multidisciplinary approach to
provide additional expertise to the review and oversight to agencies*
plans.

Across government, agencies have many efforts underway to implement or
upgrade financial systems to alleviate long- standing problems in
financial management. A number of these agencies are in the implementation
phases 6 Agency management for two of the remaining four agencies did not
prepare remediation plans because they determined that their systems did
substantially comply with FFMIA. The other two agencies did not prepare
remediation plans for fiscal year 2000 for other reasons.

Page 5 GAO- 03- 31 FFMIA FY 2001 Results

of these projects, and other agencies are in the planning and design
phases. Many of these new financial systems are commercial- off- the-
shelf (COTS) packages sold by vendors whose software has been certified 7
by the JFMIP. However, JFMIP*s certification that a vendor*s software
meets many of the core financial management system requirements is just
one of the conditions that must be met before substantial compliance with
FFMIA can be achieved. Increasing attention from the highest levels of the
federal government is being targeted on improving federal financial
management. The President*s

Management Agenda Fiscal Year 2002 included improved financial performance
as one of the five top governmentwide management goals. The administration
is using what it refers to as the Executive Branch Management Scorecard to
highlight agency progress in achieving the management and performance
improvements embodied in the President*s Management Agenda. The JFMIP
Principals have also actively developed short- and long- term strategies
and plans necessary to address many of the financial management problems
across government. For example, the Principals have agreed to criteria for
measuring financial management success, accelerating financial statement
reporting, and restructuring the Federal Accounting Standards Advisory
Board (FASAB). The attention of these top leaders along with OMB*s
continued aggressive pursuit of strategies to reform current federal
business practices have underscored the need for financial management
systems modernization and are

essential to achieving federal financial management reform. We reaffirm
several prior recommendations aimed at enhancing audit guidance and
improving remediation plans. In commenting on a draft of this report, OMB
generally agreed with our overall observations and conclusions that while
many agencies are continuing to make progress, some agencies still have
shortcomings in their financial management systems. Regarding our
recommendation for OMB to change its audit guidance to require a statement
of positive assurance on compliance with FFMIA, OMB stated that it is
currently updating its financial management policy guidance and that once
the update is completed, new performance

and results- based criteria will be used in future FFMIA assessments. OMB
also stated that once its overall financial management policy is
finalized, it 7 Under the auspices of OMB Circular A- 127, JFMIP tests
vendor COTS packages and certifies that they meet certain financial
management system requirements for core financial systems.

Page 6 GAO- 03- 31 FFMIA FY 2001 Results

will reconsider revising its audit guidance to address our recommendation.
With regard to the lack of resource information in agency remediation
plans, OMB agreed that stand- alone remediation plans do not necessarily
contain resource information. However, OMB officials pointed out that
remediation plan information, such as estimates of resources, is included
in agency financial management plans, which are part of agency budget
submissions. We did not have the agency budget submissions and therefore

we could not determine whether the required resource information, not
included in the stand- alone plans, was included in the budget submission
information. Our detailed evaluation of OMB*s comments can be found at the
end of this letter.

Background FFMIA and other financial management reform legislation have
emphasized the importance of improving financial management across the

federal government. The primary purpose of FFMIA is to ensure that agency
financial management systems routinely generate timely, accurate, and
useful information. With such information, government leaders will be
better positioned to invest resources, reduce costs, oversee programs, and
hold agency managers accountable for the way they run government programs.
Financial management systems* compliance with federal financial management
systems requirements, applicable accounting

standards, and the SGL are building blocks to help achieve these goals.
Management Reform Legislation

FFMIA is part of a series of management reform legislation passed by the
Congress over the past 2 decades. This series of legislation started with
31 U. S. C. 3512 (c),( d), (the Federal Managers* Financial Integrity Act
of 1982 (FIA)), which the Congress passed to strengthen internal controls
and

accounting systems throughout the federal government, among other
purposes. Issued pursuant to FIA, the Comptroller General*s Standards for
Internal Control in the Federal Government 8 provides the standards that
are directed at helping agency managers implement effective internal
control, an integral part of improving financial management systems.
Internal control is a major part of managing an organization and comprises
the plans, methods, and procedures used to meet missions, goals, and
objectives. In summary, internal control, which under OMB*s guidance for 8
U. S. General Accounting Office, Standards for Internal Control in the
Federal

Government, GAO/ AIMD- 00- 21. 3 (Washington, D. C.: November 1999).

Page 7 GAO- 03- 31 FFMIA FY 2001 Results

FIA is synonymous with management control, helps government program
managers achieve desired results through effective stewardship of public
resources. Effective internal control also helps in managing change to
cope with shifting environments and evolving demands and priorities. As
programs change and agencies strive to improve operational processes and
implement new technological developments, management must continually
assess and evaluate its internal control to ensure that the control
activities being used are effective and updated when necessary. While
agencies had achieved some success in identifying and correcting material
internal control and accounting system weaknesses, their efforts to
implement the FIA had not produced the results intended by the Congress.

Therefore, in the 1990s, the Congress passed additional management reform
legislation to improve the general and financial management of the federal
government. As shown in figure 2, the combinations of reforms ushered in
by the (1) CFO Act, (2) Government Management Reform Act (GMRA) of 1994,
(3) FFMIA, (4) Government Performance and Results Act

of 1993 (GPRA), and (5) Clinger- Cohen Act of 1996, if successfully
implemented, provides a basis for improving accountability of government
programs and operations as well as routinely producing valuable cost and
operating performance information, thereby making it possible to better
assess and improve the government*s effectiveness, financial condition,
and operating performance.

Page 8 GAO- 03- 31 FFMIA FY 2001 Results

Figure 2: Framework for Providing Accountability and Good Management
Information Source: GAO.

Financial Management Systems Requirements

The policies and standards prescribed for executive agencies to follow in
developing, operating, evaluating, and reporting on financial management
systems are defined in OMB Circular A- 127, Financial Management Systems.
Circular A- 127 references the series of publications entitled Federal
Financial Management Systems Requirements (FFMSR), issued by JFMIP as the
primary source of governmentwide requirements for financial management
systems. JFMIP systems requirements, among other things,

provide a framework for establishing integrated financial management
systems to support program and financial managers. JFMIP*s Framework for
Federal Financial Systems, issued in 1995,

identified multiple components of a financial management system. The
components of an integrated financial management system include the core
financial system, managerial cost accounting system, and numerous
programmatic and administrative systems. Figure 3 is the JFMIP model that
illustrates how these systems interrelate in an agency*s overall systems

architecture.

Management Reform Legislation

CFO Act Clinger- Cohen

GMRA FFMIA

GPRA

Accountability and good management information Provides

impetus for

Strong financial management that provides reliable, timely,

and useful information for decision makers Yield Fully integrated
financial

management systems Reliable, timely financial statements

Effective internal control FIA

Page 9 GAO- 03- 31 FFMIA FY 2001 Results

Figure 3: Agency Systems Architecture

Source: JFMIP.

When FFMIA was enacted in 1996, JFMIP had issued requirement documents for
the core financial system and six subsidiary systems. However, several of
these documents needed updating to recognize

recently enacted laws and regulatory revisions. Since 1998, JFMIP has been
engaged in an intensive effort to update its system requirements
documents. In November 2001, JFMIP updated its Core Financial System
Requirements, previously issued in 1999. These requirements were

clarified in some areas; new requirements were added to capture full cost
and revenue to unique cost objects along with enhancing daily internal
reports requirements. The updated requirements document is the basis of
the redevelopment of the JFMIP core software qualification test. JFMIP is
currently partnering with the CFO and Chief Information Officer (CIO)
Councils to update its Framework for Federal Financial Management Systems.
JFMIP also has a project underway to update the Inventory System
Requirements document. Appendix I lists the current publications

in the FFMSR series and their issue dates.

Page 10 GAO- 03- 31 FFMIA FY 2001 Results

JFMIP helps ensure that financial management system requirements and the
vendor software remain aligned by testing vendor COTS packages for core
financial systems and certifying that these packages meet certain core
financial management system requirements. OMB policy requires that
agencies acquiring core financial management systems use software that has
been certified by JFMIP. Under the JFMIP testing process, software

products are certified for 3 years and must then be retested by JFMIP.
Other factors that affect FFMIA compliance include how the software
package works in the agency*s environment, whether any customization is
made to the software, the success of converting data from legacy systems
to new systems, and the quality of transaction data in the feeder systems.
Federal Accounting Standards

FASAB 9 promulgates federal accounting standards that agency CFOs use in
developing financial management systems and preparing financial
statements. FASAB develops the appropriate accounting standards after
considering the financial and budgetary information needs of the Congress,
executive agencies, and other users of federal financial information and
comments from the public. FASAB forwards the standards to the three
Principals* the Comptroller General, the Secretary of the Treasury, and
the Director of OMB* for a 90- day review. If there are no objections
during the review period, the standards are considered final and FASAB
publishes them on its Web site and in print.

The American Institute of Certified Public Accountants has recognized the
federal accounting standards promulgated by FASAB as being generally
accepted accounting principles for the federal government. This
recognition enhances the acceptability of the standards, which form the
foundation for preparing consistent and meaningful financial statements
both for individual agencies and the government as a whole.

Currently, there are 22 statements of federal financial accounting
standards (SFFAS) and 3 statements of federal financial accounting
concepts 9 In October 1990, the Secretary of the Treasury, the Director of
OMB, and the Comptroller General established FASAB to develop a set of
generally accepted accounting standards for the federal government.
Effective July 1, 2002, FASAB is comprised of six nonfederal or public
members and representatives of the three Principals.

Page 11 GAO- 03- 31 FFMIA FY 2001 Results

(SFFAC). 10 The concepts and standards are the basis for OMB*s guidance to
agencies on the form and content of their financial statements and for the
government*s consolidated financial statements. Appendix II lists the
concepts, standards, and interpretations 11 along with their respective
effective dates.

FASAB*s Accounting and Auditing Policy Committee (AAPC) 12 assists in
resolving issues related to the implementation of accounting standards.
AAPC*s efforts result in guidance for preparers and auditors of federal
financial statements in connection with implementation of accounting
standards and the reporting and auditing requirements contained in OMB*s

Form and Content of Agency*s Financial Statements Bulletin and Audit
Requirements for Federal Financial Statements Bulletin. To dat e, AAPC has
released five technical releases, which are listed in appendix III along
with their release dates. Standard General Ledger The SGL was established
by an interagency task force under the direction

of OMB and mandated for use by agencies in OMB and Treasury regulations in
1986. The SGL promotes consistency in financial transaction processing and
reporting by providing a uniform chart of accounts and pro forma
transactions used to standardize federal agencies* financial information
accumulation and processing throughout the year, enhance financial
control, and support budget and external reporting, including financial

statement preparation. The SGL is intended to improve data stewardship
throughout the government, enabling consistent reporting at all levels
within the agencies and providing comparable data and financial analysis
at the governmentwide level. 13 10 Accounting standards are authoritative
statements of how particular types of transactions and other events should
be reflected in financial statements. SFFACs explain the objectives and
ideas upon which FASAB develops the standards.

11 An interpretation is a document of narrow scope that provides
clarifications of original meaning, additional definitions, or other
guidance pertaining to an existing federal accounting standard. 12 In
1997, FASAB, in conjunction with OMB, Department of the Treasury
(Treasury), GAO, the CFO Council, and the President*s Council on Integrity
and Efficiency, established AAPC to assist the federal government in
improving financial reporting.

13 SGL guidance is published in the Treasury Financial Manual. Treasury*s
Financial Management Service is responsible for maintaining the SGL and
answering agency inquiries.

Page 12 GAO- 03- 31 FFMIA FY 2001 Results

Remediation Plans FFMIA requires an agency head to determine, based on a
review of the auditor*s report on the agency*s financial statements and
any other relevant information, whether the agency*s financial management
systems

substantially comply with the act. The agency head is required to make
this determination no later than 120 days after (1) the receipt of the
auditor*s report or (2) the last day of the fiscal year following the year
covered by the audit, whichever comes first. If the agency head disagrees
with the auditor*s determination that the systems do not substantially
comply, the Director of OMB is to review the agency head*s determination
and report to the appropriate committees of the Congress. If the agency
head agrees that the systems do not substantially comply, FFMIA requires
that the agency head, in consultation with the Director of OMB, establish
a remediation

plan to bring the systems into substantial compliance with FFMIA*s
requirements.

According to FFMIA, the remediation plans should include the corrective
actions, intermediate target dates, and resources necessary to bring
financial systems into substantial compliance with FFMIA*s requirements
within 3 years of the date the agency head*s noncompliance determination

is made. 14 If, with concurrence of the Director of OMB, the agency head
determines that substantial compliance cannot be attained within 3 years,
the remediation plan must specify the most feasible date by which the
agency*s systems will achieve compliance and designate an official
responsible for effecting the necessary corrective actions. In accordance
with the revisions to OMB guidance contained in Circular A11,

Preparation, Submission, and Execution of the Budget, issued June 27,
2002, agencies are required to include their remediation plans in their
annual budget submissions due to OMB by September 9, 2002. The guidance
requires that the plans include corrective actions, resources

needed, and interim target dates to bring the financial management systems
into substantial compliance within 3 years of the date of the agencies*
determination that their systems are not in substantial compliance. The
plan must also list the officials responsible for bringing

14 Fiscal year 2000 remediation plans, addressing instances of
noncompliance with FFMIA identified in financial statement audits reports
covering fiscal year 2000, were due to OMB by September 10, 2001.
Remediation plans addressing instances of noncompliance identified in the
fiscal year 2001 financial statement audit reports were not due to OMB
until September 9, 2002. Therefore, in reviewing remediation plans, we
reviewed the fiscal year 2000 plans.

Page 13 GAO- 03- 31 FFMIA FY 2001 Results

the systems into substantial compliance with FFMIA. Agency remediation
plans are included in agency budget submissions and subject to change. OMB
considers these budget submissions predecisional and therefore not public
documents.

OMB Guidance Related to FFMIA

OMB sets governmentwide financial management policies and requirements and
currently has two sources of guidance related to FFMIA. First, OMB
Bulletin No. 01- 02, Audit Requirements for Federal Financial Statements,
dated October 16, 2000, prescribes specific language auditors should use
when reporting on an agency system*s substantial compliance with FFMIA.
Specifically, this guidance calls for auditors to provide negative
assurance when reporting on an agency system*s FFMIA compliance. Second,
in a January 4, 2001, Memorandum, Revised

Implementation Guidance for the Federal Financial Management Improvement
Act, OMB provided guidance for agencies and auditors to use in assessing
substantial compliance. The guidance describes the factors that should be
considered in determining whether an agency*s systems are in compliance
with FFMIA

and provides guidance to agency heads to assist in developing corrective
action plans for bringing their systems into compliance with FFMIA. There
are examples included in the guidance on the types of indicators that
should be used as a basis in assessing whether an agency*s systems are in
substantial compliance with FFMIA. Scope and Methodology

We reviewed fiscal year 2001 financial statement audit reports for the 24
CFO Act agencies to determine (1) which agencies had systems that their
auditors found to be noncompliant with FFMIA requirements, (2) the

reasons why the systems were found to be noncompliant, and (3) the type of
assurance the auditors provided. We did not independently verify or test
the data in the agency audit reports. Using structured interviews, we

interviewed auditors and agency management for 7 CFO Act agencies 15 to
obtain their perspectives on FFMIA implementation. These 7 agencies
included 4 in which the auditors provided negative assurance in reporting
15 The seven agencies selected were the Departments of Energy and Labor,
the General Services Administration (GSA), the National Aeronautics and
Space Administration (NASA), the National Science Foundation (NSF), the
Small Business Administration, and the Social Security Administration.

Page 14 GAO- 03- 31 FFMIA FY 2001 Results

on FFMIA compliance for fiscal year 2001. We also interviewed officials at
3 other agencies in which the auditors provided negative assurance for
fiscal year 2000 but reported the agencies* systems to be in noncompliance
for fiscal year 2001. For these 7 agencies, we also reviewed the auditors*
FFMIA workpapers to assess the nature and extent of FFMIA testing. We also
reviewed the auditors* reports and contacted respective agencies, as
needed, to identify agency management FFMIA determinations for the 24 CFO
Act agencies.

We reviewed the guidance for preparing remediation plans for fiscal year
2000 contained in the revisions to OMB Circular A- 11, Preparation,
Submission, and Execution of the Budget. We reviewed agencies* fiscal year
2000 remediation plans 16 to determine if they contained the required

elements and if the proposed corrective actions addressed were adequately
detailed if implemented satisfactorily, to resolve the reported instances
of noncompliance with FFMIA. We compared the fiscal year 2000 plans to the
remediation plans submitted for fiscal year 1999 to determine if any of
the plans had improved. Because agency remediation plans are included in
agency budget submissions, OMB considers the plans predecisional and
therefore not public documents. We did not have the agencies* complete
budget submissions to determine whether they provided more details than
were available in the stand- alone agency remediation plans.

We conducted our work from January through August 2002 at the CFO Act
agencies, OMB, and JFMIP in the Washington, D. C., area in accordance with
generally accepted government auditing standards. We requested comments on
a draft of this report from the Director of OMB or his designee. These
comments are discussed in the *Agency Comments and Our Evaluation* section
and reprinted in appendix V. We also requested

oral comments from selected agency and IG officials whose financial
management systems or audit procedures are specifically discussed in the
report. We received oral comments from 4 agency and 3 IG officials of an
editorial and technical nature. Specifically, we received oral comments
from the Departments of Agriculture (Agriculture) and Commerce, Office of
Personnel Management, and SSA agency officials, and from Agriculture,

Department of the Interior (Interior), and Nuclear Regulatory Commission
16 The fiscal year 2000 remediation plans were the most recently available
documents since the plans for responding to issues identified for fiscal
year 2001 were not due to OMB until September 9, 2002.

Page 15 GAO- 03- 31 FFMIA FY 2001 Results

(NRC) IG officials. These comments have been incorporated as appropriate.

Continued System Weaknesses Impair Financial Management Accountability

Many agencies still do not have reliable, useful, and timely financial
information, including cost data, with which to make informed decisions
and help ensure accountability on an ongoing basis. While agencies are
undeniably making progress in addressing their financial management
systems weaknesses, most agency systems are still not substantially in
compliance with FFMIA*s requirements. IGs and their contract auditors
reported for fiscal year 2001 that the systems of 20 of the 24 CFO Act
agencies did not substantially comply with at least one of FFMIA*s three
requirements* federal financial management systems requirements,
applicable federal accounting standards, or the SGL. For fiscal year 2001,
7 agencies were reported not to be in substantial compliance with all
three FFMIA requirements. Figure 4 summarizes the auditors* determinations
regarding how many of the 24 CFO Act agencies were reported as not in
substantial compliance with each of the three FFMIA requirements.

Page 16 GAO- 03- 31 FFMIA FY 2001 Results

Figure 4: Auditors* FFMIA Determinations for Fiscal Year 2001

Note: Management for 22 of the 24 agencies agreed with their auditors'
FFMIA determinations. Management for 2 agencies-- the Environmental
Protection Agency (EPA) and the National Science Foundation (NSF)-- did
not agree with their auditors' determinations. EPA management disagreed
with the IG's determination that EPA was noncompliant with SFFAS No. 4
because EPA did not comply with the requirements to provide cost per
output to management in a timely fashion. NSF management disagreed with
its auditors that several weaknesses in its agency security over
information systems rendered NSF noncompliant with OMB Circular A- 130,
and therefore FFMIA. Source: GAO analysis of agency audit reports. We did
not independently verify or test the data in the agency audit reports.
While more CFO Act agencies have obtained clean or unqualified audit

opinions on their financial statements, there is little evidence of marked
improvements in agencies* capacities to create the full range of
information needed to manage day- to- day operations. The number of
unqualified opinions has been increasing over the past 5 years, from 11 in
fiscal year 1997 to 18 for fiscal years 2000 and 2001. This increase in
unqualified audit

opinions generally results from monumental efforts in which agencies
expend significant resources simply to prepare auditable financial
statements. While the increase in unqualified opinions is noteworthy, the
number of agencies for which auditors provided negative assurance of FFMIA
compliance has remained relatively constant throughout this same period.
When more agencies receive clean opinions, expectations are System

requirements Accounting

standards SGL Agencies not in compliance

0 5

10 15

20 19 14

8

Page 17 GAO- 03- 31 FFMIA FY 2001 Results

raised that the government has sound financial management and can produce
reliable, useful, and timely information on demand throughout the year,
whereas FFMIA assessments offer a different perspective. Crosscutting
Reasons

for Noncompliance Indicate Serious Problems Remain Based on our review of
the fiscal year 2001 audit reports for the 20 agencies reported to have
systems not in substantial compliance with one or more of FFMIA*s three
requirements, we identified six primary reasons related to FFMIA
noncompliance. The weaknesses reported by the auditors, which

are grouped into the following categories, ranged from serious, pervasive
systems problems to less serious problems that may affect one aspect of an
agency*s accounting operation:

 nonintegrated financial management systems,

 inadequate reconciliation procedures,

 lack of accurate and timely recording of financial information,

 noncompliance with the SGL,

 lack of adherence to federal accounting standards, and

 weak security controls over information systems. Figure 5 shows the
relative frequency of these problems at the 20 agencies reported to have
noncompliant systems and the problems relevant to FFMIA that were reported
by their auditors. The same six types of problems were cited by auditors
in their fiscal year 2000 audit reports, as highlighted in figure 5.
However, the auditors may not have reported these problems as specific
reasons for lack of substantial compliance with FFMIA. We caution that the
degree of noncompliance in a particular category may be even greater
because auditors reporting FFMIA

noncompliance may not have included all problems in their reports. As we
discuss later, the FFMIA testing may not be comprehensive and other
problems may exist that were not identified and reported. For some
agencies, the problems are so serious and well known that the auditor can
readily determine that the systems lack substantial compliance without
examining every facet of FFMIA compliance.

Page 18 GAO- 03- 31 FFMIA FY 2001 Results

Figure 5: Problems Reported by Auditors for Fiscal Years 2000 and 2001

Source: GAO analysis of agency audit reports for fiscal year 2001. We did
not independently verify or test the data in the agency audit reports.

Nonintegrated financial management systems

The CFO Act calls for agencies to develop and maintain an integrated
accounting and financial management system 17 that complies with federal
systems requirements and provides for (1) complete, reliable, consistent,

and timely information that is responsive to the financial information
needs of the agency and facilitates the systematic measurement of
performance, (2) the development and reporting of cost information, and
(3) the integration of accounting, budgeting, and program information. In
this 13

16 14

8 12

19 14

13 12

8 14

20

Nonintegrated financial management systems

Inadequatereconciliation procedures Lack of

accurate and timely reporting

Noncompliance with the SGL

Lack of adherence to federal accounting standards

Weak security over

information systems Agencies

Fiscal year 2000 Fiscal year 2001 0

4 8

12 16

20

17 Federal financial system requirements define an integrated financial
system as one that coordinates a number of previously unconnected
functions to improve overall efficiency and control. Characteristics of
such a system include (1) standard data classifications for recording
financial events, (2) common processes for processing similar
transactions, (3) consistent control over data entry, transaction
processing, and reporting, and (4) a system design that eliminates
unnecessary duplication of transaction entry.

Page 19 GAO- 03- 31 FFMIA FY 2001 Results

regard, OMB Circular A- 127, Financial Management Systems, requires
agencies to establish and maintain a single integrated financial
management system that conforms with functional requirements published by
JFMIP.

An integrated financial system coordinates a number of functions to
improve overall efficiency and control. For example, integrated financial
management systems are designed to avoid unnecessary duplication of
transaction entry and greatly lessen reconciliation issues. With
integrated systems, transactions are entered only once and are available
for multiple purposes or functions. Moreover, with an integrated financial
management system, an agency is more likely to have reliable, useful, and
timely financial information for day- to- day decision making as well as
external reporting.

Agencies that do not have integrated financial management systems
typically must expend major effort and resources, including in some cases
hiring external consultants, to develop information that their systems
should be able to provide on a daily or recurring basis. In addition,
opportunities for errors are increased when agencies* systems are not
integrated. Agencies with nonintegrated financial systems are more likely
to be required to devote more resources to collecting information than
those with integrated systems. OMB*s accelerated reporting dates for

agency performance and accountability reports 18 may make such efforts and
devotion of resources unsustainable in the long term. As a result, many
agencies must accelerate their efforts to improve underlying financial
management systems and controls, which is consistent with reaching the

financial management success measures envisioned by the President*s
Management Agenda and the JFMIP Principals.

Auditors frequently mentioned the lack of modern, integrated financial
management systems in their fiscal year 2001 audit reports. As shown in
figure 5, auditors for 14 of the 20 agencies with noncompliant systems
reported this as a problem. For example, the Department of Education*s
(Education) lack of a fully integrated financial management system
seriously affected its ability to accumulate, analyze, and present
reliable financial information. According to its auditors, Education
compiled its fiscal year 2001 financial statements through a multistep
process that 18 Agency performance and accountability reports include the
audit report and the audited financial statements.

Page 20 GAO- 03- 31 FFMIA FY 2001 Results

includes both manual and automated procedures, which increases the risk of
errors in the departmentwide financial statements. These manual processes
can lead to errors that may affect current and prior fiscal years. For
example, Education recorded numerous restatements and reclassifications of
prior fiscal year financial statement balances based on its extensive
analysis of certain general ledger balances in an effort to resolve errors
that existed in past years. While the auditors noted that some

of the entries to correct or reclassify amounts resulted from Education*s
extensive analysis, the identification of these errors reinforces concerns
about Education*s lack of an integrated financial management system.
According to the auditors, Education processed and approved adjustments to
correct or reclassify amounts that were later discovered to be erroneous.

As a result, additional manual adjustments were needed to correct these
new errors, which cast doubt on the sufficiency of the process for
reviewing and approving adjustments. To focus attention on long- standing
financial management issues, the Secretary of Education created a
Management Improvement Team (MIT). The MIT*s goals include addressing
outstanding recommendations related to the financial statement audits and
ensuring an environment with effective internal controls. The Education IG
noted that the MIT has identified corrective actions for improving the
department*s programs and operations.

Inadequate reconciliation procedures A reconciliation process, even if
performed manually, is a valuable part of a

sound financial management system. In fact, the less integrated the
financial management system, the greater the need for adequate
reconciliations because data for the same transaction may be separately
entered in multiple systems, causing the risk of errors to be greater. For
example, according to its auditors, the Agency for International
Development (AID) must place a greater reliance on processes like

reconcilations because it lacks an integrated system. Reconciliation
procedures are a control necessary to maintain and substantiate the
accuracy of the data reported in an agency*s financial statements and
reports. The Comptroller General*s Standards for Internal Control in the
Federal Government highlights reconciliation as a key control activity. As
shown in figure 5, auditors for 13 of the 20 agencies with noncompliant

systems reported that the agencies had reconciliation problems, including
difficulty reconciling their fund balance with Treasury accounts 19 with
19 Agencies record their budget spending authorizations in their fund
balance with Treasury accounts. Agencies increase or decrease these
accounts as they collect or disburse funds.

Page 21 GAO- 03- 31 FFMIA FY 2001 Results

Treasury*s records. Treasury policy requires agencies to reconcile their
accounting records with Treasury records monthly, which is comparable to
individuals reconciling their checkbooks to their monthly bank statements.
However, such reconciliations were not being routinely performed. For

example, during fiscal year 2001 some of the fund balances with Treasury
for the Department of State (State) did not reconcile with Treasury*s fund
balance amounts. State*s auditors reported that the absolute difference 20
between State*s and Treasury*s balances as of September 30, 2001, was
about $131 million. State*s auditors noted that while progress had been
made in reducing the net difference between State*s and Treasury*s
records, weaknesses in the reconciliation process still remained,
particularly affecting older fund balances. The auditors recommended that
State

reexamine its reconciliation processes and also assess whether adjustments
should be made to its records.

Inadequate reconciliation procedures also complicate the identification
and elimination of intragovernmental transactions, which is one of the
principal reasons we continue to disclaim on the government*s consolidated
financial statements. As we testified in April 2002, 21 agencies have not
reconciled intragovernmental balances with their trading partners 22 and,
as a result, information reported to Treasury is not reliable.

For several years, OMB and Treasury have required the CFO Act agencies to
reconcile selected intragovernmental activity and balances with their
trading partners. However, numerous agencies did not fully perform these
reconciliations for fiscal year 2000. Beginning with fiscal year 2001, OMB
and Treasury required agency CFOs to report on the extent and results of
intragovernmental activity reconciliation efforts. The IGs reviewed these
reports and communicated the results to OMB, Treasury, and GAO. IGs

reported that the required reconciliations for fiscal year 2001 were not
fully performed, citing reasons such as (1) trading partners not providing
needed data, (2) limitations and incompatibility of agency and trading

partner systems, and (3) human resource issues. For fiscal years 2001 and
2000, amounts reported for certain intragovernmental accounts were 20
Absolute differences are computed with all numbers considered to be
positive numbers. 21 U. S. General Accounting Office, U. S. Government
Financial Statements: FY 2001 Results

Highlight the Continuing Need to Accelerate Federal Financial Management
Reform,

GAO- 02- 599T (Washington, D. C.: Apr. 9, 2002). 22 Trading partners are
U. S. government agencies, departments, or other components that do
business with each other.

Page 22 GAO- 03- 31 FFMIA FY 2001 Results

significantly out of balance. OMB has proposed *business rules* for
certain types of intragovernmental transactions. The continued involvement
of OMB and the CFO Act agencies will be critical to resolving this issue.

Lack of accurate and timely recording of financial information Accurate
and timely recording of financial information is key to successful
financial management. Timely recording of transactions can facilitate
accurate reporting in agencies* financial reports and other management

reports that are used to guide managerial decision making. The Comptroller
General*s Standards for Internal Control in the Federal Government states
that transactions should be promptly recorded to maintain their relevance
and value to management in controlling operations and making decisions. As
shown in figure 5, auditors for 12 of the 20 agencies with noncompliant
systems found that agencies did not

record transactions in the general ledger in an accurate and timely
manner. The lack of timely transaction recording can also result in the
use of inaccurate information for decision making. For example, auditors
for six agencies reported that unliquidated obligations 23 were not
deobligated in a timely manner due to the lack of procedures for reviewing
unliquidated obligations or the failure to follow prescribed procedures.
Agency failure to deobligate funds in a timely manner may result in the
loss of the use of those funds. For example, auditors for the Department
of Transportation

(DOT) identified about $293 million of obligations that were no longer
needed and could be used for other valid purposes or returned to the U. S.
Treasury. Untimely transaction recording during the fiscal year can also
result in substantial efforts at fiscal year- end to perform extensive
manual financial statement preparation efforts that are susceptible to
error and increase the risk of misstatements. For example, auditors
reported that Department of Justice (Justice) components did not perform
their accrual- based financial transaction processing on an ongoing basis.
Auditors for two components, the Drug Enforcement Administration and the
Offices, Boards, and

Divisions, stated that the financial statement preparation effort must be
a componentwide effort, involving all program budget and administrative
offices. Gathering financial data only at year- end does not provide
adequate time to analyze transactions or account balances. Without time to
perform these analyses, misstated or unsupported financial statement
account 23 The value of goods and services ordered and obligated which
have not been paid.

Page 23 GAO- 03- 31 FFMIA FY 2001 Results

balances can occur. Further, it impedes management*s ability throughout
the year to have timely and useful information for decision making.
Noncompliance with the SGL Implementing the SGL at the transaction level
is one of the specific

requirements of FFMIA. However, as shown in figure 5, auditors for 8 of
the 20 noncompliant agencies reported that the agencies* systems did not
comply with SGL requirements. The SGL promotes consistency in financial
transaction processing and reporting by providing a uniform chart of

accounts and pro forma transactions. It also provides a basis for
comparison at the agency and governmentwide levels. These defined accounts
and pro forma transactions are used to standardize the accumulation of
agency financial information, as well as enhance financial control and
support financial statement preparation and other external

reporting. By not implementing the SGL, agencies are challenged to provide
consistent financial information across their component agencies and
functions. For example, auditors for AID reported that AID does not report
on its mission activities 24 using the SGL at the transaction level. These
mission activities account for approximately 52 percent of AID*s total net
cost of operations. AID recorded its mission activities in its Mission
Accounting and Control System* an automated system that uses

transaction codes that do not match to the SGL chart of accounts. AID used
a monthly process to crosswalk these mission transactions to the SGL, but
could not ensure that transactions were posted properly and consistently
from mission to mission. OMB officials have stated that while this monthly
process may be a good interim solution until AID has fully implemented its

new core financial system, this process does not allow AID*s systems to be
substantially compliant with the SGL at the transaction level. Until AID
deploys its newly implemented core financial system worldwide, 25 it will
continue to use the Mission Accounting and Control System for its overseas
missions.

The Department of Housing and Urban Development*s (HUD) Federal Housing
Administration (FHA) must use several manual processing steps to convert
its commercial accounts to SGL accounts. FHA*s legacy core financial
system, which includes its general ledger, is based on commercial 24 An
AID mission is a representative in a cooperating country. AID has overseas
missions and offices that manage projects associated with this foreign
assistance. 25 AID has estimated that the worldwide deployment of the core
financial system will not

begin until fiscal year 2008.

Page 24 GAO- 03- 31 FFMIA FY 2001 Results

rather than governmental accounting. FHA has 22 systems that feed
transactions to its core financial system, 15 of which cannot process
transactions in the SGL format. FHA*s manual processes include the use of
personal computer- based software to convert its commercial accounts to
the SGL. FHA then transfers the balances to HUD*s Central Accounting and
Program System (HUDCAPS). HUD*s auditors noted that FHA*s current process
does not meet federal financial management systems requirements that a
core financial system *provide for the automated and year- end

closing of SGL accounts and rollover of the SGL account balances.* FHA has
completed the initial phases of its project to implement a COTS financial
software system. FHA intends to complete implementation of the

general ledger module of this COTS system by the beginning of fiscal year
2003, including the implementation of the SGL at the transaction level.
Lack of adherence to federal accounting standards

One of FFMIA*s requirements is that agencies* financial management systems
account for transactions in accordance with federal accounting standards.
Agencies face significant challenges implementing these standards. As
shown in figure 5, auditors for 14 of the 20 agencies with noncompliant
systems reported that these agencies had problems complying with one or
more federal accounting standards. Auditors reported that agencies are
having problems implementing standards that

have been in effect for some time, as well as standards that have been
promulgated in the last few years. Auditors for 3 agencies* HUD, Interior,
and Justice* reported weaknesses affecting compliance with SFFAS No. 7,
Revenue and Other Financing Sources, which became effective in fiscal year
1998. Auditors for several Justice components reported that

improvements are needed in their accounting processes for earned and
deferred revenue. For example, auditors for Justice*s Immigration and
Naturalization Service (INS) reported that INS does not have a reliable
system that can provide regular and timely data on the number and value of
immigration applications and petitions received, completed, and pending.
INS needs this data to support general ledger entries for recording the
earned revenues when the applications are completed. Auditors for 5
agencies* the Department of Defense (DOD), AID, EPA, the Federal

Emergency Management Agency (FEMA), and the NRC* reported trouble
implementing SFFAS No. 10, Accounting for Internal Use Software, which
became effective at the beginning of fiscal year 2001. For example,
auditors reported that while NRC had developed policies to implement SFFAS
No.

10, NRC had not satisfactorily implemented the management controls needed
to ensure compliance with SFFAS No. 10 and did not have an adequate system
to track the labor time spent on information technology projects.

Page 25 GAO- 03- 31 FFMIA FY 2001 Results

The requirement for managerial cost information has been in place since
1990 under the CFO Act and since 1998 as a federal accounting standard.
Auditors for eight agencies 26 reported problems implementing SFFAS No. 4,
Managerial Cost Accounting Concepts and Standards. For example,

auditors reported that FEMA does not have a managerial cost accounting
system and its financial management system did not capture data at a
detailed enough level. Having such a managerial cost capability would
allow FEMA to give managers timely access to program costing reports and
more effectively present performance measures. FEMA has developed a three-
phase remediation plan to address issues related to compliance with FFMIA.
In the third phase, FEMA plans to address the issues related to the

need for cost management information to give managers timely access to
program costing reports.

Managerial cost information is critical for implementation of the

President*s Management Agenda. SFFAS No. 4 uses the term *managerial cost
accounting.* Some agencies have adopted the term *cost management* to
emphasize that cost, budget, and performance data are needed to improve
management decision making throughout the year, and are more comprehensive
than the cost data required for external reporting. We later discuss
further implications related to cost management and agencies that have
made promising strides toward implementing this critical tool.

Weak security controls over information systems

Information security weaknesses are one of the frequently cited reasons
for noncompliance with FFMIA and are a major concern for federal agencies
and the general public. These weaknesses are placing enormous amounts of
government assets at risk of inadvertent or deliberate misuse, financial
information at risk of unauthorized modification or destruction,

sensitive information at risk of inappropriate disclosure, and critical
operations at risk of disruption. Auditors for all 20 of the agencies
reported as noncompliant with FFMIA identified weaknesses in security
controls over information systems. In addition, auditors for the 4
agencies that provided negative assurance in reporting on compliance with
FFMIA in their fiscal year 2001 audit reports identified computer security
problems at those agencies, but did not consider those problems
significant enough to be instances of a lack of substantial compliance
with FFMIA. Unresolved information security weaknesses could adversely
affect the ability of

26 These eight agencies are: Agriculture, DOD, DOT, AID, EPA, FEMA,
National Aeronautics and Space Administration (NASA), and NRC.

Page 26 GAO- 03- 31 FFMIA FY 2001 Results

agencies to produce accurate data for decision making and financial
reporting because such weaknesses could compromise the reliability and
availability of data that are recorded in or transmitted by an agency*s
financial management system.

Since 1997, GAO has considered information security a governmentwide high-
risk area. 27 As shown by our work and work performed by the IGs, security
program management continues to be a widespread problem. Concerned with
reports of significant weaknesses in federal computer systems that make
them vulnerable to attack, the Congress enacted

Government Information Security Reform (GISRA) provisions 28 to reduce
these risks and provide more effective oversight of federal information
security. GISRA requires agencies to implement an information security
program that is founded on a continuing risk management cycle and largely
incorporates existing security policies found in OMB Circular A- 130,

Management of Federal Information Resources, Appendix III. GISRA also
added an important new requirement by calling for both annual management
and independent evaluations of the information security program and
practices of an agency. We testified in March 2002 29 that information
security weaknesses were most often identified 30 for (1) security program
management, (2) access controls, and (3) service continuity controls.
Security program management provides the framework for ensuring that risks
are understood and that effective controls are selected and properly
implemented. Access controls ensure that only authorized individuals can
read, alter, or delete data. Service continuity controls ensure that when
unexpected events occur, such as a natural disaster, critical operations
will continue without undue

interruption and that crucial, sensitive data are protected. 27 U. S.
General Accounting Office, High- Risk Series: An Update, GAO- 01- 263
(Washington, D. C.: January 2001). 28 These provisions are part of the
Floyd D. Spence National Defense Authorization Act for Fiscal Year 2001.
29 U. S. General Accounting Office, Information Security: Additional
Actions Needed to Fully Implement Reform Legislation, GAO- 02- 470T
(Washington, D. C.: March 6, 2002). 30 We analyzed the results of IG and
GAO audit reports published from July 2000 through September 2001,
including the results of the IGs* independent evaluations.

Page 27 GAO- 03- 31 FFMIA FY 2001 Results

As we testified in March 2002, 31 OMB is using a combination of formal
guidance, review and analysis of agency- reported material, agency
discussion and feedback, and monitoring of corrective actions to oversee
and coordinate agency compliance with the GISRA provisions. On January 16,
2001, OMB issued Guidance on Implementing the Government Information
Security Reform Act that summarized OMB, agency, and IG responsibilities
as well as provided answers to other specific implementation questions. On
June 22, 2001, OMB followed up its

implementation guidance with Reporting Instructions for the Government
Information Security Reform Act that contained final reporting
instructions that directed agencies to transmit copies of their annual
agency program reviews and IG independent evaluations to OMB.

Furthermore, on October 17, 2001, OMB also issued Guidance for Preparing
and Submitting Security Plans of Action and Milestones, which included
detailed guidance for preparing and submitting security plans of action
and milestones (corrective action plans), which list

information security weaknesses identified in agencies* annual reviews and
evaluations and describe how and when these weaknesses would be addressed.
OMB is continuing to address information security and for fiscal year 2002
issued Reporting Instructions for the Government Information

Security Reform Act and Updated Guidance on Security Plans of Action and
Milestones, on July 2, 2002, which updated guidance for fiscal year 2002
GISRA reporting and preparation of corrective action plans. In addition to
providing guidance, OMB also reviewed the results of the

agencies* program reviews and independent evaluations and consulted with
officials in the agencies to clarify information and provide feedback. OMB
sent letters to the agency heads that provided the results of its
assessment of the agencies* submissions for the reform provisions and
either conditionally approved or disapproved their information security
programs. Finally, OMB stated in its first annual GISRA report to the
Congress dated February 2002 that to intensify oversight, it will, among

other activities, discuss progress on information technology (IT) security
corrective action plans with each agency and integrate IT security as an
element contributing to the Executive Branch Management Scorecard. 31 GAO-
02- 470T.

Page 28 GAO- 03- 31 FFMIA FY 2001 Results

Auditors Provided Negative Assurance as to Substantial Compliance

Auditors for four agencies* the Departments of Energy and Labor, the GSA,
and SSA* provided negative assurance in reporting on FFMIA compliance for
fiscal year 2001. In their respective reports, they included

language stating that while they did not opine as to compliance with
FFMIA, nothing had come to their attention indicating that these agencies*
financial management systems did not meet FFMIA requirements. While this
form of reporting has useful applications, it is not relevant or
appropriate for this particular type of engagement given the requirements
of FFMIA. Our fundamental concern is that this type of reporting may
provide a false impression that the systems have been found to be
substantially compliant by the auditors, which is not what the auditors
are saying. In fact, the provisions of FFMIA require auditors to ** report
whether the agency financial management systems comply with the
requirements of [the act].* In providing guidance on reporting on
substantial compliance with FFMIA, OMB Bulletin No. 01- 02, Audit
Requirements for Federal Financial Statements, states that auditors should
report that *the results of our tests disclosed no instances in which the
agency*s financial management systems did not substantially comply* [with
FFMIA]. If testing disclosed that the agencies* systems are not
substantially compliant, auditors are required to report the instances of

noncompliance identified. This is an important distinction because the
term *disclosed no instances* carries a commonly accepted and wellknown
interpretation across the audit community that providing negative
assurance requires only limited testing because the auditor is not giving
an opinion on whether the systems are substantially compliant. One
important consideration is that the law does not specify when the FFMIA
compliance testing must be done. Thus, auditors can perform

FFMIA assessments at any time throughout the fiscal year, as long as the
assessment is updated to the end of the reporting period. FFMIA
assessments can be a separate review that could be staggered throughout

the year when the auditors* workloads are not as burdensome or to spread
out the work. While work performed in auditing financial statements would
naturally offer some perspective regarding FFMIA compliance, the work

needed to assess substantial compliance of systems with FFMIA should be
more comprehensive than that performed for purposes of rendering an
opinion on the financial statements. In performing financial statement
audits, auditors generally focus on the capability of the financial
management systems to process and summarize financial information that
flows into the financial statements. In contrast, FFMIA is much broader,
and auditors need to consider many other aspects of the financial

Page 29 GAO- 03- 31 FFMIA FY 2001 Results

management system including whether an agency*s systems comply with
systems requirements and provide reliable, useful, and timely
financialrelated information for managing day- to- day operations. FFMIA
was designed to lead to system improvements that would result in agency
managers being routinely provided with reliable, useful, and timely
financial- related information to measure performance and increase

accountability throughout the year, rather than just at year- end. Some of
the auditors we interviewed told us that providing positive assurance
would require more audit work and therefore would result in much higher
audit fees. For example, auditors for the Department of Energy estimated
that an additional 400 staff hours would be needed to provide positive
assurance. Auditors for GSA estimated that it would cost an additional

$110,000 to $120, 000 to provide positive assurance. The auditors we
interviewed also had concerns about providing positive assurance in
reporting on agency systems* FFMIA compliance because of a need for
clarification regarding the meaning of substantial compliance and guidance
regarding reporting.

Today, for some agencies, the auditor may have sufficient knowledge to
conclude that an agency is not in substantial compliance with FFMIA
without performing additional testing beyond that needed for the financial
statement audit opinion, because systems deficiencies are well known and
well documented. Because not all areas were tested, additional weaknesses
might exist that were not identified and reported. However, as agencies*
systems move toward substantial compliance with FFMIA, auditors will need
to perform more comprehensive testing to assess agencies* systems
compliance with FFMIA. Some of the promising audit procedures noted

during our review included detailed audit programs and an assessment of
financial systems* functionality. Moreover, although the compliance
indicators in OMB*s January 4, 2001, FFMIA guidance were meant only as
examples of compliance, auditors for several of the agencies we
interviewed used the indicators as a checklist for determining an agency*s
systems compliance. If a deficiency in a

specific indicator was noted, noncompliance was reported. This was not the
way the OMB indicators should have been used because just merely applying
those indicators is too limiting and was not OMB*s intention. Auditors
cannot follow a checklist approach when assessing the substantial
compliance of agency systems with FFMIA. Instead, auditors need to
consider the substance of these systems, particularly how they function.
Without a comprehensive approach, key systems* functionalities may not be
assessed, and the extent of noncompliance will remain

Page 30 GAO- 03- 31 FFMIA FY 2001 Results

uncertain. Without testing the functionality of a financial management
system, auditors cannot be assured that the agencies* systems are
operating as designed and that the systems substantially comply with FFMIA
and provide reliable, useful, and timely information to managers and other
decision makers. In short, the auditor*s work needs to be analytical and
not viewed as a checklist procedure. If auditors are merely checking
boxes, we question the value of their work and do not believe it meets the
expectations of the Congress in requiring auditor reporting under FFMIA.

Last year in reporting on FFMIA, 32 we recommended that OMB revise its
current FFMIA guidance to address a number of issues related to FFMIA
assessments. We recommended that OMB

 require agency auditors to provide positive assurance when reporting an
agency*s systems to be in substantial compliance;

 clarify the definition of substantial compliance;

 specify the type of procedures auditors should perform;

 request auditors to pay special attention to the requirements of
Managerial Cost Accounting Concepts and Standards; and,

 reiterate that the indicators of compliance in the January 4, 2001,
FFMIA implementation guidance are not meant to be all- inclusive. OMB
officials told us that they had not taken any action to modify their FFMIA
guidance to address our recommendations related to improving auditors*
FFMIA assessments. Instead, they were focusing on new initiatives such as
the Executive Branch Management Scorecard to help stimulate improvements
to agency financial management systems. Further, OMB said that they plan
to combine a number of financial management bulletins and circulars, such
as OMB Circular A- 127 and OMB Bulletin 01-

02, into a comprehensive document that would provide agencies and auditors
with more flexibility. We look forward to seeing this new OMB document
which is now under development.

32 U. S. General Accounting Office, Financial Management: FFMIA
Implementation Critical for Federal Accountability, GAO- 02- 29
(Washington, D. C.: Oct. 1, 2001).

Page 31 GAO- 03- 31 FFMIA FY 2001 Results

To help close the gap in the current OMB guidance, we have worked with
representatives from the President*s Council on Integrity and Efficiency
(PCIE) to draft a section for the GAO/ PCIE Financial Audit Manual

(FAM) 33 with detailed audit steps for testing agency systems* substantial
compliance with FFMIA. Appropriately implemented, these audit steps would
provide a sufficient basis to conclude whether agencies* systems
substantially comply with FFMIA. We will continue to work with PCIE to
finalize this new section of the GAO/ PCIE FAM. Certain members of the

PCIE indicated that auditors would be reluctant to perform these
additional procedures and provide positive assurance unless OMB revises
its guidance to require them to do so.

Remediation Plans Have Improved FFMIA requires agency management to
prepare remediation plans, in

consultation with OMB, that describe the corrective actions they plan to
take to resolve their instances of noncompliance, target dates, and
resources necessary to bring financial systems into substantial compliance
with FFMIA requirements. Further, the President*s Management Agenda

states that OMB will work with agencies to ensure that federal financial
systems produce accurate and timely information to support operating,
budget, and policy decisions. In the past, we have noted significant
deficiencies in these remediation plans, which limit their usefulness as a
tool for agency management and staff to use for resolving financial
management problems. 34 In reviewing these plans, we measured the
completeness of agency remediation plans against the law*s criteria that
these plans include the corrective actions, target dates, and resources

necessary to bring their systems into substantial compliance. We noted
improvement in the presentation and amount of detail in the fiscal year
2000 remediation plans for the Departments of Agriculture, Health and
Human Services, and DOT. However, we noted that a number of plans
submitted for fiscal year 2000 still did not have adequate descriptions of
the resources needed for executing the corrective actions.

Correcting systems problems is a difficult challenge for agencies
primarily because of the age and deficiencies of their critical financial
management 33 The Financial Audit Manual, jointly issued by GAO and the
President*s Council on Integrity and Efficiency, provides the methodology
for performing financial statement audits of federal entities.

34 GAO- 02- 29.

Page 32 GAO- 03- 31 FFMIA FY 2001 Results

systems and the need to be able to integrate a range of systems with the
accounting systems that provide financial information such as personnel
and acquisition systems. Some of the federal government*s automated
systems were originally designed and developed years ago (in some cases,
over 2 decades ago) and cannot provide reliable financial information for
key governmentwide initiatives, such as integrating budget and

performance information. It is important that agencies focus on the
substance of the information in these FFMIA remediation plans, rather than
on the format of the plans. A lack of substance in the plans, including

associating resources to detailed corrective actions, can limit the
likelihood of success in adequately implementing the corrective actions.

Fifteen of the 19 agencies, whose systems were determined by their IGs or
contract auditors not to be in substantial compliance for fiscal year
2000, prepared remediation plans. Two agencies* EPA and the SSA* did not
prepare plans because management determined that the agencies* systems

substantially complied with FFMIA. According to NRC officials, NRC has not
updated its remediation plan since the version dated May 31, 2001;
however, NRC did send a condensed version of this plan to OMB last fall
with its budget submission for fiscal year 2003. According to DOD
officials, DOD is not going to issue an updated financial management
improvement plan in light of its ongoing Financial Management
Modernization Program. This program is expected to address the underlying
problems of DOD*s financial management systems as well as to transform its
overall business processes. As we discuss later, the development of a
departmentwide financial management system enterprise architecture at DOD
will be an important step in this transformation process. We reviewed the
15 available remediation plans to determine whether (1) they included all
the instances of noncompliance identified in the fiscal year 1999
financial statement audits, (2) the planned corrective actions were
accompanied by detailed steps, (3) the corrective actions, if successfully
implemented, could potentially resolve the problems, (4) they

included information about resources needed, and (5) they provided target
dates for completing the corrective actions. We have not verified the
agency actions taken to date. For our report on FFMIA compliance last
year, 35 we reviewed the remediation plans prepared by agencies to address
problems identified in the fiscal year 1999 financial statement audits.
For this year*s report, we reviewed the agencies* fiscal year 2000
remediation

35 GAO- 02- 29.

Page 33 GAO- 03- 31 FFMIA FY 2001 Results

plans. 36 Remediation plans need to be sufficiently detailed to provide a

*road map* for agency management and staff to resolve financial management
problems identified as part of the FFMIA process. OMB requires agencies to
include the remediation plan as part of a financial management plan that
is provided with annual budget submissions. The financial management plan
should address all aspects of financial management improvements. Figure 6
presents the results of our analysis.

Figure 6: Results of Review of Fiscal Year 2000 Remediation Plans

Source: GAO analysis of fiscal year 2000 remediation plans.

36 Remediation plans addressing issues identified in the fiscal year 2000
financial statements were due to OMB by September 10, 2001.

0 5

10 15

20 Number of plans

14 1

15 0

15 0

5 10

14 1

Are corrective actions for all instances of noncompliance included?

Are corrective actions detailed?

Will corrective actions likely resolve the problems, if successfully

implemented? Are resources

included? Are time frames

included?

Ye s No

Page 34 GAO- 03- 31 FFMIA FY 2001 Results

As shown in figure 6, 14 of the agencies* remediation plans included
corrective actions that covered all of the reported instances of
noncompliance identified in the fiscal year 2000 financial statement
audits. The remediation plans for Treasury did not include corrective
actions to cover all of the instances of FFMIA noncompliance reported by
the auditors. For example, Treasury*s Financial Management Service*s (FMS)
remediation plan for fiscal year 2000 did not address all of its
information systems security weaknesses. However, FMS officials issued a
revised remediation plan in June 2002 that they believe addresses its
fiscal year 2001 instance of noncompliance related to all of the
information systems security weaknesses. We will include this plan in our
evaluation next year of the remediation plans submitted to address
instances of noncompliance reported in the fiscal year 2001 financial
statement audits.

One of the areas of improvement in the remediation plans submitted by the
15 agencies is in the level of detail provided for the planned corrective
actions as compared with previous plans. As shown in figure 6, all
agencies were determined to have sufficient details describing how the
various actions are to be accomplished. DOT showed significant improvement
in

the level of detail in its remediation plan. DOT is currently implementing
a fully integrated COTS financial management system throughout the
department. The fiscal year 2000 plan provides additional detail on the

implementation process, a more detailed listing of intermediate tasks and
target dates, the status of the various steps, and the responsible agency
officials. In particular, the fiscal year 2000 plan has greatly expanded
the information on actions to be taken at the Federal Aviation
Administration (FAA) compared to the fiscal year 1999 plan. This is
especially important

since FAA financial management has been designated as a high- risk area
since January 1999, because of serious and long- standing accounting and
financial management weaknesses. 37 OMB*s guidance and FFMIA state that
remediation plans are to include

resources and target dates necessary to achieve substantial compliance. As
shown in figure 6, 10 of the 15 remediation plans we reviewed did not
include a discussion of the staffing and funding resources required to
complete the planned corrective actions. Such information is important for
agency management and OMB to determine whether corrective actions can
realistically be accomplished within the specified timeframes.

37 U. S. General Accounting Office, High- Risk Series: An Update, GAO- 01-
263 (Washington, DC: January 2001).

Page 35 GAO- 03- 31 FFMIA FY 2001 Results

Finally, as shown in figure 6, 14 of the 15 agencies included time frames
for the corrective actions in their remediation plans. Setting specific
target dates, including intermediate target dates, facilitates tracking
the progress agencies are making in reaching their specified goals. The
one exception was FEMA*s remediation plan, which stated that the planned
corrective actions required a multiphased, multiyear approach due to
budgetary constraints; therefore, no specific target dates were provided.

FFMIA specifies that agencies have 3 years to bring their systems into
compliance after a determination of noncompliance is made; however, some
agencies have found that the 3- year time period is not sufficient to
address the reported problems. FFMIA also provides for an extension of

the time needed to complete the planned corrective actions with the
concurrence of OMB. For example, in September 2001 HUD requested and
received the concurrence of the Director of OMB in extending the statutory
3- year remediation time frame for the implementation of a new core
financial system at FHA. HUD projected that full implementation of the

system would be completed by December 2006. OMB*s leadership and close
oversight of agencies* remediation efforts will continue to be important
to help ensure that these plans substantively address the problems. The
advisory role FFMIA established for OMB with respect to agency remediation
plans is important for addressing the types of problems we

noted in remediation plans we reviewed. Therefore, in a prior report, 38
we recommended that OMB work with the agencies to ensure that all
remediation plans are prepared and submitted in a timely manner. We also
recommended that OMB review agencies* plans for (1) detailed corrective
actions that fully address reported problems, (2) inclusion of resource
requirements, and (3) specific time frames needed to implement and resolve
problems. To fulfill their mandated role, OMB has developed a
multidisciplinary approach for reviewing agency plans to correct FFMIA
problems.

According to OMB officials, OMB reviews the business cases submitted by
agencies to support requests for funding of investments in information
technology. These business cases are included in the agencies* budget 38
U. S. General Accounting Office, Financial Management: Federal Financial
Management Improvement Act Results for Fiscal Year 1998, GAO/ AIMD- 00- 3
(Washington, DC: Oct. 1, 1999).

Page 36 GAO- 03- 31 FFMIA FY 2001 Results

submissions. Agencies* business cases for financial management systems are
to address, among other things, any FIA, FFMIA, and internal control
problems reported by auditors or agency management. OMB officials told us
that agency business cases, which include FFMIA remedial actions, are
reviewed by OMB*s resource management officers as well as representatives
from OMB*s statutory offices* the Office of Federal Financial Management,
Office of Federal Procurement Policy, and the Office of Information and
Regulatory Affairs. OMB further stated that, generally, agency remediation
plans are included in agency budget submissions and subject to change. OMB
considers these budget

submissions predecisional and therefore not public documents. Agency
Efforts to Implement New Financial Systems

Across government, agencies have many efforts underway to implement or
upgrade financial systems to alleviate long- standing weaknesses in
financial management. While progress continues to be made to improve
financial management systems, for some agencies there is a long way to go.
At some agencies, most notably DOD, the problems are so severe that it
will be years before the full range of systems weaknesses are resolved. To
be successful, agencies need to overhaul existing business processes by

identifying the root causes as to why systems have these continuing
financial management weaknesses. Some agencies, including the Departments
of Agriculture, Commerce, and DOT, GSA, NASA, the Office of Personnel
Management (OPM), 39 and SSA are in the implementation phases of new
accounting systems. Other agencies are in the planning and design phases,
such as the Departments of Defense, Interior, Energy, and Justice. FEMA is
implementing a new version of its Integrated Financial Management
Information System. Many of these new financial systems are

COTS packages sold by vendors whose software has been certified by JFMIP.
40 It is important in implementing COTS packages that agencies reengineer
business practices to avoid customization of the COTS software and
maximize the software*s utility instead of trying to automate ineffective
current business practices.

39 OPM implemented its new Government Financial Information System on
October 1, 2001. According to an OPM official, the initial implementation
included its general ledger, budget execution, project cost accounting,
and accounts receivable modules. The second phase of the implementation
included its accounts payable, automated disbursements, and procurement
functionality. 40 JFMIP tests vendor COTS packages and certifies that they
meet certain financial management system requirements for core financial
systems.

Page 37 GAO- 03- 31 FFMIA FY 2001 Results

Agencies can help ensure that financial management systems investments
deliver the intended results by (1) using Clinger- Cohen Act IT management
requirements, (2) undertaking financial management systems modernization
in a broad enterprise architecture context, and (3) redesigning business
processes in conjunction with implementing new

technology. To assist federal agencies in this process, we have developed
the IT Investment Management Framework 41 to provide a common structure
for discussing and assessing IT capital planning and investment management
practices. This framework includes steps toward achieving both a stable
and mature IT investment management process. Once a project has been
selected, good project management is a critical ingredient to successful
implementation. For example, it is imperative that managers sufficiently
plan their project and that the sponsors are involved

in the implementation. Next, deadlines should be realistic and project
managers should be capable of understanding the complexities of the job.
Throughout the job, the implementation should be monitored to ensure the
project is going as planned.

While many agencies are in the process of implementing COTS systems to
address long- standing financial management problems, implementing a new
system will not resolve these problems without adequate accounting
policies and internal controls in place. For example, about 98 percent of
the Department of Agriculture has implemented a COTS package to serve as
its financial management system. According to an Agriculture IG report 42
dated June 2002, Agriculture*s new system could provide the department

with a materially strengthened accounting system, strengthened financial
controls, and better financial reporting. But the Office of the Chief
Financial Officer (OCFO) delegated responsibility to the agencies to
establish *agency specific* accounting policies and internal controls. The

IG found that the accounting policies and procedures developed by the
agencies were not consistent, adequate, or proper. Furthermore, the
agencies were not following the guidance issued by OCFO. For example,

the IG found that the agencies were not limiting access, sufficiently 41
U. S. General Accounting Office, Information Technology Investment
Management: An Overview of GAO*s Assessment Framework (Exposure Draft),
GAO/ AIMD- 00- 155 (Washington, D. C.: May 2000). 42 U. S. Department of
Agriculture, Office of the Inspector General, Audit of Selected Foundation
Financial Information System Operations, Report Number 50401- 42- FM
(Washington, D. C.: June 2002).

Page 38 GAO- 03- 31 FFMIA FY 2001 Results

segregating duties, or monitoring appropriation balances. Therefore,
although the Department of Agriculture has significantly completed
implementing a COTS package, its long- standing financial management
problems have not yet been solved. The Agriculture CFO advised us that
they have taken a number of steps to strengthen financial management and

to address issues identified by the IG. NASA is working toward
implementing an integrated financial management system that it expects to
be fully operational in 2006 at an estimated cost of $475 million. As we
testified in March 2002, 43 this is NASA*s third attempt to

implement a new financial management system. The first two efforts were
abandoned after 12 years and expenditures of $180 million. Given the high
stakes involved, it is critical that NASA*s leadership provide the
necessary direction, oversight, and sustained attention to ensure that
this project is successful.

According to SSA officials, SSA has successfully completed their *test

drive* of a new COTS system. The purpose of the *test drive* was to ensure
that the COTS system could meet the agency*s needs before beginning
implementation. SSA decided to purchase the package and to begin
implementation. Currently, SSA management is analyzing gaps and reviewing
business processes to determine what business processes or software
changes are necessary. Problems with DOD*s financial management operations
go far beyond its accounting and finance systems and processes. DOD
continues to rely on a

far- flung, complex network of finance, logistics, personnel, acquisition,
and other management information systems to gather the financial data
needed to support day- to- day management decision making. This network
was not designed to be, but rather has evolved into, the overly complex
and errorprone

operation that exists today, including (1) little standardization across
DOD components, (2) multiple systems performing the same tasks, (3) the
same data stored in multiple systems, (4) manual data entry into multiple
systems, and (5) a large number of data translations and interfaces that
combine to exacerbate problems with data integrity. Many of DOD*s business
operations are mired in old, inefficient processes and legacy systems,
some of which go back to the 1950s and 1960s. By a wide margin, 43 U. S.
General Accounting Office, National Aeronautics and Space Administration:
Leadership and Systems Needed to Effect Financial Management Improvements,
GAO- 02551T (Washington, D. C.: March 20, 2002).

Page 39 GAO- 03- 31 FFMIA FY 2001 Results

DOD faces the greatest challenge of any agency in overhauling its
financial management systems.

Past efforts at reforming DOD*s business operations have been impeded in
part by the (1) lack of sustained top- level leadership and (2) cultural
resistance to change. DOD*s past experience has suggested that top

management has not had a proactive, consistent, and continuing role in
building capacity, integrating daily operations for achieving performance
goals, and creating incentives. Sustaining top management commitment to
performance goals is a particular challenge for DOD. In the past, the
average 1.7- year tenure of the department*s top political appointees has
served to hinder long- term planning and follow- through. Further,
Secretary Rumsfeld has articulated that modernizing DOD*s business
operations and systems is a departmentwide priority and will require
leadership at every level. Cultural resistance to change and military
service parochialism have also played a significant role in impeding
previous attempts to implement broad- based management reforms at DOD. The
department has

acknowledged that it confronts decades- old problems deeply grounded in
the bureaucratic history and operating practices of a complex,
multifaceted organization, and that many of these practices were developed
piecemeal and evolved to accommodate different organizations, each with
its own

policies and procedures. As discussed in our June 2002 testimony, 44 DOD*s
vast array of costly, nonintegrated, duplicative, and inefficient
financial management systems has resulted in part because of the lack of
an integrated approach to addressing its management challenges. In
response to our May 2001 report, 45 DOD has undertaken the development of
an enterprise architecture to achieve the Secretary*s vision of having
*reliable, accurate and timely financial management information upon which
to make the

most effective business decisions.* In fiscal year 2002, DOD received
approximately $98 million and has requested another $96 million for fiscal
year 2003 for this effort. Consistent with the recommendations contained

44 U. S. General Accounting Office, DOD Financial Management: Important
Steps Underway But Reform Will Require Long- term Commitment, GAO- 02-
784T (Washington, D. C.: June 2002).

45 U. S. General Accounting Office, Information Technology: Architecture
Needed to Guide Modernization of DOD*s Financial Operations, GAO- 01- 525
(Washington, D. C.: May 2001).

Page 40 GAO- 03- 31 FFMIA FY 2001 Results

in our January 1999 46 and May 2001 reports, DOD has an extensive effort
underway to document the department*s current *as- is* financial
management architecture by identifying systems currently relied upon to
carry out financial management operations throughout the department. To
date, DOD has identified over 1,500 systems that are involved in the
processing of financial information. In developing the *as- is*
environment DOD has recognized that financial management is broader than
just

accounting and finance systems. Rather, it includes the department*s
budget formulation, acquisition, inventory management, logistics,
personnel, and property management systems. In developing and

implementing its enterprise architecture, DOD will need to ensure that the
multitude of systems efforts currently underway are designed as an
integral part of the future architecture.

Managerial Cost Information Is Critical for Implementing the

President*s Management Agenda

According to the President*s Management Agenda, the accomplishment of the
other four governmentwide initiatives 47 will matter little without the
integration of agency budgets with performance. The lack of a consistent
information and reporting framework for performance, budgeting, and

accounting obscures how well government programs are performing as well as
inhibits comparisons of performance and cost across programs. Timely,
accurate, and useful financial and performance information can form the
basis for reconsidering the relevance or *fit* of any federal program or
activity in today*s world and for the future. However, even the most
meaningful links between performance results and resources

consumed are only as good as the underlying data. Therefore, agencies must
address long- standing problems within their financial systems. As
agencies implement and upgrade their financial management systems,
opportunities exist for developing cost management information as an
integral part of the system to provide important information that is
timely, reliable, and useful.

As we have previously discussed, laws, regulations, and standards
emphasize that reliable information on the costs of federal programs and

46 U. S. General Accounting Office, Financial Management: Analysis of
DOD*s First Biennial Financial Management Improvement Plan, GAO/ AIMD- 99-
44 (Washington, D. C.: Jan. 29, 1999). 47 The other four governmentwide
initiatives are improved financial performance, strategic management of
human capital, competitive sourcing, and expanded electronic government.

Page 41 GAO- 03- 31 FFMIA FY 2001 Results

activities is crucial for effective management of government operations.
In particular, the concepts and standards in SFFAS No. 4 require agencies
to develop cost accounting processes that will enable them to provide
timely and reliable information on the full cost of federal programs,
their activities, and outputs. Further, good information on financial
program performance is necessary for the full and effective implementation
of GPRA. The success of GPRA is crucial to transitioning to a more
resultsoriented federal government where agencies are held accountable for
achieving specific program results. Cost information supports decision
making in a variety of different business environments, such as:

1. financial accounting* to assist federal financial report users in
evaluating service efforts, costs, and the accomplishment of the reporting
entity; 2. budgeting* to plan and make resource allocation decisions; and
3. managing* to manage resources in the accomplishments of broad

program purposes, to manage the unit cost of output to ensure that units
of output are produced as effectively and efficiently as possible, and to
set fees. In each of these environments, management must know the cost of
their activities in order to make good business decisions and to report
financial and performance information to external parties such as the
Congress and

the public, who in turn will then be able to use this cost information to
assess the budget integrity, program and operating performance,
stewardship, systems, and controls of the federal government. Linking of
agency budgets with performance is enhanced when agencies integrate
managerial cost information into their program activities (or lines of
business). For example, Treasury*s IG stated that one of the management
and performance challenges 48 that Treasury faced is the integration of
cost accounting with its business activities. The IG reported that
Treasury

managers were unable to link resources to results and often reported their
accomplishments based on anecdotal performance evidence and outdated
financial information.

48 U. S. Department of the Treasury, Office of the Inspector General,
Management and Performance Challenges Facing the Department of the
Treasury (Washington, D. C.: Jan. 30, 2002).

Page 42 GAO- 03- 31 FFMIA FY 2001 Results

Agency implementation of managerial cost accounting can be a complex and
arduous task. For example, FAA has been developing a cost accounting
system, as required by the Federal Aviation Reauthorization Act of 1996,
49 for several years. DOT*s IG reported in January 2002 50 that
notwithstanding the progress and successes realized so far, FAA still
faces significant

challenges to complete and operate a credible cost accounting system. The
IG concluded that FAA still needed to (1) implement, on a timely basis,
fully developed cost accounting and labor distribution systems, (2)
establish cost and performance management practices, (3) account for
overhead costs, (4) track assets, and (5) develop an adequate system of
internal controls. Other agencies have adopted various methods of
accumulating

and assigning costs to obtain managerial cost information needed to
enhance programs, improve processes, establish fees, develop budgets,
prepare financial reports, and report on performance. A number of agencies
have implemented activity- based costing (ABC), which creates a cost model
of an organization by identifying the activities performed, the resources
consumed, and the outputs (products and services) produced by that
organization. ABC then uses accounting and workload data to assign

costs to the activities and related outputs. For example, the Small
Business Administration (SBA) uses ABC to support financial reporting,
management decision making, performance reporting, budgeting, and cost
reimbursements. SBA has used information from its cost management system
to prepare the Statement of Net Costs, make resource allocation

decisions, and provide information for outsourcing alternatives. SBA has
also used managerial costing to provide a crosswalk between the costs of
activities and programs and the agency*s strategic goals and objectives.
SBA*s cost allocation model provides information about the full costs
(direct and indirect) of its programs as well as unit costs for many
program outputs. In fiscal year 2001, SBA began using activity- based
budgeting (ABB) to analyze program office budgets. The purpose of ABB is
to show the linkage between the resources the agency plans to consume and
the

49 This act required FAA to develop a cost accounting system that
adequately and accurately reflects the investments, operating and overhead
costs, revenues, and other financial measurement and reporting aspects of
its operations.

50 U. S. Department of Transportation, Office of Inspector General, 2001
Status Assessment of Cost Accounting System and Practices, Federal
Aviation Administration (Washington, D. C.: Jan. 10, 2002).

Page 43 GAO- 03- 31 FFMIA FY 2001 Results

outputs it plans to produce. ABC and ABB can provide SBA with the
information needed for sound decision making. 51

While some agencies have found this method to be useful, ABC is not a
universal solution for all organizations. Other agencies have developed
managerial costing approaches that build upon existing accounting systems.
For example, the Department of the Interior*s Bureau of Land Management
(BLM) has implemented an innovative cost model that aligns the costs of
the bureau*s activities with its work processes and mission goals. This
model was developed with extensive coordination with field

personnel and has been used for management decision making and to develop
budget requests. Increasing Emphasis

On Improving Financial Management from the Highest Levels of Government

Increasing attention from the highest levels of the federal government is
being targeted on improving federal financial management. Most
importantly, The President*s Management Agenda Fiscal Year 2002 includes
improved financial performance as one of the five top governmentwide
management goals. Improvement in federal financial management systems is
central to achieving improved financial performance. The administration is
using the Executive Branch Management Scorecard to highlight agency
progress in achieving the management and performance improvements embodied
in the President*s Management Agenda. Moreover, the JFMIP 52 Principals*
the Secretary of the Treasury, the Director of OMB, the Director of OPM,
and the Comptroller General* have been holding quarterly meetings that
have resulted in unprecedented substantive deliberations and agreements
focused on key reform issues such as better- defined measures for gauging
financial management success and the establishment of financial

management committees. 51 Using ABC and ABB allows agencies to manage by
activity, otherwise known as activitybased management. 52 JFMIP is a joint
and cooperative undertaking of OMB, the Department of the Treasury, OPM,
and GAO working with executive agencies to improve financial management
practices throughout the federal government.

Page 44 GAO- 03- 31 FFMIA FY 2001 Results

President*s Management Agenda and the Executive Branch Management
Scorecard

The administration, with its release of the President*s Management Agenda
in August 2001, has set forth improved financial performance as one of its
five governmentwide initiatives. OMB*s criteria for measuring improved
financial performance include (1) ensuring that financial management
systems substantially meet federal financial management

system requirements and applicable federal accounting and transaction
standards, (2) producing accurate and timely financial information, (3)
integrating financial and performance management systems to support dayto-

day agency operations, and (4) receiving unqualified and timely opinions
on the annual financial statements and no material internal control
weaknesses 53 reported by the auditors. This is another area that the
JFMIP

Principals have addressed and on which they are in agreement. The
administration is using the Executive Branch Management Scorecard, based
on OMB*s criteria, to highlight agencies* progress in achieving the
improvements embodied in the President*s Management Agenda. This is a step
in the right direction to improving management and performance. The value
of the scorecards is not in the scoring, but in the degree to which the
scores lead to sustained focus and demonstrable improvements over time.

This will depend on continued efforts to assess progress and maintain
accountability to ensure that agencies are able to, in fact, improve
performance. It is important that there be continual rigor in the scoring
process for the approach to be credible and effective. OMB provided its

baseline scores judging agency financial management as of September 30,
2001, and an updated version of the scorecard was released as of June 30,
2002.

The recent scores indicate that while there has been progress made in
implementing the President*s Management Agenda in many agencies, it has
not been uniform. The Scorecard had both current status scores and
progress in implementation scores for financial management. The *status*
is assessed against the standards for success communicated by OMB in its
October 30, 2001, memo to executive departments and agencies. According to
OMB, one agency, the Department of Labor, has been upgraded from red to
yellow for its status score because it has demonstrated commitment to
improving and has made good progress. OMB has identified four tasks to be
done before Labor could be upgraded to a green status score: (1) 53 A
material weakness is a condition that precludes the entity*s internal
control from providing reasonable assurance that misstatements, losses, or
noncompliance material in relation to the financial statements would be
prevented or detected on a timely basis.

Page 45 GAO- 03- 31 FFMIA FY 2001 Results

integrate its financial and performance management systems, (2) complete
remedial actions for Wage and Hour*s Back Wage and Civil Monetary
Penalties Systems, (3) develop and implement a plan to reduce erroneous
unemployment insurance payments, and (4) implement a cost accounting
system. Two agencies, NASA and SBA, have been downgraded from yellow to
red. NASA*s score was lowered because its auditors issued a disclaimer of
opinion on NASA*s financial statements and determined that its systems

were not in compliance with FFMIA. Similarly, SBA*s auditors determined
that its systems were not in compliance with FFMIA and reported one
material weakness and three reportable conditions relating to SBA being
unable to provide timely, complete, and reliable financial statements.

The administration assesses *progress* on a case- by- case basis against
the deliverables and timelines established for the five initiatives that
have been agreed upon with each agency. According to the progress scores
on the

Executive Branch Management Scorecard, the majority of the agencies are
proceeding according to their plans, receiving a *green light,* while a
few are slipping or require further adjustments in order to achieve their
objectives timely, receiving a *yellow light.* The Department of Interior
was the only agency that received a *red light* on *progress* because it
has

failed to make progress on its financial performance agenda. JFMIP
Principals Starting in August 2001, the JFMIP Principals have been meeting
quarterly

to deliberate and reach agreements focused on key financial management
reform issues. This forum provides an opportunity to reach decisions on
key issues and undertake strategic activities that reinforce the
effectiveness of groups such as the CFO Council in making progress toward
improving federal financial management. In these meetings, the

Principals have focused on key issues such as the following.

 Defining success measures for financial management performance that go
far beyond an unqualified audit opinion on financial statements and
include measures such as financial management systems that routinely
provide timely, reliable, and useful financial information and no material
internal control weaknesses or material noncompliance with laws and

regulations and FFMIA requirements,

 Restructuring FASAB*s composition to enhance the independence of the
board,

Page 46 GAO- 03- 31 FFMIA FY 2001 Results

 Establishing financial management committees for the federal government
and the CFO Act agencies,

 Overseeing DOD*s business transformation efforts,

 Consolidating and standardizing federal payroll systems to reduce the
cost of routine operations,

 Addressing the impediments to an audit opinion on the U. S. government*s
consolidated financial statements, including intragovernmental
transactions. The federal government*s current inability to properly
account for these transactions hinders true cost transparency and impedes
achievement of the goal of a clean opinion on

the federal government*s consolidated financial statements. Therefore, OMB
has been aggressively pursuing strategies regarding intragovernmental
transactions to reform current practices in this area and Treasury has
been working to change the process for compiling the

consolidated financial statements,

 Accelerating financial statement reporting dates. In deliberating on
these issues, the Principals recognized that a clean audit opinion alone
only provides credibility to an agency*s financial statements as of the
date of the financial statements* the last day of the fiscal year. It
provides no assurance about the effectiveness or efficiency of the
financial systems used to prepare the statements, the quality of internal
control, or whether the systems can produce reliable data for decision-
making

purposes on demand throughout the year. This recognition led to actions
such as enhancing the criteria for measuring progress and achievement in
the Executive Branch Management Scorecard as discussed above, and

accelerating the dates for issuing the government*s financial statements.
With these accelerated dates, the government*s financial statements will
be issued in a more timely manner and will discourage costly efforts by

agencies designed to obtain unqualified opinions on financial statements
without addressing the underlying systems and data reliability challenges.
After the Principals* endorsement, OMB acted by requiring agencies to
prepare financial statements closer to the end of the reporting period.
Under the accelerated reporting requirements, agency performance and
accountability reports for fiscal year 2002 are due to OMB by February 1,
2003. OMB is further accelerating the deadline so that by fiscal year
2004,

agencies will be required to submit these reports by November 15, 2004. In

Page 47 GAO- 03- 31 FFMIA FY 2001 Results

addition, in fiscal year 2003, agencies will be required to prepare and
submit quarterly financial statements no later than 45 days after the end
of the reporting period.

The JFMIP Principals have proven to be a collective driving force to
communicate expectations, address impediments, and move the financial
management agenda forward. Future meetings will enable the JFMIP
Principals to reach agreements and monitor progress on strategies critical
to the full and successful implementation of federal financial management
reform.

Conclusions The ultimate objective of FFMIA is to ensure that agency
financial management systems routinely provide reliable, useful, and
timely financial information, not just at year- end or for financial
statements, so that

government leaders will be better positioned to invest resources, reduce
costs, oversee programs, and hold agency managers accountable for the way
they run programs. To achieve the financial management improvements
envisioned by the CFO Act, FFMIA, and more recently, the

President*s Management Agenda, agencies need to modernize their financial
management systems to generate reliable, useful, and timely financial
information throughout the year and at year- end. Meeting the

requirements of FFMIA presents long- standing, significant challenges that
will be attained only through time, investment, and sustained emphasis on
correcting deficiencies in federal financial management systems. To assess
compliance with FFMIA, auditors need to perform detailed audit procedures
that are more comprehensive and independent of those performed for
rendering an opinion in a financial statement audit. Such a comprehensive
and independent assessment of an agency*s financial management system is
essential to improving the performance,

productivity, and efficiency of federal financial management and achieving
the President*s Management Agenda. In consultation with PCIE, we have
jointly developed guidance as a part of GAO/ PCIE FAM to assist auditors
to

comprehensively test for FFMIA compliance. However, without action from
OMB to revise its guidance on FFMIA compliance testing and reporting, the
audit community will continue to face conflicting guidance. Therefore, we
reaffirm the recommendations we made in our annual

Page 48 GAO- 03- 31 FFMIA FY 2001 Results

FFMIA report last year 54 that OMB specify expected procedures for
auditors to perform when assessing FFMIA compliance as called for in GAO/
PCIE FAM. This additional guidance should be principle based and should
clearly outline (1) the minimum scope of work and (2) the procedures for
auditors to perform in determining whether management has reliable,
timely, and useful financial information for managing day- today
operations. We also reaffirm our prior recommendations that OMB require
agency auditors to provide a statement of positive assurance when
reporting an

agency*s systems to be in substantial compliance with FFMIA. Further, we
reaffirm our prior recommendation that OMB continue to work with the CFOs,
IGs, and GAO to explore further clarification of the definition of

*substantial compliance* and to explain the appropriate use of the
compliance indicators. Finally, we reaffirm our prior recommendation that
OMB emphasize to auditors the significance of agencies* ability to meet
the Managerial Cost Accounting Concepts and Standards, given the crucial
need for cost management information for measuring the results of program
performance. The size and complexity of many federal agencies and the
discipline needed to overhaul or replace their financial management
systems present a significant challenge for many agencies. The
significance of these issues,

now and in the future, emphasizes the need for detailed remediation plans.
As envisioned by the act, these remediation plans would help agencies
establish seamless systems and processes to routinely generate reliable,
useful, and timely information that would improve agencies*
accountability. Again this year, our analysis showed that while the
quality of some of the

plans had improved, many agencies* remediation plans continue to lack key
elements that could preclude the achievement of FFMIA objectives.
Therefore, we reaffirm our prior recommendation that OMB continue to work
with agencies to ensure that the remediation plans include all required
elements and are not making new recommendations at this time

related to remediation plans. The widespread systems problems facing the
federal government need sustained management commitment at the highest
levels of government. Today, we are seeing a strong commitment from the
President, the JFMIP Principals, and the secretaries of major departments,
such as DOD, to

54 GAO- 02- 29.

Page 49 GAO- 03- 31 FFMIA FY 2001 Results

ensuring that these needed modernizations come to fruition. This
commitment is critical to the success of the efforts underway and those
still in a formative stage to achieve the goals of the CFO Act and FFMIA.

Agency Comments And Our Evaluation

In written comments (reprinted in app. V) on a draft of this report, OMB
agreed with our assessment that while many federal agencies are continuing
to make progress, some agencies continue to have shortcomings in their
financial management systems. OMB noted that changing its audit guidance
to require positive assurance when reporting on FFMIA compliance would not
necessarily measure the availability or

quality of financial information, integral to the intent of FFMIA. As we
discussed in the report, OMB officials acknowledged that they are
currently updating their financial management policy guidance, including
guidance related to financial management systems. OMB officials stated
that once the update of its financial management policy guidance has been

completed, new performance and results- based criteria will be used in
future FFMIA assessments. OMB further stated that it will reconsider
revising its FFMIA audit guidance once its overall federal financial
management policy has been finalized. OMB also commented on our
affirmation of our prior recommendation that it continue to work with the
agencies to ensure that remediation plans include all of the required
elements. As we state in the report, most of the agencies did not include
resource requirements for accomplishing corrective actions in their
remediation plans, as required by FFMIA. OMB agrees that the stand- alone
agency remediation plans do not necessarily include resource information,
but noted that agencies have been instructed to include this information
in their OMB Circular A- 11 budget submissions.

OMB officials added that a more comprehensive review and assessment of
agency plans to correct FFMIA problems is conducted as a part of OMB*s
annual budget process. While OMB*s multidisciplinary approach to reviewing
agency remediation plans appears to have prompted improvements in the
plans, we cannot determine whether the required

resource information not found in the stand- alone remediation plans is
included in the budget submission information required under OMB Circular
A- 11 because we did not have the agency budget submissions. These
documents are subject to change, and OMB considers the budget submissions
predecisional. Therefore, we based our review on the standalone

remediation plans received from the agencies directly. In reviewing these
plans, we found no references to other parts of the agency budget
submissions that might include resource information. Unless we review

Page 50 GAO- 03- 31 FFMIA FY 2001 Results

agency budget submissions, we will only be able to report on the contents
of the stand- alone remediation plans. OMB and several agencies also
provided other technical comments that we incorporated as appropriate.

We are sending copies of this report to the Chairman and Ranking Minority
Member, Subcommittee on Oversight of Government Management, Restructuring,
and the District of Columbia, Senate Committee on

Governmental Affairs; and to the Chairman and Ranking Minority Member,
Subcommittee on Government Efficiency, Financial Management, and
Intergovernmental Relations, House Committee on Government Reform. We are
also sending copies to the Director of the Office of Management and

Budget, the Secretary of the Treasury, the heads of the 24 CFO Act
agencies, and agency CFOs and IGs. Copies will also be made available to
others upon request. This report was prepared under the direction of Sally
E. Thompson, Director, Financial Management and Assurance, who may be
reached at (202) 512- 9450 or by e- mail at thompsons@ gao. gov if you
have any questions. Staff contacts and other key contributors to this
report are listed in appendix VI.

David M. Walker Comptroller General Of the United States

Page 51 GAO- 03- 31 FFMIA FY 2001 Results

Appendix I

Appendi xes Publications in the Federal Financial Management Systems
Requirements Series Appendi x I

FFMSR document Issue date

FFMSR- 0 Framework for Federal Financial Management Systems January 1995
FFMSR- 7 Inventory System Requirements June 1995 FFMSR- 8 Managerial Cost
Accounting System Requirements February 1998 JFMIP- SR- 01- 02 Core
Financial System Requirements November 2001 JFMIP- SR- 99- 5 Human
Resources & Payroll Systems Requirements April 1999

JFMIP- SR- 99- 8 Direct Loan System Requirements June 1999 JFMIP- SR- 99-
9 Travel System Requirements July 1999 JFMIP- SR- 99- 14 Seized Property
and Forfeited Asset Systems Requirements December 1999

JFMIP- SR- 00- 01 Guaranteed Loan System Requirements March 2000 JFMIP-
SR- 00- 3 Grant Financial System Requirements June 2000 JFMIP- SR- 00- 4
Property Management Systems Requirements October 2000 JFMIP- SR- 01- 1
Benefit System Requirements September 2001 JFMIP- SR- 02- 02 Acquisition/
Financial Systems Interface Requirements June 2002

Page 52 GAO- 03- 31 FFMIA FY 2001 Results

Appendix II Statements of Federal Financial Accounting Concepts,
Standards, and Interpretations Appendi x II

Concepts

SFFAC No. 1 Objectives of Federal Financial Reporting

SFFAC No. 2 Entity and Display

SFFAC No. 3 Management*s Discussion and Analysis

Standards Effective for fiscal year a

SFFAS No. 1 Accounting for Selected Assets and Liabilities 1994 SFFAS No.
2 Accounting for Direct Loans and Loan Guarantees 1994 SFFAS No. 3
Accounting for Inventory and Related Property 1994 SFFAS No. 4 Managerial
Cost Accounting Concepts and Standards 1998 SFFAS No. 5 Accounting for
Liabilities of the Federal Government 1997 SFFAS No. 6 Accounting for
Property, Plant, and Equipment 1998 SFFAS No. 7 Accounting for Revenue and
Other Financing Sources 1998 SFFAS No. 8 Supplementary Stewardship
Reporting 1998 SFFAS No. 9 Deferral of the Effective Date of Managerial
Cost Accounting Standards for the Federal Government in SFFAS No. 4 1998

SFFAS No. 10 Accounting for Internal Use Software 2001 SFFAS No. 11
Amendments to Accounting for Property, Plant, and Equipment* Definitional
Changes 1999

SFFAS No. 12 Recognition of Contingent Liabilities Arising from
Litigation: An Amendment of SFFAS No. 5, Accounting for Liabilities of the
Federal Government

1998 SFFAS No. 13 Deferral of Paragraph 65- 2* Material Revenue- Related
Transactions Disclosures 1999 SFFAS No. 14 Amendments to Deferred
Maintenance Reporting 1999 SFFAS No. 15 Management*s Discussion and
Analysis 2000 SFFAS No. 16 Amendments to Accounting for Property, Plant,
and Equipment 2000

SFFAS No. 17 Accounting for Social Insurance 2000 SFFAS No. 18 Amendments
to Accounting Standards for Direct Loans and Loan Guarantees in SFFAS No.
2 2001

SFFAS No. 19 Technical Amendments to Accounting Standards for Direct Loans
and Loan Guarantees in SFFAS No. 2

2003 SFFAS No. 20 Elimination of Certain Disclosures Related to Tax
Revenue Transactions by the Internal Revenue Service, Customs, and Others

2001 SFFAS No. 21 Reporting Corrections of Errors and Changes in
Accounting Principles 2002

Appendix II Statements of Federal Financial Accounting Concepts,
Standards, and Interpretations

Page 53 GAO- 03- 31 FFMIA FY 2001 Results

a Effective dates do not apply to Statements of Federal Financial
Accounting Concepts and Interpretations.

Standards Effective for fiscal year a

SFFAS No. 22 Change in Certain Requirements for Reconciling Obligations
and Net Cost of Operations 2001

Interpretations

No. 1 Reporting on Indian Trust Funds

No. 2 Accounting for Treasury Judgment Fund Transactions

No. 3 Measurement Date for Pension and Retirement Health Care Liabilities

No. 4 Accounting for Pension Payments in Excess of Pension Expense

No. 5 Recognition by Recipient Entities of Receivable Nonexchange Revenue

Page 54 GAO- 03- 31 FFMIA FY 2001 Results

Appendix III AAPC Technical Releases Appendi x I II

Technical release AAPC release date

TR- 1 Audit Legal Letter Guidance March 1, 1998 TR- 2 Environmental
Liabilities Guidance March 15,

1998 TR- 3 Preparing and Auditing Direct Loan and Loan Guarantee Subsidies
Under the Federal Credit Reform Act July 31, 1999

TR- 4 Reporting on Non- Valued Seized and Forfeited Property July 31, 1999
TR- 5 Implementation Guidance on SFFAS No. 10: Accounting for Internal Use
Software May 14, 2001

Page 55 GAO- 03- 31 FFMIA FY 2001 Results

Appendix IV Checklists for Reviewing Systems Under the Federal Financial
Management Improvement Act Appendi x I V

Checklist Issue date

GAO/ AIMD- 98- 21. 2. 1 Framework for Federal Financial Management System
Checklist May 1998

GAO/ AIMD- 00- 21. 2. 2 Core Financial System Requirements Checklist
February 2000 GAO/ AIMD- 00- 21. 2. 3 Human Resources and Payroll Systems
Requirements Checklist March 2000

GAO/ AIMD- 98- 21. 2. 4 Inventory System Checklist May 1998 GAO/ 01- 99G
Seized Property and Forfeited Assets Systems Requirements Checklist
October 2000

GAO/ AIMD- 21- 2. 6 Direct Loan System Requirements Checklist April 2000
GAO/ AIMD- 21. 2.8 Travel System Requirements Checklist May 2000 GAO/
AIMD- 99- 21. 2. 9 System Requirements for Managerial Cost Accounting
Checklist January 1999

GAO- 01- 371G Guaranteed Loan System Requirements Checklist March 2001
GAO- 01- 911G Grant Financial System Requirements Checklist September 2001
GAO- 02- 171G Property Management Systems Requirements Checklist December
2001

GAO- 02- 762G Benefit System Requirements (Exposure Draft) September 2002

Page 56 GAO- 03- 31 FFMIA FY 2001 Results

Appendix V Comments From the Office of Management and Budget Appendi x V

Page 57 GAO- 03- 31 FFMIA FY 2001 Results

Appendix VI GAO Contacts and Staff Acknowledgments Appendi x VI

GAO Contacts Sally E. Thompson, (202) 512- 9450 Kay L. Daly, (202) 512-
9312

Acknowledgments In addition to those named above, Rosa R. Harris, William
S. Lowrey, Debra S. Rucker, Sandra S. Silzer, and Bridget A. Skjoldal made
key contributions to this report. (193026)

GAO*s Mission The General Accounting Office, the investigative arm of
Congress, exists to support Congress in meeting its constitutional
responsibilities and to help improve the performance and accountability of
the federal government for the American people. GAO examines the use of
public funds; evaluates federal programs and

policies; and provides analyses, recommendations, and other assistance to
help Congress make informed oversight, policy, and funding decisions.
GAO*s commitment to good government is reflected in its core values of
accountability, integrity, and reliability.

Obtaining Copies of GAO Reports and Testimony

The fastest and easiest way to obtain copies of GAO documents at no cost
is through the Internet. GAO*s Web site (www. gao. gov) contains abstracts
and fulltext files of current reports and testimony and an expanding
archive of older products. The Web site features a search engine to help
you locate documents using key words and phrases. You can print these
documents in their entirety, including charts and other graphics.

Each day, GAO issues a list of newly released reports, testimony, and
correspondence. GAO posts this list, known as *Today*s Reports,* on its
Web site daily. The list contains links to the full- text document files.
To have GAO e- mail this list to you every afternoon, go to www. gao. gov
and select *Subscribe to daily E- mail alert for newly released products*
under the GAO Reports heading.

Order by Mail or Phone The first copy of each printed report is free.
Additional copies are $2 each. A check or money order should be made out
to the Superintendent of Documents. GAO also accepts VISA and Mastercard.
Orders for 100 or more copies mailed to a single address are discounted 25
percent. Orders should be sent to:

U. S. General Accounting Office 441 G Street NW, Room LM Washington, D. C.
20548

To order by Phone: Voice: (202) 512- 6000 TDD: (202) 512- 2537 Fax: (202)
512- 6061

To Report Fraud, Waste, and Abuse in Federal Programs

Contact: Web site: www. gao. gov/ fraudnet/ fraudnet. htm E- mail:
fraudnet@ gao. gov Automated answering system: (800) 424- 5454 or (202)
512- 7470

Public Affairs Jeff Nelligan, managing director, NelliganJ@ gao. gov (202)
512- 4800 U. S. General Accounting Office, 441 G Street NW, Room 7149

Washington, D. C. 20548

United States General Accounting Office Washington, D. C. 20548- 0001

Official Business Penalty for Private Use $300

Address Service Requested Presorted Standard

Postage & Fees Paid GAO Permit No. GI00
*** End of document. ***