Fiscal Year 2014 Information Technology Internal Controls
Background
The Postal Accountability and Enhancement Act of 2006 required the U.S. Postal Service to begin complying with sections of the Sarbanes-Oxley (SOX) Act in fiscal year (FY) 2010. Specifically, management must assert on the effectiveness of the internal control structure over financial reporting. We conducted this audit to support the independent public accounting firm’s overall audit opinions on the Postal Service’s financial statements and internal controls over financial reporting.
The information technology (IT) infrastructure-level environment includes processes needed to administer, secure, and monitor key financial reporting systems. Our objective was to evaluate and test key infrastructure-level internal controls over information systems. We limited the scope of our audit in FY 2014 to the primary financial reporting infrastructure-level controls management identified to fully mitigate SOX risks. Further, our audit did not address the entire IT environment but only in-scope, SOX financial reporting systems.
What The OIG Recommended
We made no recommendations because management has actions planned by June 30, 2015, or took corrective action to resolve the issues noted during the audit.