Jump to Main Content
USA flagAn Official Website of the United States Government

Audit Report 7-31: Audit of E-Application System

Date Issued: 
Thursday, September 27, 2007
Report Number: 
7-31

On September 27, 2007, the OIG issued Audit Report 7-31, Audit of E-Application System.  The E-Application system is an internet-based system that processes applications for the 8(a) and Small Disadvantaged Business (SDB) certification programs.  The objectives of this audit were to determine whether:  (1) data stored in the E-Application system complies with applicable laws, rules, and regulations governing the security of government data and Personally Identifiable information (PII); and (2) controls over data transfer between E-Application and SBA’s Electronic 8(a) review system are sufficient to ensure the complete and accurate transfer of information. 

The OIG found that the system’s security safeguards over sensitive government data were inadequate and did not meet Federal Information Security Management Act (FISMA), Federal Information Processing Standards (FIPS), or National Institute of Standards and Technology (NIST).  System controls were also insufficient to ensure the complete and accurate transfer of information from E-Application to SBA’s Electronic 8(a) Review System. 

File Attachments: 
Attachments Size
Audit 7-31 Audit of E-Application System 9.27.07.pdf 2004Kb