Jump to Main Content
USA flagAn Official Website of the United States Government

Audit Report 9-19: Audit of SBA’s Information Systems Controls

Date Issued: 
Thursday, September 2, 1999
Report Number: 

On September 2, 1999, the OIG issued audit report 9-19, the Independent Public Accountant (IPA) report regarding the audit of SBA’s 1998 Financial Statements, Audit of SBA’s Information Systems Controls.  The IPA concluded that SBA’s general controls were not fully in compliance with established policies and procedures.  For example, (1) the SBA had not funded and implemented an entity-wide security program, (2) unnecessary and excessive access privileges reduced accountability and created segregation of duties weaknesses, (3) application development and change control procedures were not consistently applied in systems outside the Office of the Chief Information Officer’s control, (4) programmer abilities to access operating systems could not be monitored and (5) security administrators and program managers needed training.  The IPA issued two findings and two recommendations related to the establishment of an ongoing agency-wide information systems security program. 


File Attachments: 
Attachments Size
Audit 9-19 Audit of SBA's Infomration Systems Controls 9.2.99.pdf 149Kb