USAID's chief financial officer perform a written risk assessment of its general ledger posting model process, as required by Office of Management and Budget Circular A-123. The risk assessment should include cost-benefit considerations and a plan to implement compensating or appropriate internal controls to prevent and detect errors. The risk assessment should address:
Segregation of duties.
Data owner approval of changes to the general ledger posting models.
Records of all steps in procedures.
Use of activity or transaction logs for monitoring.
The risk assessment should also document the acceptance of all risks that will not be mitigated.
USAID's chief financial officer update and implement USAID's general ledger posting model procedures, after taking final corrective action on recommendation 1, to include explicit roles and responsibilities and a step-by-step process for updating the posting models.