USAID Implemented Application Controls for DATA Act Reports, but Improvements Are Needed

Audit Report
Report Number
A-000-18-005-C

We contracted with the independent certified public accounting firm CliftonLarsonAllen LLP to audit USAID’s implementation of selected application controls used to report financial data under the DATA Act. The audit objective was to determine whether USAID implemented selected application controls in its Global Acquisition and Assistance System and its Phoenix Financial System. The Agency uses data from these two applications to report under the DATA Act. The audit firm concluded that USAID implemented 23 of the 27 selected application controls designed to preserve the integrity of its DATA Act reporting. However, USAID did not implement four of the controls, including standard operating procedures for the DATA Act reporting process or perform internal data validations before posting the data to the Treasury’s DATA Act Broker website. To address the four control weaknesses identified in the report, the audit firm made and OIG agreed with two recommendations. USAID accepted both recommendations, and one is closed.

Recommendations

Recommendation
1

The chief financial officer document and implement Agency-integrated standard operating procedures for extracting, reviewing, validating, and submitting Digital Accountability and Transparency Act (DATA Act) files to the Treasury's DATA Act Broker website.

Questioned Cost
0
Close Date
Recommendation
2

The chief financial officer document and implement procedures to validate and reconcile financial data in Digital Accountability and Transparency Act (DATA Act) files before submitting them to the Treasury's DATA Act Broker website.

Questioned Cost
0
Close Date