Audit uncovers weak internal controls at CBP

Information security continues to be a material weakness in the Customs and Border Protection agency's internal controls, according to an independent audit released today by Homeland Security Department Inspector General Richard Skinner.

"During fiscal 2007, we continued to find general and application [information technology] control weaknesses at Customs and Border Protection," states the audit by KPMG LLP.

"Collectively, the IT control weaknesses limit CBP's ability to ensure that critical financial and operational data is maintained in such a manner as to ensure confidentiality, integrity and availability," the audit states.

Vulnerabilities noted a year before and continuing through fiscal 2007 included organizationwide IT security, access, service continuity, segregation of duties and change management of system software, said KPMG.

The audit also found significant deficiencies in government reimbursements to importers of overpayments of duties, taxes and fees. The Automated Commercial System lacks automated controls to identify excessive reimbursements of this type, the report said.