printable banner

U.S. Department of State - Great Seal

U.S. Department of State

Diplomacy in Action

FY 2000-01 Remediation Plan - Federal Financial Management Improvement Act of 1996


Share

Released by the Bureau of Financial Management and Policy
October 2001

Table of Contents

 

I. Introduction

1

II. Background

1

III. Fiscal Years 2000 and 2001 Results

2

IV. Achieving Substantial Compliance

6

Appendixes

 

Appendix I – 1: Fixed Assets System: Phase II – Personal Property

12

Appendix I – 2: Financial Reporting Software

14

Appendix I – 3: Enhanced Interfaces

16

Appendix I – 4: Central Financial Planning System (CFPS)

17

Appendix I – 5: Regional Financial Management System (RFMS)

20

Appendix I – 6: Business Continuity and Contingency Planning

23

Figure 1: Projects Addressing FFMIA Substantial Non-Compliance

A. Timely and Useful Information/ B. Sole Source of Information

Central Financial Management System (CFMS) Enhancement Projects.

While CFMS contains State’s SGL, CFMS is not the sole source of information for financial statement preparation because CFMS does not account for all necessary elements of the financial statements. In limited instances, reliance is placed on manual compilation efforts, ad hoc programming, and analysis of data produced by mixed financial or subsidiary systems that are not integrated and require adjustments. For example, data and disclosures on personal property amounts do not reside in CFMS.

CFMS Enhancement Projects: Project Cost Accounting System.

CFMS Enhancement Projects: Fixed Assets System (Phase I – Real Property).

C. Systems Security

Mainframe Access Control Security Projects.

CFMS Security Improvements

As part of the audit of the FY 2000 Departmentwide Financial Statements, an internal vulnerability assessment of CFMS was conducted in February 2001. The review found that the specific security features associated with the CFMS application function correctly and are well managed. However, similar to the two independent penetration tests noted above, the review identified issues with the IT infrastructure that affords access to CFMS.

D. Business Continuity and Contingency Planning

CFMS and Paris FSC Mainframe Contingency Plan.

Other Areas of Improvement

In addition to the completion of the initiatives above, State has made other improvements to address inadequacies in the financial and accounting systems that have been cited in the Independent Auditor’s Report. The improvements are highlighted in the chart below.

IV.

There are now two fully operational mainframe computer facilities, the center located at the Harry S Truman Building (Washington, D.C.) and the Beltsville Information Management Center (Beltsville, Maryland). In the event of a disaster impacting one of these two facilities, critical mainframe operations (that CFMS operates on) could be moved to the other site, albeit at a diminished but workable capacity. Contingency plans have been developed with detailed recovery implementation plans for all logical partitions on the mainframes at both centers. As part of State’s Year 2000 (Y2K) activities, a contingency plan was developed to provide appropriate contingency relief and disaster recovery for the FSC Paris mainframe using the domestic mainframe computers. Mainframe contingency planning was closed as an FMFIA material weakness on December 14, 1999. This initiative successfully addressed the major contingency planning shortfalls of State’s mainframe computers located in Washington and FSC Paris.
. With the help of a CPA firm, State improved CFMS security by establishing an effective security administration and operations program. As a result, new policies, procedures and security profiles were established. State developed and provided CFMS security awareness training to over 900 users of CFMS. These items comprise fundamental elements required for establishing and implementing a security program that is compliant with Federal requirements. Also, the CPA firm who assisted with these efforts provided a risk assessment evaluation workplan to be used in future evaluations of CFMS general controls. Through these documents and efforts, State has established a basis for conducting periodic risk assessments of CFMS.
Mainframe security regarding access controls was enhanced enabling the State’s Management Control Steering Committee (MCSC) to vote for closure of the Federal Managers’ Financial Integrity Act (FMFIA) material weakness for Information Systems Security. The MCSC, with the concurrence of the Inspector General, approved the closure for the FY 2000 FMFIA Report. This was based on the fact that the processes, controls and administration of State’s information systems security program have been significantly enhanced since this problem was identified in 1997. However, whether these improvements prevent unauthorized access and abuse of the Department’s information systems network for domestic operations needed to be independently validated. The Department, working with the OIG and the General Accounting Office (GAO), completed two independent reviews of system security vulnerabilities. The reviews confirmed improvements, but also identified potential problems with information systems’ network access controls (versus mainframe access). Efforts to improve these controls are reported under a separate project – Information Systems Network Security.
In FY 2000, State implemented the Fixed Assets System, an integrated module within CFMS, to account for the real property elements of land, buildings and structures. The Fixed Assets System module is part of the financial management software package of American Management Systems, Inc. This new capability allows these elements of the financial statements to be developed directly from State’s automated trial balance. Data from this new module automatically updates the SGL account for Property, Plant and Equipment, enhancing the reliability and timeliness of data maintained in CFMS. As a result of completing this project, the CFMS general ledger is the primary source of information on these elements for financial reporting.
The Project Cost Accounting System (PCAS) was implemented to capture and report costs associated with capital improvements and construction projects. Under PCAS, transactions containing project codes that have been assigned to capital improvements and construction projects are capitalized and reported in State’s SGL.
CFMS serves as the financial accounting and reporting system for all domestically-held allotments and as the central consolidating financial and reporting system for all the Department’s funds and assets. CFMS is based upon the Federal Financial System (FFS), a proprietary software package developed and marketed by American Management Systems, Inc. (AMS). Enhancements, modifications and interfaces to the off-the-shelf FFS package have been developed to meet State requirements. CFMS operates on the Department’s IBM mainframe in Main State (Harry S Truman Building), and has a non-windows user interface for data entry. In addition to on-line processing, CFMS depends on nightly and monthly batch processing cycles to record interface transactions and to perform monthly closing activities. CFMS serves over 1500 users and uses the SGL.

BEFORE

NOW

Substantial elements of the financial statements developed from sources other than the trial balance

Limited to personal property, capital leases and some minor amounts

Unliquidated obligation balances not reconcilable with detail maintained in related databases

Balances are reconcilable with detail

Audited financial statements not issued on a timely basis

Audited financial statements issued by March 1 due date

Achieving Substantial Compliance

State continues in its efforts to achieve substantial compliance. State's Deputy Chief Financial Officer has overall responsibility for ensuring that the corrective efforts are accomplished. Presented below is a brief description of those projects included in Figure 1 that remain to be completed to achieve substantial compliance. More detailed information for projects is provided at Appendix I where indicated.

A. Timely and Useful Information/ B. Sole Source of Information

While progress has been made in providing more timely, accurate, and useful information, additional work needs to be done. Described below are projects that will further enhance the financial systems capability in providing timely and useful information for decision making purposes. The SGL and related data will be accounted for in CFMS where appropriate.

CFMS Enhancement Projects: Fixed Assets System: Phase II – Personal Property.

Financial Reporting Software.

Enhanced Interfaces.

Central Financial Planning System (CFPS) Project.

CFPS will standardize worldwide in one system the annual budget call and the program plans of the missions and bureaus. The system will then receive data (both obligation and cost) from State’s accounting system to compare budget to actual, including the cost of doing business. Currently, the function code field of the Department’s accounting code structure is being reviewed and revised to eliminate duplication and provide a vehicle to crosswalk obligations and costs to State’s goals and objectives. The process will be similar to the International Cooperative Administrative Support Services (ICASS) system, and where appropriate, cost distribution pools (using function codes) will be established.

Functional and technical requirements analysis was completed in February 2001. The estimated target date for system development is October 2002. The systems implementation portion of the CFPS project is scheduled for completion by April 2003. The estimated total cost of this project is $4,300,000. See Appendix I - 4 for additional information.

Regional Financial Management System (RFMS) Project.

State is implementing the Regional Financial Management System (RFMS). RFMS is composed of (1) a custom developed disbursing component (no commercial off-the-shelf (COTS) solution is available for disbursing functionality due to the 130+ foreign currencies involved), and (2) a COTS solution for funds management, obligation, and voucher processing. Implementation of RFMS will occur at all FSCs. RFMS not only will support funds management, obligation and voucher processing, but also will change the frequency of the interface, level of detail, and the ‘477’ process between the FSCs and Washington. This will allow financial managers to have up-to-date fund status, revenue data, and specific obligation document status. It will also allow for the matching of payments made domestically against obligations made overseas. The general ledger module of this COTS package will be implemented at the FSC level to further improve management information for overseas financial activity and related fiscal reconciliations.

Development and implementation of RFMS, approved by State’s Information Technology Program Board in June 1998, supports State’s goal of integrating and standardizing worldwide financial and information systems and conforms with OMB Circular A-127 requirements to establish and maintain a single, integrated financial management system. RFMS will (1) reduce the number of overseas regional systems from two to one, (2) incorporate State’s standard account code structure, and (3) enable financial transactions to be standardized between RFMS and CFMS, which will result in the consistent processing and recording of financial data on a worldwide basis.

Target completion dates for implementation at all FSCs are the end of FY 2003. The estimated total cost for this project, allocated among FY 1999 through FY 2003, is $43,937,000. This estimate includes software, development, testing, data conversion, implementation, training, and support. See Appendix I - 5 for additional information.

Systems Security

Information Systems Network Security.

In addition to addressing issues identified in penetration tests, State is implementing a comprehensive framework and process for lifecycle management of IT security. The framework and process will provide for continual evaluation and improvement as displayed in Figure 2. Some of the many accomplishments to date include:

  • Developed a Systems Security Program Plan (SSPP) that documents the Department’s security program in its entirety,
  • Adopted of the National Security Telecommunications and Information Systems Security Instruction (NSTISSI), National Information Assurance Certification and Accreditation Program (NIACAP),
  • Developed a Certification and Accreditation Document that establishes a standard process, set of activities, general tasks, and a management structure to certify and accredit systems,
  • Established a 24X7 computer incident response team,
  • Established an IT Configuration Control Board,
  • Established Remediation Program Office,
  • Established antivirus program and processes, and
  • Implemented an ongoing penetration testing program.

[Text version of Figure 2]

diagram of IT security evaluation and improvement cycle

D. Business Continuity and Contingency Planning

Business Continuity and Contingency Plans.

Business Continuity and Contingency Plans (BCCP) provide (1) procedures to protect information resources and minimize the risk of unplanned interruptions, and (2) a plan to recover critical operations should interruptions occur. To determine whether recovery plans will work as intended, they should be tested periodically in disaster simulation exercises. Requirements for these plans are outlined in GAO’s Federal Information System Controls Audit Manual (FISCAM). The existence and completeness of these plans is a subject of audits of the Department’s financial statements and computer security reviews.

Several efforts are underway to establish BCCPs for our domestic and overseas financial environments. On the domestic front, additional steps undertaken by the Bureau of Information Resource Management (IRM) will ensure a seamless and transparent backup capability between its mainframe resources in the Harry S Truman Building and the Beltsville Information Management Center. Mainframe resources support CFMS and State’s American civilian payroll and Foreign Service retirement systems.

For our FSCs in Charleston and Bangkok, a Continuity Risk Assessment was completed in September 2000 and is being used as a roadmap for Charleston and Bangkok to establish limited interim business continuity capabilities for critical financial operation activities, e.g., disbursing and Foreign Service National payroll. As part of the effort to 1) consolidate all FSC Paris financial operations into FSC Charleston and FSC Bangkok and 2) establish the new Regional Financial Management System in FSC Charleston and FSC Bangkok, a comprehensive BCCP will be established.

FMP, in association with IRM as developer of several of FMP’s financial management systems, will begin an assessment of the contingency plans developed for the Year 2000 (Y2K) activities to determine our current situation. These plans will be assessed using the FISCAM requirements. Based on this assessment, a plan will be formulated for the development of BCCP documents in support of domestic and overseas operations. The plan will take into account the criticality and sensitivity of FMP business processes, current vulnerabilities, and current systems development efforts. It will be conducted by State IT staff and therefore have no funding requirements. As part of the Department’s efforts in certifying and accrediting all enterprise-wide systems in accordance with PDD 63, resources will verify that BCCPs exist and are tested on a periodic basis. Funding has been provided to establish this function in IRM. Additional funding will be required for the program bureaus to establish and test BCCPs.

The development of Business Continuity and Contingency Plans will begin in FY 2002 with their development and testing estimated to be completed in FY 2003. Estimated costs for the development of business continuity plans and facilities are $1,000,000 in FY 2002 and $1,000,000 in FY 2003. This project is dependent on obtaining funding from State’s Information Technology Program Board. See Appendix I - 6 for additional information.

In conclusion, State is aggressively working to bring its financial systems into substantial compliance with the FFMIA. State will continue to assess its progress and modify this Plan as appropriate. Of paramount importance is the goal of providing users with accurate, timely and useful information. This Plan provides a "roadmap" for achieving these objectives.

Appendix I -1

Project Name:

Project Manager:

Total Estimated Cost:

Project Description:

The objective of this project is to extend accomplishments realized with implementation of a real property model, which accounts for land, buildings and structures, into the area of personal property. The initial focus will be on significant categories of personal property from a materiality perspective including security equipment and vehicles.

The Department’s Standard General Ledger (SGL) is the primary source of information for financial statement preparation. However, it is not currently the sole source. Reliance has been placed on data produced by mixed financial systems that are not integrated and often require adjustments. DOS has implemented Momentum Fixed Assets System to account for real property previously maintained on supplemental spreadsheets. Data from the Fixed Assets System automatically updates the SGL accounts for property, plant, and equipment, enhancing the reliability and timeliness of data maintained in the SGL and making it the primary source for this information.

Phase II of the Fixed Assets initiative focuses on improving the accounting for personal property using the Fixed Assets System above. Interfaces will be developed between the Fixed Assets System and the AVIS (vehicles), NEPA (personal property), and PAMS (security equipment) property systems that State uses to manage personal property. Logic will be developed to read text files via e-mail from AVIS, NEPA and PAMS posts and offices. A standard file format will be developed for use by the new interface to Momentum Fixed Assets. The interface will create transactions that update the CFMS General Ledger. The new interface will facilitate the reliability and timeliness of accounting for property by recording the acquisition cost of property, or net book value/fair market value for donated, transferred or surplus items. Momentum Fixed Assets will also calculate depreciation and gains and losses on sales of assets

Momentum Fixed Assets will initially be populated with personal property data stored in the existing Access database. Conversion software will be developed to automate this process.

Key Milestones:

Appendix I – 2

$744,000
Tom Allwein
Fixed Assets System: Phase II- Personal Property
State must always be prepared to deal with a broad range of crises. The nature of these crises ranges from natural disasters to political instability to terrorist attacks. State must take steps to minimize the impact of such crises on U.S. citizens both domestically and overseas, and our national interests. The readiness of FMP’s financial business processes and financial management systems must be ensured should any of our business centers be faced with such crises.

Requirements Analysis

Complete

Data Conversion

October 2001

Develop Momentum Personal Property to CFMS Interface

November 2001

Conduct Working Sessions

December 2001

Develop NEPA/PAMS/AVIS Standard Interface To Momentum/Fixed Assets System

December 2001

User Training and Procedures

January 2002

Production Simulation Testing

February 2002

Production Implementation

March 2002

Post Implementation Review

April 2002

Project Name:

Project Manager:

Total Estimated Cost:

Project Description:

The Department of State has procured a financial software application for mandated federal reporting requirements to the Department of the Treasury and the Office of Management and Budget (OMB). The Department of State is a Federal agency that must comply with the Chief Financial Officers Act (as amended), Government Performance and Results Act of 1993 (GPRA), the Government Management Reform Act of 1994 (GMRA), the Federal Financial Management Improvement Act of 1996, the Statements of Federal Financial Accounting Standards and OMB Circular A-34. To meet these requirements and Treasury mandated FACTS II reporting, the Department is acquiring two software products, Hyperion Enterprise and Hyperion Essbase, including installation, consulting support and user and systems administrator training courses.

Once implemented, the software will: (1) fulfill the FACTS II reporting requirements mandated by the Department of the Treasury; (2) provide the capability of transmitting an electronic file of financial and budgetary information to the Department of the Treasury and the Office of Management and Budget; (3) simplify the compilation, consolidation and reporting of financial statements; (4) improve the timeliness of the financial reporting process; (5) facilitate the production of annual and interim financial statements; and (6) enhance the Department’s financial analysis capabilities. Hyperion Enterprise will provide the capability for the Department to collect, consolidate and report it’s financial results and will enhance the Department’s analysis and planning capabilities. Hyperion Essbase provides the internal database structure to accept Hyperion Enterprise data and allow for the export of the Treasury required file formats to Treasury’s Federal Agencies Centralized Trial Balance System (FACTS II).

The project will consist of the following phases for both Hyperion Enterprise and Hyperion Essbase: planning and requirements analysis, installation, design, development, testing, implementation and post implementation review. The project will start in June 2001, and is scheduled for completion by November 2002.

Key Milestones:

Appendix I - 3

$825,000
Troy Scaptura
Financial Reporting Software

Hyperion Enterprise:

 

Planning and requirements analysis

Complete

Installation

Complete

Design – define reports, calculations, input formats and models

Complete

Development

Complete

Testing and acceptance

November 2001

Implementation

November 2001

Post-implementation review

January 2002

Hyperion Essbase:

 

Planning and requirements analysis

April 2002

Installation

April 2002

Design – define reports, calculations, input formats and models

May 2002

Development

June 2002

Testing and acceptance

August 2002

Implementation

October 2002

Post-implementation review

November 2002

Project Name:

Project Manager:

Total Estimated Cost:

Project Description:

To be compliant with the Federal Financial Management Improvement Act of 1996, State will enhance the interface between the overseas financial systems and CFMS to increase the frequency and level of detail. The current interface submits data at a summary level on a monthly basis, which resulted in abnormally high rejection rate. As a first step, the frequency of submission will be increased from monthly to weekly with the ability to move to daily submissions if the need arises. But the heart of the new re-engineered interface lies in the extraction of overseas transactions at the accounting line level of detail and the creation of transaction category documents in CFMS to record the accounting impact of the overseas transactions. The creation of a transaction at the accounting line level of detail for the overseas transactions enables the synchronization of available fund balances and standard general ledger accounts for overseas allotments in RFMS and CFMS. It also provides an adequate level of detail based on available information from the posts to provide assurance, track discrepancies, and meet internal and external reporting requirements

Key Milestones:

Appendix I -4

$1,435,000
Howard Crawford
Enhanced Interfaces

Functional and technical requirement analysis

Complete

System design

Complete

System development

Complete

Testing

October 2001

Initial Implementation

November 2001

Refinements to the interface

September 2002

Project Name:

Project Manager:

Total Estimated Cost:

Project Description:

The Department of State does not presently meet the full requirements of the Government Performance and Results Act (GPRA) to prepare, present and defend strategic, performance-based plans and budgets to the President and the Congress. Nor can the Department evaluate its success or failure in accomplishing its program goals and objectives based on quantitative and qualitative performance measures that link resources to program activities. While many of the ingredients necessary for performance management are available, such as strategic and performance plans and budgetary resources tracking to strategic goals, there is no single system that links performance goals to budgets and budgets to performance management and accountability. The Central Financial Planning System’s vision is to consolidate the strategic planning and budgeting processes for State bureaus and posts together with other foreign affairs agencies into a single system of management information.

A review of existing accounting processes and system requirements will enable management to attain a desired level of reporting for cost information and determine how expenditure information can be associated with strategic goals and specific program outputs. Once these elements are identified and system requirements defined, system functionality will be designed. System development, testing and implementation will follow. CFPS will allow for assignment of direct and indirect costs to arrive at total costs for the specific level defined by management consistent with the Statement of Federal Financial Accounting Standards Number 4, "Managerial Cost Accounting Concepts and Standards for the Federal Government."

Key Milestones:

$4,300,000
Jim Millete/Alan Evans
Central Financial Planning System

Project approval and initial funding

Complete

Contract award for requirements and business model development

Complete

Functional and technical requirements developed

Complete

Develop business model concept

November 2001

Design data model

January 2002

Conduct gap analysis of requirements to existing systems

March 2002

Develop system

October 2002

Implement at test posts

December 2002

Implement worldwide

April 2003

Appendix I – 5

Analysis and Design

Complete

Develop Disbursing Software

Complete

Complete Disbursing IV&V

Complete

Update RFMS Software, Documentation and Procedures

Complete

Identify and Develop RFMS Software Components

Complete

Perform IV&V Testing

Complete

Implement RFMS/Disbursing

Complete

Integration Testing

Complete

Production Simulation

Complete

Parallel Testing

October 2001

Implement Pilot Post (Embassy Lima)

November 2001

Implement FSC Paris - serviced post

May 2002

Implement worldwide

September 2003

Appendix I - 6

Project Name:

Project Manager:

Total Estimated Cost:

Project Description:

State must take steps to minimize the impact of crises on U.S. citizens both domestically and overseas, and our national interests. Within FMP, the readiness of FMP’s financial business processes and financial management systems must be ensured should any of our business centers be faced with such crises.

Business Continuity and Contingency Plans (BCCP) provide (1) procedures to protect information resources and minimize the risk of unplanned interruptions, and (2) a plan to recover critical operations should interruptions occur. To determine whether recovery plans will work as intended, they should be tested periodically in disaster simulation exercises. Requirements for these plans are outlined in GAO’s Federal Information System Controls Audit Manual (FISCAM). The existence and completeness of these plans is a subject of audits of the Department’s financial statements and computer security reviews.

Several efforts are underway to establish BCCPs for our domestic and overseas financial environments. On the domestic front, additional steps undertaken by the Bureau of Information Resource Management (IRM) will ensure a seamless and transparent backup capability between its mainframe resources in the Harry S Truman Building and the Beltsville Information Management Center. Mainframe resources support the State’s American civilian payroll, Foreign Service retirement, and core accounting systems.

For our Regional Financial Service Centers in Charleston and Bangkok, a Continuity Risk Assessment was completed in September 2000 and is being used as a roadmap for Charleston and Bangkok to establish limited business continuity capabilities for critical financial operation activities, e.g., payroll and disbursing. As part of the effort to 1) consolidate all FSC Paris financial operations into FSC Charleston and FSC Bangkok and 2) establish the new Regional Financial Management System in FSC Charleston and FSC Bangkok, a comprehensive BCCP will be established.

FMP, in association with IRM as developer of several of FMP’s financial management systems, will begin an assessment of the contingency plans developed for the Year 2000 (Y2K) activities to determine our current situation. These plans will be assessed using the FISCAM requirements. Based on this assessment, a plan will be formulated for the development of BCCP documents in support of domestic and overseas operations. The plan will take into account the criticality and sensitivity of FMP business processes, current vulnerabilities, and current systems development efforts. It will be conducted by

State IT staff and therefore have no funding requirements. As part of the Department’s efforts in certifying and accrediting all enterprise-wide systems in accordance with PDD 63, resources will validate that BCCPs exist and are tested on a periodic basis. Funding has been provided to establish this function in IRM. Additional funding will be required for the program bureaus to establish and test BCCPs.

The development of Business Continuity and Contingency Plans will begin in FY 2002 with their development and testing estimated to be completed in FY 2003. Estimated costs for the development of business continuity plans and facilities are $1,000,000 in FY 2002 and $1,000,000 in FY 2003.

Key Milestones:

[end]

$2,000,000
System Contingency Plans - Alan Evans
Business Operations Continuity Plans - TBD
Business Continuity and Contingency Plans

100% Mainframe Backup capability between Truman Building and BIMC

Complete

RFMS Contingency Plan

April 2002

FSN Payroll Contingency Plans

July 2002

Business Operations Continuity Plans – Developed as part of the consolidation of FSC Paris and Washington financial operations in FSC Charleston

September 2003

Project Name: Regional Financial Management System (RFMS)

Project Manager:

Total Estimated Cost:

Project Description:

RFMS will replace the two legacy overseas financial systems in operation at the Charleston, Bangkok, and Paris FSCs with one system that's compliant with applicable Joint Financial Management Improvement Program (JFMIP) core system requirements. FMP's long term financial management strategy calls for improvements in both business practices and systems with the ultimate goal being a single integrated financial system through data standardization, common business processes, and seamless exchange of information among the Department's financial management and administrative environments. The project consists of two large subprojects: (1) custom development of Disbursing, and (2) the integration of Disbursing and other DoS financial systems with American Management Systems' Momentum Financials, a COTS accounting system.

The project will implement the COTS package Momentum with minimal customization in conjunction with a custom developed Disbursing system to support State’s regional overseas financial business processes. In several areas, State will modify its business practices to match Momentum functionality. Strategically, RFMS will help State modernize a regional cross-servicing function that State has performed for USG overseas missions for nearly 40 years. This has evolved and been optimized over time from finance and disbursing at every post, to performing those functions at 23 large post-based Financial Management Centers, and currently to three (3) regional FSCs, and ultimately will be consolidated to two (2) FSCs. RFMS will support and facilitate this business process improvement and modernization.

The new platforms that RFMS will operate under will be faster and cheaper to operate. The desktop interface to RFMS will be more intuitive and easier to operate. With RFMS fully implemented, the FSCs will use a common system with common processes. Financial data will be compatible and consistent between the FSCs and the Central Financial Management System in Washington.

Key Milestones:

$43,937,000
Alan Evans

In response to the findings of two vulnerability reviews of State’s network infrastructure, the Department is planning the establishment of a Vulnerability Assessment Working Group that will be charged with analyzing the results of the reviews and developing a risk mitigation plan of action with appropriate milestones. Cost estimates for remediation of network vulnerabilities were not available at the time of release of this plan and their development will also be part of the Working Group’s responsibilities.
State’s overseas financial management systems have a number of limitations that impact the (1) timely recognition of revenue, cash and budgetary resources, (2) carry-forward of prior-year funding (recoveries), (3) tracking of unliquidated obligations, and (4) reconciliation of fund balances with Treasury. These limitations and the interface weakness described above (see Enhanced Interfaces) impair State's ability to produce timely and accurate financial statements and information useful to management.
CFPS will enable the timely and accurate reporting of spending and cost information, and associate that information with budget, strategic goals and program outputs. Implementation of CFPS will promote compliance with A-127 requirements by enhancing systems capability to support the legal and regulatory requirements of the Department, including the Government Performance and Results Act (GPRA) and Managerial Cost Accounting Standards.
State’s Consolidated American Payroll Processing System (CAPPS) and CFMS interfaces to the overseas financial systems maintained by the Financial Service Centers (FSC) were designed many years ago. They contain domestically entered disbursements ("477" records) that need to be matched with obligations established in State’s overseas systems. The interfaces have a number of shortcomings that result in numerous rejections of transactions. Enhancements will focus on reducing transaction rejections to an insignificant level. In addition to the CAPPS and CFMS to overseas interfaces, the overseas interface to CFMS, which was designed in the late 1980s, submits accounting summary level data for overseas-held allotment transactions ("60" records) and detailed transactions for collections and disbursements for domestic-held allotments ("477" records) on a monthly basis. This is an untimely process and the reconciliation between disbursements and obligations results in high rejection rates. The interface between the overseas FSC and CFMS for the "60" records is being totally re-engineered to change the frequency and the level of detail. This will allow financial managers to have up-to-date fund status, revenue data, and obligation status. It will also allow for the matching of payments made domestically against obligations made overseas. Required corrections to systems and/or interfaces began in FY 2001 and will be completed in FY 2002. Estimated cost is $1,435,000. See Appendix I – 3for additional information.
State has procured and is installing financial reporting software to: (1) fulfill the FACTS II reporting requirements mandated by the Department of the Treasury; (2) provide the capability of transmitting an electronic file of financial and budgetary information to the Department of the Treasury and the Office of Management and Budget; (3) facilitate the preparation, consolidation and reporting of interim and annual financial statements; (4) improve the timeliness of the financial reporting process; and (5) enhance the Department’s financial analysis capabilities. The projected completion date of this initiative is November 2002 at an estimated cost of $825,000. See Appendix I - 2 for additional information.
Building on the success of Phase I, a Phase II to State’s asset initiatives focuses on accounting for personal property using the Fixed Assets System. Upon completion, personal property amounts will be reported directly from State’s general ledger. Estimated completion of this project is by April 2002 at an estimated cost of $744,000. See Appendix I – 1for additional information.
 

A: Timely and Useful Information

B: Sole Source of Information

C: Systems Security

D: Business Continuity and Contingency Planning

Completion Date

Estimated Resources (in dollars)

Projects

1. Unliquidated obligation balances
2. Ineffective interfaces
3. Managerial Cost Accounting information
4. Inadequate reconciliation
5. Interim statements

1. SGL not source for financial statements

1. Mainframe access controls vulnerabilities
2. CFMS vulnerability
3. Information Systems Network vulnerability

1. CFMS contingency plan not established
2. Update and test of Paris FSC contingency plan
3. Business continuity plans not comprehensive

  

Mainframe Access Controls Security Projects

 

 

X

 

Complete

 

CFMS Security Improvements

 

 

X

 

Complete

 

CFMS Mainframe Contingency Plan

 

 

 

X

Complete

 

Paris FSC Mainframe Contingency Plan

 

 

 

X

Complete

 

Unliquidated Obligation System and Procedures

X

 

 

 

Complete

 

CFMS Enhancement Projects:

 

 

 

 

 

 

1. Project Cost Accounting System

 

X

 

 

Complete

 

2. Fixed Assets: Phase I – Real Property

 

X

 

 

Complete

 

3. Fixed Assets: Phases II – Personal Property

 

X

 

 

April 2002

$744,000

Financial reporting software

X

   

November 2002

$825,000

Enhanced Interfaces

X

X

  

September 2002

$1,435,000

Central Financial Planning System (CFPS)

X

X

  

April 2003

$4,300,000

Regional Financial Management System (RFMS)

X

X

  

September 2003

$43,937,000

Business Continuity Plans

 

 

 

X

September 2003

$2,000,000

Information Systems Network Security

 

 

X

 

September 2003

TBD

I. Introduction

This Remediation Plan (Plan) fulfills the Department of State’s (State) statutory reporting requirement under the Federal Financial Management Improvement Act of 1996 (FFMIA). FFMIA requires an agency to submit a Remediation Plan when the agency’s financial systems are not in substantial compliance with Federal accounting standards, the United States Government Standard General Ledger (SGL) at the transaction level, or Federal financial management systems requirements. The audit of State’s FY 2000 Financial Statements issued by the Office of Inspector General and concurred with by State management, while free of material misstatements, found that State’s financial management systems were not in substantial compliance with applicable Federal financial management systems requirements. This Plan updates and amends State’s initial FFMIA Remediation Plan filed with OMB in March 2000 in response to State’s determination for fiscal years (FY) 1998 and 1999. As detailed in the Plan, State expects to bring its financial management systems into substantial compliance with the FFMIA by the end of FY 2003. Projects identified in this Plan have been integrated into State’s IT capital planning process. The Bureau of Financial Management and Policy (FMP) has overall responsibility for State’s financial management systems.

II.

Background

In 1996, Congress enacted the FFMIA (Public Law 104-208). FFMIA is intended to improve Federal financial management by ensuring that Federal financial management systems provide reliable, consistent disclosure of financial data in accordance with generally accepted accounting principles and standards. FFMIA requires each agency to implement and maintain systems that comply substantially with (1) Federal accounting standards, (2) the SGL at the transaction level, and (3) Federal financial management systems requirements. FFMIA also requires that agencies determine, in coordination with the Independent Auditor’s Report, whether their systems substantially comply with FFMIA. Agencies that determine that their financial systems do not substantially comply are required to develop a remediation plan and submit the plan to the Office of Management and Budget (OMB).

On January 4, 2001, OMB issued Revised Implementation Guidance for the Federal Financial Management Improvement Act. In doing so, OMB established an overall "litmus" test of FFMIA compliance.

Agencies that can:

  • Prepare financial statements and other required financial and budget reports using information generated by the financial management system(s);
  • Provide reliable and timely financial information for managing current operations;
  • Account for their assets reliably, so that they can be properly protected from loss, misappropriation, or destruction; and
  • Do all of the above in a way that is consistent with Federal accounting standards and the Standard General Ledger

are substantially compliant with FFMIA.

III. Fiscal Years 2000 and 2001 Results

State continued to maintain substantial compliance with two of the three components of FFMIA – Federal accounting standards and the SGL at the transaction level. However, the audit of State’s FY 2000 Financial Statements issued by the Office of Inspector General and concurred with by State management, while free of material misstatements, found that State’s financial management systems were not in substantial compliance with applicable Federal financial management system requirements. To be in substantial compliance with this requirement, OMB implementation guidance indicates that State must substantially:

  1. meet Circular A-127 requirements, including the requirement to support management’s fiduciary role by providing complete, reliable, consistent, timely and useful financial management information,
  2. follow JFMIP’s Federal Financial Management Systems Requirements calling for core financial management systems to support program and financial managers and be able to provide financial information to support internal and external reporting requirements, and
  3. comply with Circular A-130, Appendix III, requiring an adequate level of security to assure systems operate effectively, with appropriate safeguards, and plans to assure continuity of operations.

State recognizes the significance of this substantial noncompliance and made considerable progress during FYs 2000 and 2001 to correct these problems., presents a matrix of the projects identified by State to achieve substantial compliance, the areas of substantial non-compliance they address, their planned completion date, and estimated resources. Presented below is a brief description of those projects included in Figure 1 that have been completed. The Items are presented by area of substantial non-compliance that they address.

Figure 1: Projects Addressing FFMIA System Substantial Non-Compliances



Back to Top
Sign-in

Do you already have an account on one of these sites? Click the logo to sign in and create your own customized State Department page. Want to learn more? Check out our FAQ!

OpenID is a service that allows you to sign in to many different websites using a single identity. Find out more about OpenID and how to get an OpenID-enabled account.