The Securities and Exchange Commission has not implemented effective information system controls to protect sensitive data according to a searing report from the Government Accountability Office. As part of its 2004 audit of the SEC's financials, the GAO assessed the effectiveness of the regulator's controls within its information systems -- the barriers that protect the confidentiality and availability of sensitive financial data. The auditor general found that the commission had not implemented "with any consistency," electronic access controls including user accounts, passwords and network security. Additionally, the GAO unearthed weaknesses in other information system controls including physical security and segregation of computer functions. As a result, sensitive data such as payroll, personal information and financial transactions, were at risk for unauthorized access or disclosure. The office recommended that the SEC chair William Donaldson direct his CIO to bolster its agency-wide security program. The SEC said that "significant progress" was already being made to address the failings.
-
The Internal Revenue Service's criminal investigators have been on the lookout for tax evasion by businesses that don't pay employment taxes.
April 19 -
The Internal Revenue Service previewed a draft form for crypto brokers for reporting on the proceeds of digital asset transactions to their customers.
April 19 -
Seventeen percent of comment forms in 2021 and 2022 contained auditor evaluation deficiencies, according to the PCAOB.
April 19 -
KPMG enters $1.1 million partnership with Women's Health Access Matters; UHY releases nonprofit trends report; and more news from across the profession.
April 19 -
Plus, LeaseCrunch announces webinar on lease changes and remeasurements; and other accounting technology updates.
April 19 -
While still a minority in the accounting world, remote partners offer unique benefits amid talent shortages.
April 19