BILL ANALYSIS ��
AB 661
Page 1
Date of Hearing: April 3, 2013
ASSEMBLY COMMITTEE ON ACCOUNTABILITY AND ADMINISTRATIVE REVIEW
Jim Frazier, Chair
AB 661 (Beth Gaines) - As Amended: March 18, 2013
SUBJECT : State Government: FISMA
SUMMARY : Adds posting, reporting, and guidance requirements
under the Financial Integrity and State Manager's Accountability
Act of 1983 (FISMA) and sets consequences for noncompliance.
Specifically, this bill :
1)Requires posting the biennial internal review reports (FISMA
reports) on the agency's systems of internal accounting,
administrative control, and monitoring practices on the
agency's web site within 5 days of finalization.
2)Requires the head of the agency to sign off on the FISMA
reports under penalty of perjury.
3)Suspends the head of the agency without pay if the reports are
not submitted within 30 days of their due dates. The
suspension would end after the agency complies.
4)Requires the agency's head of internal audits or designated
internal control person who has reasonable cause to believe
false or misleading information was provided during the
preparation of the FISMA report to notify the Department of
Finance and Joint Legislative Audit Committee in writing of
this concern.
5)Requires the Director of the Department of Finance, when
providing agencies with guidance about conducting FISMA
reports, to specify that the framework shall include auditing
of the agency's assets, liabilities, revenues, and
expenditures, as well as reconciliation of accounting and
budget documents reported to the Department of Finance and the
Office of the Controller.
EXISTING LAW : FISMA requires state agencies to maintain
effective systems of internal accounting and administrative
controls as an integral part of its management practices. In
each odd-numbered year, agencies must prepare a FISMA report on
the adequacy of the agency's systems of internal accounting,
administrative control, and monitoring practices in accordance
with the guidance prepared by the director of Finance.
FISCAL EFFECT : Unknown
�
AB 661
Page 2
COMMENTS : State agencies are required to submit FISMA reports
to the Legislature, State Auditor, Controller, Treasurer,
Attorney General, Governor, Director of Finance, and State
Library every other year. These reports are created by the
agency's internal auditor or designated internal control person
to review systems of internal accounting, administrative
control, and monitoring practices.
The reports are required to present material inadequacies or
material weaknesses in agencies' systems of internal controls.
In addition to identifying concerns, they include responses from
the agencies about issues discovered during the reviews.
The author presented this bill in response to recent scandals
related to state agencies' finances. According to the author's
background information, "over many years FISMA reports were
filed and no one spotted these clearly illegal misuses of state
funds."
This bill would require a posting of FISMA reports on agency web
sites within days of their completion. Such postings are not
required. However, Finance's February 2013 audit memo that
provides guidance related to FISMA reporting encourages agencies
to post their most recent FISMA reports on their websites. While
some agencies have posted FISMA reports online, it appears as
though most have not posted these reports.
The bill requires agency heads to sign off on FISMA reports
under penalty of perjury. Additionally, it sets consequences if
the FISMA reports are not submitted on time. Specifically, the
head of the agency would be suspended without pay if reports
were not submitted within 30 days of their due dates. The
suspension would end when the agency complied.
Currently, if an agency does not comply with FISMA, the agency's
program budget manager at Finance is notified; the agency is
included in a list that is posted on Finance's website of
departments that are out of compliance; and the Office of State
Audits and Evaluations will work with Finance and the agency to
ensure the agency complies with FISMA in the next reporting
cycle.
In addition to changing the consequences for FISMA reporting
noncompliance, this bill directs Finance to specify that the
�
AB 661
Page 3
FISMA report framework shall include auditing of the agency's
assets, liabilities, revenues, and expenditures, as well as
reconciliation of accounting and budget documents reported to
the Department of Finance and the Office of the Controller.
These changes would significantly alter FISMA reports and
increase the work necessary to complete them. Finance's
"Required FISMA Report Components" document states what elements
of the report are required. Required elements include an
introduction, background, risk assessment, evaluation of risks
and controls, vacant positions, and conclusion. A key aim of
this report is to identify risks as well as ways to resolve or
mitigate them.
REGISTERED SUPPORT / OPPOSITION :
Support
None on File
Opposition
None on File
Analysis Prepared by : Scott Herbstman / A. & A.R. / (916)
319-3600