All Reports

We reviewed the effectiveness of PBGC’s governance of internal control, with emphasis on the entity-wide risk assessment and resulting impact on PBGC’s internal control testing according to applicable laws, regulations and guidance. We found information and communication within PBGC’s internal control framework could be improved if the Internal Control Committee’s responsibilities were clarified and fulfilled. We further found that opportunities exist to improve PBGC’s process for conducting risk assessments and using the results.

As required by the IPIA, as amended, we reviewed PBGC's compliance with IPIA’s requirements. The Corporation has taken action to comply with all applicable requirements established in OMB Circular A-123, Appendix C. We concur with PBGC's assessment that payments to Benefit Payments and Premium Refunds were not susceptible to significant improper payments. In addition, we found areas of opportunity for PBGC to improve their payment recapture audit program.

During the audit, our independent public accountant, CliftonLarsonAllen LLP, identified certain matters related to PBGC's internal control and operations that while significant were not of sufficient magnitude to impact the financial statement opinion and were not included in the report on internal control dated November 13, 2015 (AUD-2016-3/ FA-15-108-3). This management letter summarizes CliftonLarsonAllen's findings and recommendations regarding these matters and includes the status of prior years' management letter recommendations.

This narrative report is a follow-up to our FY 2015 Federal Information Security Modernization Act (FISMA submission) to OMB FA-15-108-4 to provide findings and recommendations related to PBGC's information security program.PBGC made significant progress in addressing the security weaknesses noted in prior years. Prior year information security material weaknesses have been downgraded to significant deficiencies in the FY 2015 financial statement internal control report; however, much work remains to continue progress in correcting these deficiencies.

During the financial statement audit, we assessed the PBGC information security infrastructure for technical weaknesses in PBGC’s computer systems that may allow employees or outsiders to cause harm to, and/or impact, PBGC’s business processes and information. Critical and High severity vulnerabilities increased from prior years. Moreover, the agency must better prepare for end‐of‐service‐life transition. This report includes six recommendations.

The Office of Inspector General issued the audit of PBGC's Financial Statement Closing Package for Fiscal Year 2015 and 2014.The financial statements and accompanying notes contained in the closing package were prepared for the purpose of complying with the requirements of the U.S. Department of the Treasury's Financial Manual (TFM) Volume I, Part 2, Chapter 4700 solely for the purpose of providing financial information to the U.S. Department of the Treasury and U.S. Government Accountability Office to use in preparing and auditing the Financial Report of the U.S.

We contracted with CliftonLarsonAllen LLP, an independent public accounting firm, to perform an evaluation and review of PBGC’s information and technology (IT) security required by the Federal Information Security Management Act (FISMA). PBGC has made progress in addressing conditions reported in previous years. Please see OIG’s Report on Internal Controls Related to the Pension Benefit Guaranty Corporation's Fiscal Year 2015 and 2014 Financial Statements Audit.

The Office of Inspector General issued an audit of the internal controls over financial operations for the Single-Employer and Multiemployer Program Funds administered by the Pension Benefit Guaranty Corporation (PBGC).This report provides a more detailed discussion of the specifics underlying the adverse opinion on internal control over financial reporting reported in the internal control section of the combined Independent Auditor's Report dated November 13, 2015 (AUD-2016-2/FA-15-108-2).