Audit Reports

-A A +A
skip-to-content

Quality Control Review of the Controls over DOT’s Enterprise Services Center

Required by the Office of Management and Budget’s Bulletin No. 08-24, Audit Requirements for Federal Financial Statements
Project ID: 
QC2017074
This report presents the results of our quality control review (QCR) of KPMG LLP’s report on the Enterprise Service Center’s (ESC) description of its system and the suitability of the controls’ design and operating effectiveness. KPMG conducted its attestation engagement in accordance with the American Institute of Certified Public Accountants’ Statement on Standards for Attestation Engagements Number 18, Office of Management and Budget (OMB) requirements, and generally accepted Government auditing standards. OMB requires ESC, as a management services provider, to either provide its user organizations with independent audit reports on the design and effectiveness of its internal controls, or allow user auditors to perform tests of its controls. To meet this requirement for the period of October 1, 2016, through June 30, 2017, we contracted with KPMG.
 
KPMG found that: (1) ESC’s description of its controls fairly presents the system that was designed and implemented throughout the period of October 1, 2016, through June 30, 2017; (2) the controls related to the control objectives stated in the description were suitably designed to provide reasonable assurance that the control objectives would be achieved if the controls operated effectively throughout the period of October 1, 2016, through June 30, 2017, and user entities applied the complementary controls assumed in the design of ESC’s controls throughout the period October 1, 2016, through June 30, 2017; and (3) the controls operated effectively to provide reasonable assurance that the control objectives stated in the description were achieved throughout the period October 1, 2016, through June 30, 2017, if complementary user entity controls, assumed in the design of ESC’s controls, operated effectively throughout the period October 1, 2016, through June 30, 2017. Our QCR disclosed no instances in which KPMG did not comply, in all material respects, with generally accepted Government auditing standards.
 
The quality control review and attachments have been marked as For Official Use Only to protect sensitive information exempt from public disclosure under the Freedom of Information Act, 5 U.S.C. § 552. To receive a copy of the report, please contact our Freedom of Information Act Office.

Recommendations

Open

Closed

Closed on 12.06.2017
Sensitive
No. 1 to OST

Sensitive information redacted

Closed on 12.06.2017
Sensitive
No. 2 to OST

Sensitive information redacted

Closed on 09.11.2017
Sensitive
No. 3 to OST

Sensitive information redacted

Closed on 09.11.2017
Sensitive
No. 4 to OST

Sensitive information redacted

Closed on 11.26.2018
Sensitive
No. 5 to OST

Sensitive information redacted

Closed on 09.11.2017
Sensitive
No. 6 to OST

Sensitive information redacted

Closed on 11.26.2018
Sensitive
No. 7 to OST

Sensitive information redacted

Closed on 03.29.2019
Sensitive
No. 8 to OST

Sensitive information redacted

Closed on 11.26.2018
Sensitive
No. 9 to OST

Sensitive information redacted

Closed on 09.12.2017
Sensitive
No. 10 to OST

Sensitive information redacted

Closed on 11.26.2018
Sensitive
No. 11 to OST

Sensitive information redacted

Closed on 11.26.2018
Sensitive
No. 12 to OST

Sensitive information redacted