SEC Audit Failure Will Raise the Bar for Government Agencies



  Free preview of Gartner research


The U.S. Securities and Exchange Commission (SEC) has failed an internal audit of its financial controls. This will increase congressional scrutiny of other government agencies.

News Analysis


On 26 May 2005, the U.S. General Accounting Office (GAO) announced the results of an audit showing that the SEC "did not maintain effective internal control over financial reporting." The GAO audit, which is available online at , found "material weaknesses" in the SEC's internal controls, including general IT controls. The GAO announcement closely follows the release of an SEC staff report on the implications of the Sarbanes-Oxley Act ( ), which sets standards for financial reporting.


Only 0.3 percent of U.S.-based companies currently report material weaknesses in IT controls through Sarbanes-Oxley, so the fact that the SEC — the body responsible for regulating the U.S. securities industry — has difficulties in this area is highly significant for government CIOs. The recent SEC staff report on Sarbanes-Oxley contains specific information and recommendations on IT controls, including an acknowledgment that COBIT (Control Objectives for Information and Related Technology) is an appropriate standard for IT controls.

Many industry observers will find the temptation to cast stones at the regulators irresistible. But it is important to remember that under the Tax Accountability Act of 2002, only independent federal agencies such as the SEC are required to undergo an independent audit of internal controls. Most federal government organizations fall under Office of Management and Budget (OMB) Circular No. A-123, "Internal Control Systems," which implements the Chief Financial Officers Act and calls for "self-assessment" of internal controls. The SEC audit will raise congressional awareness of weaknesses in the Chief Financial Officers Act.

Recommendations for U.S. government CIOs and chief financial officers: Prepare for more intense scrutiny of internal controls from congressional oversight committees, the GAO and the OMB.

Analytical Sources: French Caldwell, Gartner Research

Recommended Reading and Related Research

(You may need to sign in or be a Gartner client to access the documents referenced in this First Take.)

© 2005 Gartner, Inc. and/or its Affiliates. All Rights Reserved. Reproduction and distribution of this publication in any form without prior written permission is forbidden. The information contained herein has been obtained from sources believed to be reliable. Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Although Gartners research may discuss legal issues related to the information technology business, Gartner does not provide legal advice or services and its research should not be construed or used as such. Gartner shall have no liability for errors, omissions or inadequacies in the information contained herein or for interpretations thereof. The opinions expressed herein are subject to change without notice.

Not a Gartner Client?

Want more research like this?
Learn the benefits of becoming a Gartner client.

Contact us online



Why Gartner

Gartner delivers the technology-related insight you need to make the right decisions, every day.

Find out more