Federal Bureau of Prisons Annual Financial Statement
Fiscal Year 2005

Audit Report 06-19
March 2006
Office of the Inspector General

Commentary and Summary

This audit report contains the financial statements of the Federal Bureau of Prisons (BOP) for the fiscal years ended September 30, 2005, and September 30, 2004. Under the direction of the Office of the Inspector General (OIG), PricewaterhouseCoopers LLP (PwC) performed the audit, which resulted in an unqualified opinion on the FY 2005 financial statements. An unqualified opinion means that the financial statements present fairly, in all material respects, the financial position and results of operations of the entity. The FY 2004 audit also resulted in an unqualified opinion (OIG Report No. 05 11).

PwC also issued reports on internal control and on compliance and other matters. The auditors identified one reportable condition in the Report of Independent Auditors on Internal Control, which has been reported since the FY 2002 annual financial statement audit. The reportable condition noted that improvements were needed in the BOPís information system controls environment. Specifically, weaknesses were found in the BOPís information security program, access control procedures, and system change control procedures. The auditors also noted improvements were needed in the Department of Justice consolidated information system general controls environment and logical access controls of the Justice Management Divisionís Financial Management Information System (FMIS2) used by BOP as its accounting system. No issues were identified in the Report of Independent Auditors on Compliance and Other Matters.

The OIG reviewed PwCís report and related documentation and inquired of its representatives. Our review, as differentiated from an audit in accordance with U.S. generally accepted government auditing standards, was not intended to enable us to express, and we do not express, an opinion on the BOPís financial statements, conclusions about the effectiveness of internal control, or conclusions on compliance with laws and regulations. PwC is responsible for the attached auditorís reports dated October 31, 2005, and the conclusions expressed in the reports. However, our review disclosed no instances where PwC did not comply, in all material respects, with generally accepted government auditing standards.