The Drug Enforcement Administrationís Control Over Weapons and Laptop Computers Follow-Up Audit

Audit Report 08-21
March 2008
Office of the Inspector General

Appendix I
Objectives, Scope, and Methodology


We conducted this follow-up audit of the DEA’s control over weapons and laptop computers. The purpose of the follow-up audit was to assess whether adequate corrective action had been taken on findings and 22 recommendations in the August 2002 audit report. Those recommendations stated that the DEA should:

  1. reiterate to all DEA employees the guidelines for the security, safety, and storage of weapons as outlined in the DEA firearms policy;

  2. reiterate to all DEA employees the policy for reporting losses of DEA property as outlined in the DEA firearms policy;

  3. provide semiannual Department Theft Reports for the reporting periods from July 1 to December 31, 1999, and January 1 to December 31, 2000;

  4. ensure the timely and complete submission of future semiannual Department theft reports;

  5. ensure that the lost, missing, or stolen weapons are promptly entered into the NCIC;

  6. ensure that appropriate action is taken on laptop computers that are subsequently determined to be lost, stolen, or missing as a result of the reconciliation of the property inventory;

  7. ensure that a perpetual list of lost, stolen, or missing laptop computers is maintained and that notifications and investigative procedures are performed;

  8. develop internal controls, operating manuals, audit trails, and system requirements appropriate to ensure the reliability of inventory data in the weapons database;

  9. ensure that a valid inventory is available to all Property Custodial Assistants based on the completed reconciliation of the Fixed Asset Subsystem inventory records to correct the problems created from the conversion the old M-204 system;

  10. integrate the DEA’s financial system with the property management systems so that the inventory is routinely updated in a timely manner when a weapon or laptop computer is purchased;

  11. ensure that all purchases are entered in a timely manner into the Fixed Asset Subsystem inventory;

  12. ensure that employees who receive shipments of weapons do not have access to the weapons database;

  13. record in the Fixed Asset Subsystem the names of the individuals who are accountable for laptop computers instead of the Property Custodial Assistants;

  14. ensure Property Custodial Assistants maintain adequate property records to show current assignment of laptop computers;

  15. ensure that field division level Property Custodial Assistants are advised in a timely manner by DEA headquarters of purchases and transfers of property items that pertain to their division;

  16. ensure that hand receipts for transfers are used throughout the DEA;

  17. ensure that details such as property descriptions, DEA property numbers, and weapon serial numbers are included on Employee Clearance Records;

  18. ensure that updates to the property system are made in a timely manner;

  19. ensure that the physical inventory of weapons is performed annually as required by DEA headquarters;

  20. segregate the duties of staff who take physical inventories, perform reconciliations, and modify the property management system;

  21. ensure that inventories are validated as required for each unit within DEA headquarters; and

  22. ensure that confirmations from law enforcement entities are received and forwarded to the Firearms Training Unit when weapons are excessed.

Overall, the DEA agreed with these recommendations and stated that it had taken steps to address them. As of April 20, 2005, all recommendations had been closed.

We performed the follow-up audit in accordance with the Government Auditing Standards and included such tests of the records and procedures that we considered necessary. Our testing covered the period between January 1, 2002, and June 30, 2007.

We obtained an understanding of the control environment for weapons from DEA management at the Firearms Training Unit located in Quantico, Virginia, which is responsible for the overall management of the weapon property system for all DEA weapons. We obtained an understanding of the control environment for DEA laptop computers from the Property Management Unit located at DEA headquarters. We performed on-site audit work between May 2007 and July 2007 at DEA headquarters’ offices and the Firearms Training Unit. We conducted on‑site audit work between July 2007 and August 2007 at the DEA field division offices in Chicago, Illinois; Denver, Colorado; Houston, Texas; Los Angeles, California; Miami, Florida; and New York, New York.

To examine the DEA’s efforts to identify lost and stolen weapons and laptop computers, we obtained a list of all such losses that occurred since January 1, 2002, and reviewed the available files and the circumstances surrounding those losses. We also obtained DOJ Semiannual Reports of lost or stolen property that were submitted to the DOJ Security Officer. For lost or stolen weapons, we queried NCIC to determine if information on the lost property was entered in the NCIC database.

In addition to the testing detailed above, we: (1) reviewed applicable laws, policies, regulations, manuals, and memoranda; (2) interviewed appropriate personnel; (3) tested internal controls; (4) reviewed property and accounting records (with an emphasis on activity since January 1, 2002); and (5) physically inspected property. We tested internal controls pertaining to weapons and laptop computers in the following areas:

We tested these controls through a sample from the DEA’s 14,449 weapons and 7,381 laptop computers reported in the corresponding inventory records as of April 2007. In total, we reviewed 7,306 items, including 4,299 weapons and 3,007 laptop computers. Details about the universe from which these samples were taken and about the samples themselves may be found in Appendix VIII. Our tests also included the following:

We also reviewed the documentation at field site locations where we conducted our sample testing to determine if all weapons and laptop computers were returned. Moreover, we reviewed disposal actions initiated between January 1, 2002, and February 28, 2007, to ensure these actions were adequately supported.

« Previous Table of Contents Next »