In accordance with Government Auditing Standards, we audited the FBI's implementation of OIG recommendations related to information technology. In connection with the audit, we reviewed management processes and records to obtain reasonable assurance about the FBI's compliance with laws and regulations that if not complied with, could in our judgment, have a material effect on FBI operations. Compliance with laws and regulations applicable to the FBI's management of IT investments is the responsibility of the FBI's management.

Our audit included examining, on a test basis, evidence about laws and regulations. The specific laws and regulations against which we conducted our tests are contained in the relevant portions of:

• the OMB Circular A-50; and

• the DOJ Order 2900.6A.

Our audit identified areas where the FBI was not in compliance with the laws and regulations referred to above. With respect to those transactions not tested, nothing came to our attention that caused us to believe that FBI management was not in compliance with the laws and regulations cited above.