Review of the United States Marshals Service's Prisoner Tracking System
Report No. 04-29
Office of the Inspector General
The weaknesses identified in our review of select general controls included problems with entity-wide security planning and management. We found that the USMS has not appointed a security manager for PTS and the organization did not ensure that employees receive specialized PTS training either before accessing the system or within a reasonable period thereafter. Weaknesses with segregation of duties occurred because the USMS has not developed and implemented formal operating policies and procedures to guide users in the performance of their duties. Furthermore, the organization has not developed policies to segregate incompatible duties.
We also found that PTS users were not familiar with the USMS's application software development and change control procedures and that the USMS is using outdated programming and database management software to support the PTS, a mission-critical application. We determined that access controls were inadequate because the PTS authorized user list was not properly maintained and physical access controls designed to protect data terminals that process sensitive PTS information were not enforced.
Our review of the PTS's application controls disclosed that controls to properly authorize data and validate transactions were deficient. Specifically, we found that the USMS had not established proper authorization controls or standards for key source documents used to create prisoner records in the PTS. Additionally, supervisory reviews of source documents and transactions were not being performed on a consistent basis to mitigate this condition. We also discovered that audit logs used to recreate events and track user activity were not being kept. Problems with accuracy controls included weaknesses with erroneous data not being collected or reported back to management for investigation or correction. Furthermore, the USMS failed to control system output reports by allowing authorized PTS users to share printers with non-authorized USMS employees.
Deficiencies with completeness controls involved the USMS's failure to enforce its own policy that dictates that a prisoner may not have more than one USMS prisoner number. To complicate matters, the current PTS configuration does not provide for universal computer sequence checking to prevent the assignment of multiple USMS numbers to the same prisoner. In addition, we found that the application did not consistently enforce controls over integrity of processing and data files. We observed that the system allowed concurrent file updates when two users were able to update the same prisoner record at the same time.
Problems were identified with data integrity for the PTS application during our review of prisoner records for completeness and in our checks for accuracy of information contained in system output. We found that prisoner file folders were missing key source documents critical to the record creation process and that the proper documentation needed to substantiate actions taken by USMS personnel was not maintained in the folders.
We consider our findings in the areas of select general controls, application controls, and data integrity to be major weaknesses that pose a high risk to the protection of its data from unauthorized use, loss, or modification. We conclude that the weaknesses with select general controls and application controls occurred because the USMS did not enforce its own policies and did not comply with the Department's policies and procedures, NIST standards, and OMB guidelines. We further conclude that the deficiencies with data integrity occurred because the USMS did not develop and implement formal policies and procedures to guide users in the performance of critical duties, such as creating and updating prisoner records in the PTS. As a result, we found errors and omissions on system output reports that we attributed to the lack of sufficient training and inconsistent practices.
The USMS's reliance on the data within the PTS with inaccurate information could result in over expenditures for reimbursable contracts with private jail facilities. Additionally, the untimely release of a prisoner or the misidentification of a prisoner requiring segregation or protection within the prisoner population also could occur. If not corrected, these weaknesses could impair the USMS's ability to ensure the integrity, confidentiality, and availability of data contained within the PTS.