Return to the USDOJ/OIG Home Page

The Federal Bureau of Prisons'
Control Over Weapons and Laptop Computers

Report No. 02-30
August 2002
Office of the Inspector General


APPENDIX I

AUDIT OBJECTIVES, SCOPE, AND METHODOLOGY

The objectives of the audit were to review the BOPís:† (1) action taken in response to the identification of lost or stolen weapons and laptop computers, and (2) management controls for these types of equipment.†† We performed our audit in accordance with Government Auditing Standards issued by the Comptroller General of the United States and, accordingly, included such tests of the records and procedures that we considered necessary.†

We obtained an understanding of the control environment for weapons and laptop computers from the Property Management Section at the BOP Central Office.† We performed on-site audit work between August 2001 and December 2001 at the following locations:

Bureau of Prisons Central Office
Washington, DC

Federal Correctional Institution Texarkana
Texarkana, TX

United States Penitentiary Lewisburg
Lewisburg, PA

Bureau of Prisons Northeast Regional Office
Philadelphia, PA

Federal Law Enforcement Training Center
Bureau of Prisons Staff Training Academy/Glynco
Glynco, GA

To examine the BOPís action regarding the identification of lost and stolen weapons and laptop computers, we obtained from the Department Security Officer the semiannual theft report submissions as well as additional supporting documents from the BOP Program Security Officer for such losses occurring from October 1, 1999, through June 30, 2001.† In addition, we obtained information from the BOP OIA regarding weapons lost during that same period.† For weapons, we also queried NCIC in November 2001 to determine if the loss had been reported and if the weapon had been subsequently recovered.† We also queried the National Tracing Center maintained by the ATF for further indication of weapon recoveries through subsequent law enforcement activity.

For laptop computers, our objective was to determine if the loss resulted in the compromise of classified or sensitive information, which if divulged could lead to public harm.† This information is based upon the assertions provided; we could not independently verify the sensitivity of the information due to the loss of the machines.

Our audit work included:† (1) reviewing applicable laws, policies, regulations, manuals, and memoranda; (2) interviewing responsible personnel; (3) testing management controls; (4) reviewing property and accounting records (with emphasis on activity since October 1, 1999); and (5) physically inspecting property.† Our tests were performed in the following control areas as they pertained to weapons and laptop computers:

We tested these controls through a judgmental sample from the 20,594 weapons and 2,690 laptop computers reported in the SPMS as of August 27, 2001.† In total, we reviewed 443 items - 206 weapons and 237 laptop computers.† The universe, from which these samples were taken, by location, is detailed in Appendix IV, Table 1.† Our tests included sampling:

The samples described above are delineated by test, property type, and location, in Appendix IV, Tables 3 and 4.† We also reviewed the documentation related to BOP personnel separated between October 1, 1999, and the dates of our site visits to determine if all laptop computers were returned.† Moreover, we reviewed disposal actions initiated between October 1, 1999, and August 27, 2001, to ensure these actions were adequately supported.