U.S. Department of State Fiscal Year 2020 Agency Financial Report

The Department’s assessment also relies upon evaluations and assurances under the Federal Managers’ Financial Integrity Act of 1982 (FMFIA), including assessments performed to meet the requirements of OMB Circular A-123 Appendix A. When applicable, particular importance is given to any reported material weakness and material non-conformance identified during these internal control assessments. The Department has made it a priority to meet the objectives of the FFMIA. In its Report on Compliance with Laws, Regulations, Contracts, and Grant Agreements, the Independent Auditor identified instances of substantial noncompliance with Federal financial management systems requirements. The Department acknowledges that the Independent Auditor has noted certain weaknesses in our financial management systems. OMB’s Appendix D provides a revised compliance model that entails a risk-and outcome-based approach to assess FFMIA compliance. In our assessments and evaluations, the Department identified similar weaknesses. However, applying the guidance and the assessment framework noted in Appendix D to OMB Circular A-123, the Department considers them deficiencies versus substantial non-conformances relative to substantial compliance with the requirements of the FFMIA. Nonetheless, the Department is committed to continuing to work to address all identified financial management system deficiencies. F ederal I nformation S ecurity M odernization A ct The Federal Information Security Modernization Act of 2014 (FISMA) requires Federal agencies to develop, document, and implement an agency-wide program to protect government information and information systems that support the operations and assets of the agency. FISMA authorized the Department of Homeland Security (DHS) to take a leadership and oversight role in this effort, created cyber breach notification requirements, and modified the scope of reportable information from primarily policies and financial information to specific information about threats, security incidents, and compliance with security requirements. The Department of State remains committed to adopting the best cybersecurity practices and embedding them into the F ederal F inancial M anagement I mprovement A ct The purpose of the Federal Financial Management Improvement Act of 1996 (FFMIA) is to advance Federal financial management by ensuring that Federal financial management systems generate timely, accurate, and useful information with which management can make informed decisions and to ensure accountability on an ongoing basis. OMB Circular A-123, Appendix D, Compliance with the Federal Financial Management Improvement Act of 1996 , provides guidance the Department used in determining compliance with FFMIA. The Department considered results of OIG and GAO audit reports, annual financial statement audits, and other relevant information. The Department’s annual Federal Information Security Modernization Act Report for 2020 was not available for review due to the Department being granted a 60 day deadline extension. T he Federal Financial Management Improvement Act of 1996 (FFMIA) requires agencies to implement and maintain financial management systems that are in substantial compliance with Federal financial management system requirements, Federal accounting standards, and the U.S. Standard General Ledger at the transaction level. The Department conducted its evaluation of financial management systems for compliance with FFMIA in accordance with OMB Circular A‐123, Appendix D. Based on the results of this assessment, the Department can provide reasonable assurance that its overall financial management systems substantially comply with principles, standards, and requirements prescribed by the FFMIA as of September 30, 2020. Michael R. Pompeo Secretary of State November 16, 2020 F ederal F inancial M anagement I mprovement A ct 36 | U ni ted S tates D epartment of S tate 2020 A gency F inanci al R eport MANAGEMENT’S DISCUSSION AND ANALYSIS | MANAGEMENT ASSURANCES AND OTHER LEGAL COMPLIANCES