-

 



U.S. DEPARTMENT OF LABOR
Employment and Training Administration
Washington, D. C. 20210

CLASSIFICATION

UI/Risk Analysis

CORRESPONDENCE SYMBOL

TEUM

ISSUE DATE

March 25, 1985

RESCISSIONS

 

EXPIRATION DATE

September 30, 1988

DIRECTIVE

:

UNEMPLOYMENT INSURANCE PROGRAM LETTER NO. 42-87

 

TO

:

ALL STATE EMPLOYMENT SECURITY AGENCIES

 

FROM

:

DONALD J. KULICK
Administrator
for Regional Management

 

SUBJECT

:

State Employment Security Agency (SESA) Internal Security Risk Analysis Technical Assistance Guide

 

  1. Purpose. To transmit reissued Documents A-E and a new Section of the Risk Analysis Technical Assistance Guide entitled "Risk Analysis Technical Assistance Guide - Vulnerabilities and Safeguard" (Document F).

  2. References. ET Handbook No. 376; UI Risk Analysis Guidance Documents distributed to SESAs in June 1982; and UIPL NO. 34-87.

  3. Background. Internal security and control in SESA administration of Unemployment Insurance (UI) program operations continues to be important in the area of payment control. One of the first steps taken to address the area of internal security was the issuance of ET Handbook NO. 376 in November 1978.

    Subsequent to the distribution of the ET Handbook, guidance has been issued to the SESAs regarding strengthening internal controls in the UI program, most recently in UIPL No. 34-87.

    SESAs need to continue to strengthen the UI internal security program by establishing sound internal security systems and internal controls and should, through UI risk analyses, continue to review the susceptibility of the UI program to loss by fraud, waste, abuse or unauthorized use. A UI risk analysis is a major task that should be conducted at least once every three years or when major system changes occur.

    In June 1982, with contractor assistance, Risk Analysis Guidance Documents were developed and distributed to all SESAs. Training on the use of the methodology, forms and appendices was offered in seminars conducted at that time for SESA Internal Security Unit staff.

  4. New Section of the Risk Analysis Technical Assistance Guide Entitled "Vulnerabilities and Safeguards". Drawing upon their expertise and experience in assisting SESAs in conducting risk analyses, EDP Audit Controls, Inc. has updated the original Risk Analysis Documents by adding a new document entitled "Vulnerabilities and Safeguard", making the documents more SESA UI specific.

    The Risk Analysis Documents previously furnished to all SESAs and provided here as Technical Assistance Guide Documents A-E, as well as the new Document F and the methodology contained therein, are intended to be used solely as a technical assistance guide at the SESA's discretion in the conduct of risk analyses. Such risk analyses may be completed as a separate review or as a part of an overall audit of agency operations, as established in OMB Circular No. A-128.

    Documents A-F are included with this transmittal.

  5. Action Required. SESA Administrators should ensure that the Risk Analysis Technical Assistance Guide Documents A-F are distributed to the appropriate staff.

  6. Inquiries. Refer all questions to the appropriate Regional Office.

  7. Attachment. Internal Security Risk Analysis Technical Assistance Guide