Advanced Computing Environment / Upgrading The Infrastructure
The Advanced Computing Environment (ACE) is a comprehensive lifecycle management system that standardized hardware and software and allows for more efficient, centralized user support. ACE II upgrades are gradually replacing ACE units with hardware that offer more memory and improved logon times, and can be restored by the user if data or programs become impaired. Deployment began in 2007 and will continue for two years.
The Postal Service has implemented significant controls over its computer equipment and data. Policy places limitations on the use of non-postal devices to access the Postal Service Intranet or to store Postal Service information. Stricter guidelines that limit the assignment of laptop computers to employees have been issued.
The Postal Service upgraded its computing infrastructure by implementing 10,236 upgrades to the wide area network in 2007. In addition to these upgrades, 15,022 smaller facilities have had dial-up service upgraded to broadband.
The personal digital assistant (PDA) system continues to provide remote communications capability to postal employees, including Continuity of Operations team members, even when Postal Service facilities are without power or shut down. Starting in 2008, all 6,863 users nationwide will receive an updated PDA device that will dramatically cut costs by leveraging pooled cell minutes.
Enterprise Data Warehouse
The Enterprise Data Warehouse (EDW) began as a repository for key retail information and transactions and is today the integrated source of information on retail, financial and operational performance, serving thousands of users each day. Enhancements made in 2006 are now enabling greater cross-functional analysis. In 2008, the Postal Service will focus on methods to push critical information to decision-makers and generate exception reports and alerts, rather than standard status reports.
SECURITY AND EMERGENCY PREPAREDNESS
To prevent incidents and mitigate risks, area security personnel and postal inspectors conducted more than 9,000 security assessments and reviews at postal facilities nationwide. The reviews are designed to protect postal employees, customers, assets and reputation. The assessments range from reviewing compliance with procedures for building and vehicle security, handling accountable mail, and local enforcement of employee identification card requirements, to comprehensive security reviews which include detailed risk assessments. Additionally, inspectors conducted investigations into mail service and security. These Observations of Mail Condition (OMC) reviews were conducted at more than 594 mail processing and 1,158 customer service facilities (delivery units), primarily during the fall and Political Mail campaign seasons.
As part of a global counterfeit initiative, Postal Service investigators arrested 77 people, and intercepted counterfeit checks with a face value of $2.1 billion. The 8-month investigation stopped more than half a million counterfeit checks from being mailed to American victims from Nigeria, the Netherlands, England, and Canada. In addition, the amount of counterfeit Postal Service Money Orders was $45 million less in 2007 than the previous year, as reported by the Federal Reserve Bank. These efforts have played a significant role in keeping hard copy financial instruments in the mail, maintaining the Postal Service’s value as the trusted service for these transactions. The Postal Service, in collaboration with the Alliance for Consumer Fraud Awareness, launched a consumer education campaign with the aim of helping consumers recognize and protect themselves from the various frauds now targeting them.
Comprehensive emergency management plans have been developed and deployed to meet the requirements addressed within the National Incident Management System, the National Response Plan and Homeland Security Presidential Directives. National Preparedness provides an all hazards approach for prevention, preparedness, response, and recovery protective measures towards domestic terrorist attacks, major disasters and other emergencies.
The Postal Service participated in over 215 local and national emergency response tests to assess integration with other emergency response providers and to test local preparedness and Continuity of Operations Plans. Preparedness activities are designed to improve coordination among Postal Service functional areas, to minimize duplication of planning efforts, and to establish a standardized emergency management process within the Postal Service.
During 2007, 40 emergency responses were required due to hurricanes, floods, and other incidents. National Preparedness coordinated the deployment of support equipment and supplies, and assisted with damage assessments and recovery, including hazardous and toxic material removal.
As required by the Postal Act of 2006, the Postal Service must comply with Section 404 of the Sarbanes-Oxley Act (SOX) by the end of 2010. This requires management to report on Internal Controls over Financial Reporting (ICFR) annually and obtain an opinion regarding the effectiveness of ICFR from the Board of Governors’ external audit firm.
There are other sections of SOX in addition to Section 404 with which the Postal Service must comply because they are closely associated with Section 404. Section 302 requires CEO and CFO certification that the financial statements and other financial information included in the quarterly reports fairly present in all material respects the financial condition, results of operations, and cash flows of the Postal Service, and that they are responsible for establishing and maintaining disclosure controls and procedures, as well as Internal Controls for Financial Reporting.
To achieve its goal of compliance by 2010, the Postal Service is following best practices and guidance published by the Public Company Accounting Oversight Board (PCAOB), and the Securities and Exchange Commission (SEC). Accordingly, the Postal Service has established a top-down, risk-based approach to identifying, assessing and reporting internal controls impacting financial reporting. Further, the Postal Service will use the framework established by the Committee of Sponsoring Organizations (COSO), which is approved by the SEC and PCAOB, to assess the components of Postal Service internal control including Control Environment, Risk, Control Activities, Information and Communication, and Monitoring activities within the Postal Service.
The Postal Service achieved several key milestones in its SOX compliance program. These milestones include establishing the SOX Steering Committee and Program Management Office, and completing the Scoping and Planning phase of its compliance program in which it identified the systems and financial business processes that are anticipated to fall within the scope of its SOX efforts. It also targeted financial business processes for business process improvement opportunities. In 2008, the Postal Service will document in-scope processes and identify, evaluate and assess the key internal controls over financial reporting. Internal control design gaps will be noted and addressed, followed by testing and remediation, which will occur principally in 2009.