Summary

This report presents the results of our quality control review (QCR) of KPMG LLP’s report on the Enterprise Service Center’s (ESC) description of its controls system and the suitability of the controls’ design and operating effectiveness. KPMG conducted its attestation engagement in accordance with the American Institute of Certified Public Accountants’ Statement on Standards for Attestation Engagements Number 16, and Office of Management and Budget (OMB) requirements, and generally accepted Government auditing standards. OMB requires ESC, as a management services provider, to either provide its user organizations with independent audit reports on the design and effectiveness of its internal controls, or allow user auditors to perform tests of its controls. To meet this requirement for the period of October 1, 2015 through June 30, 2016, we contracted with KPMG.

KPMG found that: (1) in all material respects, from October 1, 2015, through June 30, 2016, ESC’s description of controls fairly presented ESC’s implemented system; (2) the controls were suitably designed to provide reasonable assurance that their objectives would be achieved if they operated effectively throughout the period; and (3) the controls tested, which were those necessary to provide reasonable assurance that the control objectives were achieved, operated effectively throughout the period. Our QCR disclosed no instances in which KPMG did not comply, in all material respects, with generally accepted Government auditing standards.

The quality control review and attachments have been marked as For Official Use Only to protect sensitive information exempt from public disclosure under the Freedom of Information Act, 5 U.S.C. § 552. To receive a copy of the report, please contact our Freedom of Information Act Office.