Despite financial audits, SSAE 16 reviews, and FISMA evaluation programs, the risk of loss of critical and sensitive program data to hackers is higher than ever. This session will discuss whether the scope of financial audits and other reviews can be enhanced to better identify agency vulnerabilities.