Of the 93 recommendations made in a previous report, the U.S. Army Corps of Engineers (CORPs) had completed action on 54 and partially completed or had action plans to correct the remaining 39. The Corps also corrected nine newly identified weaknesses. Continuing and newly identified vulnerabilities involving general and application computer controls continue to impair the ability to ensure reliability, confidentiality, and availability of financial and sensitive data. Such vulnerabilities also increase risks to other Department of Defense networks and systems to which the Corps’ network is linked. Weaknesses in general controls impaired the Corps’ ability to ensure that computer risks are adequately assessed; users have only the access needed to perform their duties; system software changes are properly documented before being placed in operation; and test plans for application changes are formally documented. Application control weaknesses impaired the Corps’ ability to ensure that current and accurate Corps of Engineers Financial Management System (CEFMS) authorizations are maintained; user manuals reflect the current CEFMS environment; and the Corps is effectively using electronic signature capabilities. Authentication controls were not effective to provide reasonable assurance that users’ electronic signatures are valid. Recommendations to help strengthen and improve general and application controls include instructing the chief information officer and the deputy chief of staff for resource management to implement corrective actions to resolve the general and application computer control weaknesses identified in the March 15, 2002, “Limited Official Use Only” report. 2 tables, 13 footnotes, 1 appendix