Revisions to the Requirements for Authority To Manufacture and Distribute Postage Evidencing Systems, 56471-56472 [2010-23031]

Download as PDF Federal Register / Vol. 75, No. 179 / Thursday, September 16, 2010 / Rules and Regulations List of Subjects in 33 CFR Part 165 authorized by the Captain of the Port Pittsburgh. (2) Persons or vessels requiring entry into, departure from, or passage through a safety zone must request permission from the Captain of the Port Pittsburgh or a designated representative. They may be contacted on VHF–FM Channel 13 or 16, or through Coast Guard Sector Ohio Valley at 1–800–253–7465. (3) All persons and vessels shall comply with the instructions of the Captain of the Port Pittsburgh and designated on-scene U.S. Coast Guard patrol personnel. On-scene U.S. Coast Guard patrol personnel includes Commissioned, Warrant, and Petty Officers of the U.S. Coast Guard. Harbors, Marine safety, Navigation (water), Reporting and recordkeeping requirements, Security Measures, Waterways. Dated: August 16, 2010. S.T. Higman, Lieutenant Commander, U.S. Coast Guard, Acting, Captain of the Port Pittsburgh. For the reasons discussed in the preamble, the Coast Guard amends 33 CFR part 165 as follows: [FR Doc. 2010–23178 Filed 9–15–10; 8:45 am] PART 165—REGULATED NAVIGATION AREAS AND LIMITED ACCESS AREAS. POSTAL SERVICE 1. The authority citation for part 165 continues to read as follows: Revisions to the Requirements for Authority To Manufacture and Distribute Postage Evidencing Systems (NEPA) (42 U.S.C. 4321–4370f), and have concluded this action is one of a category of actions that do not individually or cumulatively have a significant effect on the human environment. This rule is categorically excluded, under figure 2–1, paragraph (34)(g), of the Instruction. This rule involves establishing, disestablishing, or changing Regulated Navigation Areas and security or safety zones. An environmental analysis checklist and a categorical exclusion determination are available in the docket where indicated under ADDRESSES. ■ BILLING CODE 9110–04–P ■ Authority: 33 U.S.C. 1226, 1231; 46 U.S.C. Chapter 701, 3306, 3703; 50 U.S.C. 191, 195; 33 CFR 1.05–1(g), 6.04–1, 6.04–6, and 160.5; Pub. L. 107–295, 116 Stat. 2064; Department of Homeland Security Delegation No. 0170.1. 2. Add § 165.T08–0723 to read as follows: ■ erowe on DSK5CLS3C1PROD with RULES (a) Location. All waters of the Ohio River, from surface to bottom, from Mile Marker 90.2 to Mile Marker 90.5 on the Ohio River, extending the width of the river. These markings are based on the USACE’s Ohio River Navigation Charts (Chart 1, January 2000). (b) Effective period. This section is effective from 8:45 p.m. through 10:15 p.m. on September 18, 2010 (rain date September 19, 2010). (c) Periods of Enforcement. This section will be enforced from 8:45 p.m. through 10:15 p.m. on September 18, 2010 (rain date September 19, 2010). The Captain of the Port Pittsburgh or a designated representative will inform the public through broadcast notices to mariners of the enforcement period for the safety zone as well as any changes in the planned schedule. (d) Regulations. (1) In accordance with the general regulations in § 165.23 of this part, entry into this zone is prohibited unless 14:00 Sep 15, 2010 Jkt 220001 Postal ServiceTM. ACTION: Final rule. AGENCY: The Postal Service is revising its regulations to require that companies that manufacture and distribute postage evidencing systems (‘‘Company or Companies’’) engage a qualified, independent audit firm to perform an examination of and provide an opinion on the design and operating effectiveness of relevant internal control activities performed by the Companies as service providers to the Postal Service under the Statement on Auditing Standards (SAS) No. 70 (‘‘SAS 70’’). DATES: Effective Date: September 16, 2010. SUMMARY: § 165.T08–0723 Wheeling Heritage Port Sternwheel Foundation fireworks display, Ohio River, Pittsburgh, PA. VerDate Mar<15>2010 39 CFR Part 501 FOR FURTHER INFORMATION CONTACT: Marlo Kay Ivey, Marketing Specialist, Postage Technology Management, U.S. Postal Service, at 202–268–7613. SUPPLEMENTARY INFORMATION: Postage Evidencing Systems are devices or systems of components that a customer uses to print evidence that the prepaid postage required for mailing has been paid. They include, but are not limited to, postage meters and PC Postage systems. The Postal Service regulates these systems and their use in order to protect postal revenue. Only Postal PO 00000 Frm 00005 Fmt 4700 Sfmt 4700 56471 Service–authorized product service providers may design, produce, and distribute Postage Evidencing Systems. The Postal Service published a proposed rule in the Federal Register on June 1, 2010 at 73 FR 30309–30310 to amend the requirements for authority to manufacture and distribute postage evidencing systems. This revision clarifies the internal controls required in 39 CFR 501.15(i), Computerized Meter Resetting System, and 501.16(f), PC Postage Payment Methodology. The internal controls requirement was added as part of a final rule published in the Federal Register on November 9, 2006, at 71 FR 65732. Comments: Two comments were received from the Companies (that manufacture or distribute postage evidencing systems). The first was notification of intent to comply. The second requested that the proposed amendment be modified to allow a Company with qualified internal audit departments, which meets the independence requirements under the Standards for the Professional Practice of the Institute of Internal Auditors (‘‘IIA’’), to utilize its internal audit department to perform the internal controls examination in lieu of engaging an independent audit firm. The Postal Service gave thorough consideration to this comment. While the Postal Service recognizes the IIA as the authoritative body over internal audit activities, SAS 70 (Type II) examinations are subject to the American Institute of Certified Public Accountants (‘‘AICPA’’) professional standards, which impose more stringent independence requirements and a requirement that the examination be performed by a licensed CPA. Therefore, the Postal Service will not modify the proposed amendments as requested and will require the Companies to annually obtain an SAS 70 (Type II) examination of relevant internal controls by a qualified, independent, external audit firm. The Postal Service gave through consideration to the comments it received, and now announces the adoption of the final rule. List of Subjects in 39 CFR Part 501 Postal Service. ■ Accordingly, 39 CFR part 501 is amended as follows: PART 501—[AMENDED] 1. The authority citation for 39 CFR part 501 continues to read as follows: ■ Authority: 5 U.S.C. 552(a); 39 U.S.C. 101, 401, 403, 404, 410, 2601, 2605, Inspector General Act of 1978, as amended (Pub. L. 95– 452, as amended); 5 U.S.C. App. 3. E:\FR\FM\16SER1.SGM 16SER1 56472 Federal Register / Vol. 75, No. 179 / Thursday, September 16, 2010 / Rules and Regulations 2. Section 501.15 is amended by revising paragraph (i) to read as follows: ■ § 501.15 Computerized Meter Resetting System. erowe on DSK5CLS3C1PROD with RULES * * * * * (i) Security and Revenue Protection. To receive Postal Service approval to continue to operate systems in the CMRS environment, the RC must submit to a periodic examination of its CMRS system and any other applications and technology infrastructure that may have a material impact on Postal Service revenues, as determined by the Postal Service. The examination shall be performed by a qualified, independent audit firm and shall be conducted in accordance with the Statement on Auditing Standards (SAS) No. 70, Service Organizations, developed by the American Institute of Certified Public Accountants (AICPA), as amended or superseded. The examination shall include testing of the operating effectiveness of relevant RC internal controls (Type II SAS70 Report). If the service organization uses another service organization (sub-service provider), Postal Service Management should consider the nature and materiality of the transactions processed by the sub-service organization and the contribution of the sub-service organization’s processes and controls in the achievement of the Postal Service’s information processing objectives. The Postal Service should have access to the sub-service organization’s SAS 70 report. The control objectives to be covered by the SAS 70 report are subject to Postal Service review and approval and are to be provided to the Postal Service 30 days prior to the initiation of each examination period. As a result of the examination, the auditor shall provide the RC and the Postal Service with an opinion on the design and operating effectiveness of the RC’s internal controls related to the CMRS system and any other applications and technology infrastructure considered material to the services provided to the Postal Service by the RC. Such examinations are to be conducted on no less than an annual basis, and are to be as of and for the twelve months ended June 30 of each year (except for the period ending June 30, 2010, for which the period of coverage will be no less than six months, and except for new contracts for which the examination period will be no less than the period from the contract date to the following June 30, unless otherwise agreed to by the Postal Service). The examination reports are to be provided to the Postal Service by August 15 of each year. To the extent that internal control VerDate Mar<15>2010 14:00 Sep 15, 2010 Jkt 220001 weaknesses are identified in a Type II SAS 70 report, the Postal Service may require the remediation of such weaknesses and review working papers and engage in discussions about the work performed with the auditor. Postal Service requires that all remediation efforts (if applicable) are completed and reported by the RC prior to the Postal Service’s fiscal year end (September 30). The RC will be responsible for all costs to conduct these examinations. * * * * * ■ 3. Section 501.16 is amended by revising paragraph (f) to read as follows: § 501.16 PC postage payment methodology. * * * * * (f) Security and revenue protection. To receive Postal Service approval to continue to operate PC Postage systems, the provider must submit to a periodic examination of its PC Postage system and any other applications and technology infrastructure that may have a material impact on Postal Service revenues, as determined by the Postal Service. The examination shall be performed by a qualified, independent audit firm and shall be conducted in accordance with the Statement on Auditing Standards (SAS) No. 70, Service Organizations, developed by the American Institute of Certified Public Accountants (AICPA), as amended or superseded. The examination shall include testing of the operating effectiveness of relevant provider internal controls (Type II SAS 70 Report). If the service organization uses another service organization (subservice provider), Postal Service Management should consider the nature and materiality of the transactions processed by the sub-service organization and the contribution of the sub-service organization’s processes and controls in the achievement of the Postal Service’s information processing objectives. The Postal Service should have access to the sub-service organization’s SAS 70 report. The control objectives to be covered by the SAS 70 report are subject to Postal Service review and approval and are to be provided to the Postal Service 30 days prior to the initiation of each examination period. As a result of the examination, the auditor shall provide the provider, and the Postal Service, with an opinion on the design and operating effectiveness of the internal controls related to the PC Postage system and any other applications and technology infrastructure considered material to the services provided to the Postal Service by the provider. Such PO 00000 Frm 00006 Fmt 4700 Sfmt 4700 examinations are to be conducted on no less than an annual basis, and are to be as of and for the twelve months ended June 30 of each year (except for the period ending June 30, 2010 for which the period of coverage will be no less than six months, and except for new contracts for which the examination period will be no less than the period from the contract date to the following June 30, unless otherwise agreed to by the Postal Service). The examination reports are to be provided to the Postal Service by August 15 of each year. To the extent that internal control weaknesses are identified in a Type II SAS 70 report, the Postal Service may require the remediation of such weaknesses and review working papers and engage in discussions about the work performed with the auditor. The provider will be responsible for all costs to conduct these examinations. * * * * * Neva R. Watson, Attorney, Legislative. [FR Doc. 2010–23031 Filed 9–15–10; 8:45 am] BILLING CODE 7710–12–P ENVIRONMENTAL PROTECTION AGENCY 40 CFR Part 790 [EPA–HQ–OPPT–2009–0894; FRL–8832–8] RIN 2070–AJ59 Amendments to Enforceable Consent Agreement Procedural Rules Environmental Protection Agency (EPA). ACTION: Final rule. AGENCY: EPA is revising the procedures for developing Enforceable Consent Agreements (ECAs) to generate test data under the Toxic Substances Control Act (TSCA). The main features of the ECA process that EPA is changing include when and how to initiate negotiations and inserting a firm deadline at which negotiations will terminate. EPA is also deleting, modifying, or consolidating several sections of 40 CFR part 790 to place the ECA provisions in one section and the Interagency Testing Committee (ITC) provisions in a separate section, to make it clearer that there is one ECA negotiation procedure applicable to all circumstances when an ECA would be appropriate, and to make conforming changes in other sections that reference the ECA procedures. DATES: This final rule is effective October 18, 2010. SUMMARY: E:\FR\FM\16SER1.SGM 16SER1

Agencies

[Federal Register Volume 75, Number 179 (Thursday, September 16, 2010)]
[Rules and Regulations]
[Pages 56471-56472]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: 2010-23031]


=======================================================================
-----------------------------------------------------------------------

POSTAL SERVICE

39 CFR Part 501


Revisions to the Requirements for Authority To Manufacture and 
Distribute Postage Evidencing Systems

AGENCY: Postal ServiceTM.

ACTION: Final rule.

-----------------------------------------------------------------------

SUMMARY: The Postal Service is revising its regulations to require that 
companies that manufacture and distribute postage evidencing systems 
(``Company or Companies'') engage a qualified, independent audit firm 
to perform an examination of and provide an opinion on the design and 
operating effectiveness of relevant internal control activities 
performed by the Companies as service providers to the Postal Service 
under the Statement on Auditing Standards (SAS) No. 70 (``SAS 70'').

DATES: Effective Date: September 16, 2010.

FOR FURTHER INFORMATION CONTACT: Marlo Kay Ivey, Marketing Specialist, 
Postage Technology Management, U.S. Postal Service, at 202-268-7613.

SUPPLEMENTARY INFORMATION: Postage Evidencing Systems are devices or 
systems of components that a customer uses to print evidence that the 
prepaid postage required for mailing has been paid. They include, but 
are not limited to, postage meters and PC Postage systems. The Postal 
Service regulates these systems and their use in order to protect 
postal revenue. Only Postal Service-authorized product service 
providers may design, produce, and distribute Postage Evidencing 
Systems. The Postal Service published a proposed rule in the Federal 
Register on June 1, 2010 at 73 FR 30309-30310 to amend the requirements 
for authority to manufacture and distribute postage evidencing systems. 
This revision clarifies the internal controls required in 39 CFR 
501.15(i), Computerized Meter Resetting System, and 501.16(f), PC 
Postage Payment Methodology. The internal controls requirement was 
added as part of a final rule published in the Federal Register on 
November 9, 2006, at 71 FR 65732.
    Comments: Two comments were received from the Companies (that 
manufacture or distribute postage evidencing systems). The first was 
notification of intent to comply. The second requested that the 
proposed amendment be modified to allow a Company with qualified 
internal audit departments, which meets the independence requirements 
under the Standards for the Professional Practice of the Institute of 
Internal Auditors (``IIA''), to utilize its internal audit department 
to perform the internal controls examination in lieu of engaging an 
independent audit firm.
    The Postal Service gave thorough consideration to this comment. 
While the Postal Service recognizes the IIA as the authoritative body 
over internal audit activities, SAS 70 (Type II) examinations are 
subject to the American Institute of Certified Public Accountants 
(``AICPA'') professional standards, which impose more stringent 
independence requirements and a requirement that the examination be 
performed by a licensed CPA. Therefore, the Postal Service will not 
modify the proposed amendments as requested and will require the 
Companies to annually obtain an SAS 70 (Type II) examination of 
relevant internal controls by a qualified, independent, external audit 
firm. The Postal Service gave through consideration to the comments it 
received, and now announces the adoption of the final rule.

List of Subjects in 39 CFR Part 501

    Postal Service.

0
Accordingly, 39 CFR part 501 is amended as follows:

PART 501--[AMENDED]

0
1. The authority citation for 39 CFR part 501 continues to read as 
follows:

    Authority:  5 U.S.C. 552(a); 39 U.S.C. 101, 401, 403, 404, 410, 
2601, 2605, Inspector General Act of 1978, as amended (Pub. L. 95-
452, as amended); 5 U.S.C. App. 3.


[[Page 56472]]



0
2. Section 501.15 is amended by revising paragraph (i) to read as 
follows:


Sec.  501.15  Computerized Meter Resetting System.

* * * * *
    (i) Security and Revenue Protection. To receive Postal Service 
approval to continue to operate systems in the CMRS environment, the RC 
must submit to a periodic examination of its CMRS system and any other 
applications and technology infrastructure that may have a material 
impact on Postal Service revenues, as determined by the Postal Service. 
The examination shall be performed by a qualified, independent audit 
firm and shall be conducted in accordance with the Statement on 
Auditing Standards (SAS) No. 70, Service Organizations, developed by 
the American Institute of Certified Public Accountants (AICPA), as 
amended or superseded. The examination shall include testing of the 
operating effectiveness of relevant RC internal controls (Type II SAS70 
Report). If the service organization uses another service organization 
(sub-service provider), Postal Service Management should consider the 
nature and materiality of the transactions processed by the sub-service 
organization and the contribution of the sub-service organization's 
processes and controls in the achievement of the Postal Service's 
information processing objectives. The Postal Service should have 
access to the sub-service organization's SAS 70 report. The control 
objectives to be covered by the SAS 70 report are subject to Postal 
Service review and approval and are to be provided to the Postal 
Service 30 days prior to the initiation of each examination period. As 
a result of the examination, the auditor shall provide the RC and the 
Postal Service with an opinion on the design and operating 
effectiveness of the RC's internal controls related to the CMRS system 
and any other applications and technology infrastructure considered 
material to the services provided to the Postal Service by the RC. Such 
examinations are to be conducted on no less than an annual basis, and 
are to be as of and for the twelve months ended June 30 of each year 
(except for the period ending June 30, 2010, for which the period of 
coverage will be no less than six months, and except for new contracts 
for which the examination period will be no less than the period from 
the contract date to the following June 30, unless otherwise agreed to 
by the Postal Service). The examination reports are to be provided to 
the Postal Service by August 15 of each year. To the extent that 
internal control weaknesses are identified in a Type II SAS 70 report, 
the Postal Service may require the remediation of such weaknesses and 
review working papers and engage in discussions about the work 
performed with the auditor. Postal Service requires that all 
remediation efforts (if applicable) are completed and reported by the 
RC prior to the Postal Service's fiscal year end (September 30). The RC 
will be responsible for all costs to conduct these examinations.
* * * * *

0
3. Section 501.16 is amended by revising paragraph (f) to read as 
follows:


Sec.  501.16  PC postage payment methodology.

* * * * *
    (f) Security and revenue protection. To receive Postal Service 
approval to continue to operate PC Postage systems, the provider must 
submit to a periodic examination of its PC Postage system and any other 
applications and technology infrastructure that may have a material 
impact on Postal Service revenues, as determined by the Postal Service. 
The examination shall be performed by a qualified, independent audit 
firm and shall be conducted in accordance with the Statement on 
Auditing Standards (SAS) No. 70, Service Organizations, developed by 
the American Institute of Certified Public Accountants (AICPA), as 
amended or superseded. The examination shall include testing of the 
operating effectiveness of relevant provider internal controls (Type II 
SAS 70 Report). If the service organization uses another service 
organization (sub-service provider), Postal Service Management should 
consider the nature and materiality of the transactions processed by 
the sub-service organization and the contribution of the sub-service 
organization's processes and controls in the achievement of the Postal 
Service's information processing objectives. The Postal Service should 
have access to the sub-service organization's SAS 70 report. The 
control objectives to be covered by the SAS 70 report are subject to 
Postal Service review and approval and are to be provided to the Postal 
Service 30 days prior to the initiation of each examination period. As 
a result of the examination, the auditor shall provide the provider, 
and the Postal Service, with an opinion on the design and operating 
effectiveness of the internal controls related to the PC Postage system 
and any other applications and technology infrastructure considered 
material to the services provided to the Postal Service by the 
provider. Such examinations are to be conducted on no less than an 
annual basis, and are to be as of and for the twelve months ended June 
30 of each year (except for the period ending June 30, 2010 for which 
the period of coverage will be no less than six months, and except for 
new contracts for which the examination period will be no less than the 
period from the contract date to the following June 30, unless 
otherwise agreed to by the Postal Service). The examination reports are 
to be provided to the Postal Service by August 15 of each year. To the 
extent that internal control weaknesses are identified in a Type II SAS 
70 report, the Postal Service may require the remediation of such 
weaknesses and review working papers and engage in discussions about 
the work performed with the auditor. The provider will be responsible 
for all costs to conduct these examinations.
* * * * *

Neva R. Watson,
Attorney, Legislative.
[FR Doc. 2010-23031 Filed 9-15-10; 8:45 am]
BILLING CODE 7710-12-P
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.