Revisions to the Requirements for Authority to Manufacture and Distribute Postage Evidencing Systems, 10994-10995 [2014-03539]
Download as PDF
<![CDATA[
TKELLEY on DSK3SPTVN1PROD with RULES
10994
Federal Register / Vol. 79, No. 39 / Thursday, February 27, 2014 / Rules and Regulations
news media for any offense that he or
she is suspected of having committed in
the course of, or arising out of, the
coverage or investigation of news, or
while engaged in the performance of
duties undertaken as a member of the
news media, without notice to the
Director of the Office of Public Affairs
and the express authorization of the
Attorney General.
(4) In requesting the Attorney
General’s authorization to question, to
arrest or to seek an arrest warrant for, or
to present information to a grand jury
seeking an indictment or to file an
information against, a member of the
news media for an offense that he or she
is suspected of having committed
during the course of, or arising out of,
the coverage or investigation of news, or
while engaged in the performance of
duties undertaken as a member of the
news media, a member of the
Department shall state all facts
necessary for a determination by the
Attorney General.
(g) Exigent circumstances. (1) A
Deputy Assistant Attorney General for
the Criminal Division may authorize the
use of a subpoena or court order, as
described in paragraph (c) of this
section, or the questioning, arrest, or
charging of a member of the news
media, as described in paragraph (f) of
this section, if he or she determines that
the exigent use of such law enforcement
tool or technique is necessary to prevent
or mitigate an act of terrorism; other acts
that are reasonably likely to cause
significant and articulable harm to
national security; death; kidnapping;
substantial bodily harm; conduct that
constitutes a specified offense against a
minor (for example, as those terms are
defined in section 111 of the Adam
Walsh Child Protection and Safety Act
of 2006, 42 U.S.C. 16911), or an attempt
or conspiracy to commit such a criminal
offense; or incapacitation or destruction
of critical infrastructure (for example, as
defined in section 1016(e) of the USA
PATRIOT Act, 42 U.S.C. 5195c(e)).
(2) A Deputy Assistant Attorney
General for the Criminal Division may
authorize an application for a warrant,
as described in paragraph (d) of this
section, if there is reason to believe that
the immediate seizure of the materials at
issue is necessary to prevent the death
of, or serious bodily injury to, a human
being, as provided in 42 U.S.C.
2000aa(a)(2) and (b)(2).
(3) Within 10 business days of a
Deputy Assistant Attorney General for
the Criminal Division approving a
request under paragraph (g) of this
section, the United States Attorney or
Assistant Attorney General responsible
for the matter shall provide to the
VerDate Mar<15>2010
16:18 Feb 26, 2014
Jkt 232001
Attorney General and to the Director of
the Office of Public Affairs a statement
containing the information that would
have been given in requesting prior
authorization.
(h) Failure to comply with policy.
Failure to obtain the prior approval of
the Attorney General, as required by this
policy, may constitute grounds for an
administrative reprimand or other
appropriate disciplinary action.
(i) General provision. This policy is
not intended to, and does not, create
any right or benefit, substantive or
procedural, enforceable at law or in
equity by any party against the United
States, its departments, agencies, or
entities, its officers, employees, or
agents, or any other person.
PART 59—GUIDELINES ON METHODS
OF OBTAINING DOCUMENTARY
MATERIALS HELD BY THIRD PARTIES
3. The authority citation for part 59
continues to read as follows:
■
Authority: Sec. 201, Pub. L. 96–440, 94
Stat. 1879 (42 U.S.C. 2000aa–11).
4. Section 59.3 is revised by adding a
new sentence at the end of paragraph (d)
to read as follows:
■
§ 59.3
Applicability.
*
*
*
*
*
(d) * * * For the use of a warrant to
obtain information from, or records of,
members of the news media, see the
Department’s statement of policy set
forth in § 50.10 of this chapter.
Dated: February 21, 2013.
Eric H. Holder, Jr.,
Attorney General.
[FR Doc. 2014–04239 Filed 2–26–14; 8:45 am]
BILLING CODE 4410–14–P
Revisions to the Requirements for
Authority to Manufacture and
Distribute Postage Evidencing
Systems
Postal ServiceTM.
ACTION: Final rule.
AGENCY:
This rule updates the security
and revenue protection features of the
Computerized Meter Resetting System
(CMRS) and the PC postage payment
methodology to reflect changes to the
audit profession’s reporting standards
on controls at service organizations.
DATES: This rule is effective March 31,
2014.
FOR FURTHER INFORMATION CONTACT:
Marlo Kay Ivey, Business Programs
SUMMARY:
Fmt 4700
PART 501—AUTHORIZATION TO
MANUFACTURE AND DISTRIBUTE
POSTAGE EVIDENCING SYSTEMS
1. The authority citation for 39 CFR
part 501 continues to read as follows:
■
Authority: 5 U.S.C. 552(a); 39 U.S.C. 101,
401, 403, 404, 410, 2601, 2605, Inspector
General Act of 1978, as amended (Pub. L. 95–
452, as amended); 5 U.S.C. App. 3.
2. Section 501.15 is amended by
revising paragraph (i) to read as follows:
■
*
39 CFR Part 501
Frm 00044
List of Subjects in 39 CFR Part 501
Administrative practice and
procedure.
Accordingly, for the reasons stated, 39
CFR part 501 is amended as follows:
§ 501.15 Computerized Meter Resetting
System.
POSTAL SERVICE
PO 00000
Specialist, Payment Technology, U.S.
Postal Service, at 202–268–7613.
SUPPLEMENTARY INFORMATION: When the
Postal Service was mandated to comply
with Sarbanes-Oxley regulations
beginning with the financial statements
for the fiscal year ending September 30,
2010, the Postal Service required a
Statement on Auditing Standards (SAS)
70 Type II Report from each of our
providers. Subsequently, the American
Institute of Certified Public Accountants
(AICPA) issued new guidance to the
audit profession on reporting standards
for controls at service organizations,
superseding the SAS 70 standards.
Accordingly, the Postal Service is now
requiring a Service Organization
Controls SOC1 Type II report, in
accordance with Statements on
Standards for Attestation Engagements
(SSAEs) 16, in the place of a SAS 70
Type II report, from each of our
providers. We have also clarified that
the expense incurred from obtaining
this report will be paid by the provider.
Sfmt 4700
*
*
*
*
(i) Security and Revenue Protection.
To receive Postal Service approval to
continue to operate systems in the
CMRS environment, the RC must submit
to a periodic examination of its CMRS
system and any other applications and
technology infrastructure that may have
a material impact on Postal Service
revenues, as determined by the Postal
Service. The examination shall be
performed by a qualified, independent
audit firm and shall be conducted in
accordance with the Statements on
Standards for Attestation Engagements
(SSAEs) No. 16, Service Organizations,
developed by the American Institute of
Certified Public Accountants (AICPA),
as amended or superseded. Expenses
associated with such examination shall
be incurred by the RC. The examination
E:\FR\FM\27FER1.SGM
27FER1
TKELLEY on DSK3SPTVN1PROD with RULES
Federal Register / Vol. 79, No. 39 / Thursday, February 27, 2014 / Rules and Regulations
shall include testing of the operating
effectiveness of relevant RC internal
controls (SOC 1 Type II SSAE 16
Report). If the service organization uses
another service organization (subservice provider), Postal Service
management should consider the nature
and materiality of the transactions
processed by the sub-service
organization and the contribution of the
sub-service organization’s processes and
controls in the achievement of the
Postal Service’s control objectives. The
Postal Service should have access to the
sub-service organization’s SOC 1 Type II
SSAE 16 report. The control objectives
to be covered by the SOC 1 Type II
SSAE 16 report are subject to Postal
Service review and approval, and are to
be provided to the Postal Service 30
days prior to the initiation of each
examination period. As a result of the
examination, the service auditor shall
provide the RC and the Postal Service
with an opinion on the design and
operating effectiveness of the RC’s
internal controls related to the CMRS
system and any other applications and
technology infrastructure considered
material to the services provided to the
Postal Service by the RC. Such
examinations are to be conducted on no
less than an annual basis, and are to be
as of and for the 12 months ended June
30 of each year (except for new
contracts for which the examination
period will be no less than the period
from the contract date to the following
June 30, unless otherwise agreed to by
the Postal Service). The examination
reports are to be provided to the Postal
Service by August 15 of each year. To
the extent that internal control
weaknesses are identified in a SOC 1
Type II SSAE 16 report, the Postal
Service may require the remediation of
such weaknesses and review working
papers and engage in discussions about
the work performed with the service
auditor. The Postal Service requires that
all remediation efforts (if applicable) are
completed and reported by the RC prior
to the Postal Service’s fiscal year end
(September 30). In addition, the RC will
be responsible for performing an
examination of their internal control
environment related to the CMRS
system and any other applications and
technology infrastructure considered
material to the services provided to the
Postal Service by the RC, in particular,
disclosing changes to internal controls
for the period of July 1 to September 30.
This examination should be
documented and submitted to the Postal
Service by October 14. The RC will be
responsible for all costs related to the
VerDate Mar<15>2010
16:18 Feb 26, 2014
Jkt 232001
examinations conducted by the service
auditor and the RC.
*
*
*
*
*
■ 3. Section 501.16 is amended by
revising paragraph (f) to read as follows:
§ 501.16 PC postage payment
methodology.
*
*
*
*
*
(f) Security and Revenue Protection.
To receive Postal Service approval to
continue to operate PC Postage systems,
the provider must submit to a periodic
examination of its PC Postage system
and any other applications and
technology infrastructure that may have
a material impact on Postal Service
revenues, as determined by the Postal
Service. The examination shall be
performed by a qualified, independent
audit firm and shall be conducted in
accordance with the Statements on
Standards for Attestation Engagements
(SSAEs) No. 16, Service Organizations,
developed by the American Institute of
Certified Public Accountants (AICPA),
as amended or superseded. Expenses
associated with such examination shall
be incurred by the provider. The
examination shall include testing of the
operating effectiveness of relevant
provider internal controls (SOC1 Type II
SSAE 16 Report). If the service
organization uses another service
organization (sub-service provider),
Postal Service management should
consider the nature and materiality of
the transactions processed by the subservice organization and the
contribution of the sub-service
organization’s processes and controls in
the achievement of the Postal Service’s
control objectives. The Postal Service
should have access to the sub-service
organization’s SOC 1 Type II SSAE 16
report. The control objectives to be
covered by the SOC 1 Type II SSAE 16
report are subject to Postal Service
review and approval, and are to be
provided to the Postal Service 30 days
prior to the initiation of each
examination period. As a result of the
examination, the service auditor shall
provide the provider and the Postal
Service with an opinion on the design
and operating effectiveness of the
internal controls related to the PC
Postage system, and any other
applications and technology
infrastructure considered material to the
services provided to the Postal Service
by the provider. Such examinations are
to be conducted on no less than an
annual basis, and are to be as of and for
the 12 months ended June 30 of each
year (except for new contracts for which
the examination period will be no less
than the period from the contract date
PO 00000
Frm 00045
Fmt 4700
Sfmt 4700
10995
to the following June 30, unless
otherwise agreed to by the Postal
Service). The examination reports are to
be provided to the Postal Service by
August 15 of each year. To the extent
that internal control weaknesses are
identified in a SOC 1 Type II SSAE 16
report, the Postal Service may require
the remediation of such weaknesses,
and review working papers and engage
in discussions about the work
performed with the service auditor. The
Postal Service requires that all
remediation efforts (if applicable) are
completed and reported by the provider
prior to the Postal Service’s fiscal year
end (September 30). In addition, the
provider will be responsible for
performing an examination of their
internal control environment related to
the PC Postage system and any other
applications and technology
infrastructure considered material to the
services provided to the Postal Service
by the provider, in particular, disclosing
changes to internal controls for the
period of July 1 to September 30. This
examination should be documented and
submitted to the Postal Service by
October 14. The provider will be
responsible for all costs related to the
examinations conducted by the service
auditor and the provider.
*
*
*
*
*
Stanley F. Mires,
Attorney, Legal Policy & Legislative Advice.
[FR Doc. 2014–03539 Filed 2–26–14; 8:45 am]
BILLING CODE 7710–P
ENVIRONMENTAL PROTECTION
AGENCY
40 CFR Part 52
[EPA–R05–OAR–2013–0645; FRL–9907–08–
Region 5]
Approval and Promulgation of Air
Quality Implementation Plans;
Wisconsin; Transportation Conformity
Procedures
Environmental Protection
Agency (EPA).
ACTION: Direct final rule.
AGENCY:
The Environmental Protection
Agency (EPA) is approving a State
Implementation Plan (SIP) revision
submitted by the State of Wisconsin on
August 1, 2013, for the purpose of
establishing transportation conformity
‘‘Conformity’’ criteria and procedures
related to interagency consultation, and
enforceability of certain transportation
related control and mitigation measures.
This revision replaces Wisconsin’s
SUMMARY:
E:\FR\FM\27FER1.SGM
27FER1
]]>Agencies
[Federal Register Volume 79, Number 39 (Thursday, February 27, 2014)]
[Rules and Regulations]
[Pages 10994-10995]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: 2014-03539]
=======================================================================
-----------------------------------------------------------------------
POSTAL SERVICE
39 CFR Part 501
Revisions to the Requirements for Authority to Manufacture and
Distribute Postage Evidencing Systems
AGENCY: Postal ServiceTM.
ACTION: Final rule.
-----------------------------------------------------------------------
SUMMARY: This rule updates the security and revenue protection features
of the Computerized Meter Resetting System (CMRS) and the PC postage
payment methodology to reflect changes to the audit profession's
reporting standards on controls at service organizations.
DATES: This rule is effective March 31, 2014.
FOR FURTHER INFORMATION CONTACT: Marlo Kay Ivey, Business Programs
Specialist, Payment Technology, U.S. Postal Service, at 202-268-7613.
SUPPLEMENTARY INFORMATION: When the Postal Service was mandated to
comply with Sarbanes-Oxley regulations beginning with the financial
statements for the fiscal year ending September 30, 2010, the Postal
Service required a Statement on Auditing Standards (SAS) 70 Type II
Report from each of our providers. Subsequently, the American Institute
of Certified Public Accountants (AICPA) issued new guidance to the
audit profession on reporting standards for controls at service
organizations, superseding the SAS 70 standards. Accordingly, the
Postal Service is now requiring a Service Organization Controls SOC1
Type II report, in accordance with Statements on Standards for
Attestation Engagements (SSAEs) 16, in the place of a SAS 70 Type II
report, from each of our providers. We have also clarified that the
expense incurred from obtaining this report will be paid by the
provider.
List of Subjects in 39 CFR Part 501
Administrative practice and procedure.
Accordingly, for the reasons stated, 39 CFR part 501 is amended as
follows:
PART 501--AUTHORIZATION TO MANUFACTURE AND DISTRIBUTE POSTAGE
EVIDENCING SYSTEMS
0
1. The authority citation for 39 CFR part 501 continues to read as
follows:
Authority: 5 U.S.C. 552(a); 39 U.S.C. 101, 401, 403, 404, 410,
2601, 2605, Inspector General Act of 1978, as amended (Pub. L. 95-
452, as amended); 5 U.S.C. App. 3.
0
2. Section 501.15 is amended by revising paragraph (i) to read as
follows:
Sec. 501.15 Computerized Meter Resetting System.
* * * * *
(i) Security and Revenue Protection. To receive Postal Service
approval to continue to operate systems in the CMRS environment, the RC
must submit to a periodic examination of its CMRS system and any other
applications and technology infrastructure that may have a material
impact on Postal Service revenues, as determined by the Postal Service.
The examination shall be performed by a qualified, independent audit
firm and shall be conducted in accordance with the Statements on
Standards for Attestation Engagements (SSAEs) No. 16, Service
Organizations, developed by the American Institute of Certified Public
Accountants (AICPA), as amended or superseded. Expenses associated with
such examination shall be incurred by the RC. The examination
[[Page 10995]]
shall include testing of the operating effectiveness of relevant RC
internal controls (SOC 1 Type II SSAE 16 Report). If the service
organization uses another service organization (sub-service provider),
Postal Service management should consider the nature and materiality of
the transactions processed by the sub-service organization and the
contribution of the sub-service organization's processes and controls
in the achievement of the Postal Service's control objectives. The
Postal Service should have access to the sub-service organization's SOC
1 Type II SSAE 16 report. The control objectives to be covered by the
SOC 1 Type II SSAE 16 report are subject to Postal Service review and
approval, and are to be provided to the Postal Service 30 days prior to
the initiation of each examination period. As a result of the
examination, the service auditor shall provide the RC and the Postal
Service with an opinion on the design and operating effectiveness of
the RC's internal controls related to the CMRS system and any other
applications and technology infrastructure considered material to the
services provided to the Postal Service by the RC. Such examinations
are to be conducted on no less than an annual basis, and are to be as
of and for the 12 months ended June 30 of each year (except for new
contracts for which the examination period will be no less than the
period from the contract date to the following June 30, unless
otherwise agreed to by the Postal Service). The examination reports are
to be provided to the Postal Service by August 15 of each year. To the
extent that internal control weaknesses are identified in a SOC 1 Type
II SSAE 16 report, the Postal Service may require the remediation of
such weaknesses and review working papers and engage in discussions
about the work performed with the service auditor. The Postal Service
requires that all remediation efforts (if applicable) are completed and
reported by the RC prior to the Postal Service's fiscal year end
(September 30). In addition, the RC will be responsible for performing
an examination of their internal control environment related to the
CMRS system and any other applications and technology infrastructure
considered material to the services provided to the Postal Service by
the RC, in particular, disclosing changes to internal controls for the
period of July 1 to September 30. This examination should be documented
and submitted to the Postal Service by October 14. The RC will be
responsible for all costs related to the examinations conducted by the
service auditor and the RC.
* * * * *
0
3. Section 501.16 is amended by revising paragraph (f) to read as
follows:
Sec. 501.16 PC postage payment methodology.
* * * * *
(f) Security and Revenue Protection. To receive Postal Service
approval to continue to operate PC Postage systems, the provider must
submit to a periodic examination of its PC Postage system and any other
applications and technology infrastructure that may have a material
impact on Postal Service revenues, as determined by the Postal Service.
The examination shall be performed by a qualified, independent audit
firm and shall be conducted in accordance with the Statements on
Standards for Attestation Engagements (SSAEs) No. 16, Service
Organizations, developed by the American Institute of Certified Public
Accountants (AICPA), as amended or superseded. Expenses associated with
such examination shall be incurred by the provider. The examination
shall include testing of the operating effectiveness of relevant
provider internal controls (SOC1 Type II SSAE 16 Report). If the
service organization uses another service organization (sub-service
provider), Postal Service management should consider the nature and
materiality of the transactions processed by the sub-service
organization and the contribution of the sub-service organization's
processes and controls in the achievement of the Postal Service's
control objectives. The Postal Service should have access to the sub-
service organization's SOC 1 Type II SSAE 16 report. The control
objectives to be covered by the SOC 1 Type II SSAE 16 report are
subject to Postal Service review and approval, and are to be provided
to the Postal Service 30 days prior to the initiation of each
examination period. As a result of the examination, the service auditor
shall provide the provider and the Postal Service with an opinion on
the design and operating effectiveness of the internal controls related
to the PC Postage system, and any other applications and technology
infrastructure considered material to the services provided to the
Postal Service by the provider. Such examinations are to be conducted
on no less than an annual basis, and are to be as of and for the 12
months ended June 30 of each year (except for new contracts for which
the examination period will be no less than the period from the
contract date to the following June 30, unless otherwise agreed to by
the Postal Service). The examination reports are to be provided to the
Postal Service by August 15 of each year. To the extent that internal
control weaknesses are identified in a SOC 1 Type II SSAE 16 report,
the Postal Service may require the remediation of such weaknesses, and
review working papers and engage in discussions about the work
performed with the service auditor. The Postal Service requires that
all remediation efforts (if applicable) are completed and reported by
the provider prior to the Postal Service's fiscal year end (September
30). In addition, the provider will be responsible for performing an
examination of their internal control environment related to the PC
Postage system and any other applications and technology infrastructure
considered material to the services provided to the Postal Service by
the provider, in particular, disclosing changes to internal controls
for the period of July 1 to September 30. This examination should be
documented and submitted to the Postal Service by October 14. The
provider will be responsible for all costs related to the examinations
conducted by the service auditor and the provider.
* * * * *
Stanley F. Mires,
Attorney, Legal Policy & Legislative Advice.
[FR Doc. 2014-03539 Filed 2-26-14; 8:45 am]
BILLING CODE 7710-P
