Report Type
Report Category
Submitting Agency
State/Local Agency
State (State and Local Reports)
Fraud Type
Agency Reviewed
- (-) Department of Defense (8)
- (-) Department of the Interior (6)
- (-) Railroad Retirement Board (5)
- (-) Social Security Administration (3)
- Chemical Safety and Hazard Investigation Board (1)
- Department of Agriculture (2)
- Department of Commerce (1)
- Department of Education (10)
- Department of Health & Human Services (27)
- Department of Homeland Security (17)
- Department of Housing and Urban Development (1)
- Department of Justice (6)
- Department of Labor (27)
- Department of the Treasury (29)
- Department of Transportation (5)
- Department of Veterans Affairs (17)
- Election Assistance Commission (5)
- Environmental Protection Agency (4)
- Federal Deposit Insurance Corporation (1)
- General Services Administration (1)
- Internal Revenue Service (10)
- Multiple Agencies (1)
- National Science Foundation (1)
- National Security Agency (1)
- Small Business Administration (29)
- Tennessee Valley Authority (1)
- U.S. Agency for International Development (4)
- U.S. Postal Service (9)
Related Organizations
Management Challenges
Any Recommendations
Any Open Recommendations
Reports
Controls over the Social Security Administration’s National 800-number Service During the COVID-19 Pandemic
Create a performance standard that requires that teleservice center managers and other employees who conduct service observations conduct a minimum of three service observations for each qualified 800-number employee per month, as required by SSA policy.
Create policy to ensure all problematic calls identified through speech analytics are referred to regional management and regional management intervenes with the 800-number employees referred within defined timeframes to ensure prompt interventions address problematic and/or inadequate customer service.
Audit of the Reliability of the DoD Coronavirus Disease–2019 Patient Health Data
Rec. 1: The DoD OIG recommended that the Director of the Defense Health Agency work with the Program Executive Officer of the Program Executive Office, Defense Healthcare Management Systems to document and implement the process for identifying and collecting patient health data of DoD patients in the Military Health System in current and future registries within their purview in a written document, such as a standard operating procedure. The procedure should identify, at a minimum, the internal controls throughout the process, the relevant data sources, data fields, and diagnostic codes used in the computer scripts, and should be reviewed and approved when updates occur.
Rec. 2: The DoD OIG recommended that the Senior Contracting Official of the U.S. Army Medical Research Acquisition Activity and the Chief of the Joint Trauma System work with the Joint Trauma System contracting officer's representative to revise the quality assurance surveillance plan. The plan should include an appropriate sampling methodology for selecting patient health records from the Coronavirus Disease-2019 Registry to verify that the contractor is achieving the contract-required accuracy rate for entering patient data, and submit the revised quality assurance surveillance plan to the contracting officer.
Rec. 2: The DoD OIG recommended that the Senior Contracting Official of the U.S. Army Medical Research Acquisition Activity and the Chief of the Joint Trauma System work with the Joint Trauma System contracting officer's representative to revise the quality assurance surveillance plan. The plan should include an appropriate sampling methodology for selecting patient health records from the Coronavirus Disease-2019 Registry to verify that the contractor is achieving the contract-required accuracy rate for entering patient data, and submit the revised quality assurance surveillance plan to the contracting officer.
Rec. 3: The DoD OIG recommended that the Chief of the Joint Trauma System conduct an analysis to determine whether the patient data entered into the Coronavirus Disease-2019 Registry met the 90 percent accuracy rate requirement for contract W81XWH-20-P-0197 and contract W81XWH-22-C-0151.
Rec. 3.a: If the contractor did not meet the 90 percent accuracy requirement, the DoD OIG recommended that the Chief of the Joint Trauma System work with the Senior Contracting Official of the U.S. Army Medical Research Acquisition Activity to update the contractor's rating in the contractor's performance assessment reports for contract W81XWH-22-C-0151 and contract W81XWH-20-P-0197, when feasible.
Rec. 3.b: If the contractor did not meet the 90 percent accuracy requirement, the DoD OIG recommended that the Chief of the Joint Trauma System work with the Senior Contracting Official of the U.S. Army Medical Research Acquisition Activity to recoup any of the $3.9 million in questioned costs paid for services that did not comply with the terms of contract W81XWH-20-P-0197, if feasible.
Rec. 3.c: If the contractor did not meet the 90 percent accuracy requirement, the DoD OIG recommended that the Chief of the Joint Trauma System work with the Senior Contracting Official of the U.S. Army Medical Research Acquisition Activity to recoup any of the $2.3 million in questioned costs paid for services that did not comply with the terms of contract W81XWH-22-C-0151.
Rec. 3.d: If the contractor did not meet the 90 percent accuracy requirement, the DoD OIG recommended that the Chief of the Joint Trauma System work with the Senior Contracting Official of the U.S. Army Medical Research Acquisition Activity to consider all available contract remedies for contract W81XWH-22-C-0151, including modifying and, if necessary, terminating and re-competing the contract, and take action to ensure that the Department receives full value for the funds it expends for contract W81XWH-22-C-0151.
Rec. 3.e: If the contractor did not meet the 90 percent accuracy requirement, the DoD OIG recommended that the Chief of the Joint Trauma System work with the Senior Contracting Official of the U.S. Army Medical Research Acquisition Activity to delegate an official to review the concerns identified in this report, including the actions of the contracting officials, and take administrative actions, as necessary. The review should include a determination on whether the contractor's performance assessment reports were accurate and make updates as necessary.
Rec. 4.a: The DoD OIG recommended that the Director of the Defense Health Agency work with the Chief of the Joint Trauma System establish and implement a process for selecting Coronavirus Disease-2019 events for entry into the Coronavirus Disease-2019 Registry to limit selection bias.
Rec. 4.b: The DoD OIG recommended that the Director of the Defense Health Agency work with the Chief of the Joint Trauma System to include a bias disclosure notice on all reports generated from the Coronavirus Disease-2019 Registry until the Coronavirus Disease-2019 Registry data represent the population of DoD patients who had a Coronavirus Disease-2019 event.
Rec. 5.a: The DoD OIG recommended that the Assistant Secretary of Defense (Health Affairs) establish and implement a policy for developing and populating patient registries that aligns with the Department of Health and Human Services best practices, "Agency for Healthcare Research and Quality, Registries for Evaluating Patient Outcomes: A User?s Guide," current edition.
Rec. 5.b: The DoD OIG recommended that the Assistant Secretary of Defense (Health Affairs) conduct a review of all patient registries in the Military Health System to verify the reliability of data in each registry and implement corrective actions, as necessary.
Audit of DoD Actions Taken to Implement Cybersecurity Protections Over Remote Access Software in the Coronavirus Disease–2019 Telework Environment
Rec. A.1: The DoD OIG recommended that the Director of the U.S. Southern Command - Joint Interagency Task Force South Command, Control, Communications, Computers, Cyber and Intelligence direct its network administrators to scan the VMware Horizon main virtual desktop for malware in accordance with the McAfee Endpoint Security Technical Implementation Guide, develop compensating controls, or formally accept the risk of not scanning the main virtual desktop.
Rec. A.2.a: The DoD OIG recommended that the Chief Information Officer of the Department of the Air Force revise its policy to align with the Windows 10 Security Technical Implementation Guide requirement for disabling inactive user accounts after no more than 35 days.
Rec. A.2.b: The DoD OIG recommended that the Chief Information Officer of the Department of the Air Force direct network and system administrators to disable inactive user accounts after no more than 35 days of inactivity in accordance with the Windows 10 Security Technical Implementation Guide, develop compensating controls, or formally accept the risk of not disabling the inactive user accounts.
Rec. A.3: The DoD OIG recommended that the Chief Information Officer of the Naval Surface Warfare Center - Panama City Division direct network and system administrators to disable inactive user accounts after no more than 35 days of inactivity in accordance with the Windows 10 Security Technical Implementation Guide, develop compensating controls, or formally accept the risk of not disabling the inactive user accounts.
Rec. A.4.a: The DoD OIG recommended that the Chief Information Officer of the Defense Intelligence Agency revise its policy to align with the Windows 10 Security Technical Implementation Guide requirement for disabling inactive users after no more than 35 days.
Rec. A.4.b: The DoD OIG recommended that the Chief Information Officer of the Defense Intelligence Agency direct network and system administrators to disable inactive user accounts after no more than 35 days of inactivity in accordance with the Windows 10 Security Technical Implementation Guide, develop compensating controls, or formally accept the risk of not disabling the inactive user accounts.
Rec. A.5.a: The DoD OIG recommended that the Director of the Marine Corps Information Command, Control, Communications, and Computers revise the organization's policy to align with the Windows 10 Security Technical Implementation Guide requirement for disabling inactive users after no more than 35 days.
Rec. A.5.b: The DoD OIG recommended that the Director of the Marine Corps Information Command, Control, Communications, and Computers direct network and system administrators to disable inactive user accounts after no more than 35 days of inactivity in accordance with the Windows 10 Security Technical Implementation Guide, develop compensating controls, or formally accept the risk of not disabling the inactive user accounts.
Rec. A.6: The DoD OIG recommended that the Director of the Defense Information Systems Agency Joint Service Provider direct network and system administrators to disable inactive user accounts after no more than 35 days of inactivity in accordance with the Windows 10 Security Technical Implementation Guide, develop compensating controls, or formally accept the risk of not disabling the inactive user accounts.
Rec. B.1: The DoD OIG recommended that the Director of the Defense Information Systems Agency Joint Service Provider direct network and system administrators to revise the vulnerability management program to include mitigation timeframes for all vulnerabilities and develop plans of actions and milestones for all vulnerabilities that cannot be mitigated in a timely manner.
The Omaha Tribe Did Not Account for CARES Act Funds Appropriately
We recommend that the BIA resolve the unreasonable hazard pay costs of $29,574 by requiring the Omaha Tribe to perform an analysis of the costs incurred to applicable criteria and document its determination of reasonableness.
We recommend that the BIA resolve the questioned hazard pay costs of $27,841 for Payment 1 by requiring the Omaha Tribe to provide detailed reconciliation of incurred costs to supporting documentation.
We recommend that the BIA resolve the questioned costs of $182,388 for Payment 2 by requiring the Omaha Tribe to provide detailed complete supporting documentation for the hazard pay and indirect costs.
We recommend that the BIA review the Omaha Tribe’s revised policy regarding the custody of checks and document that proper controls have been implemented.
We recommend that the BIA resolve the questioned costs of $42,067 by requiring the Omaha Tribe to provide a detailed list of the questioned transactions and voided checks to the BIA for its files to ensure these transactions are not claimed for reimbursement.
We recommend that the BIA resolve the questioned costs of $10,792 by requiring the Omaha Tribe to reallocate these costs to the appropriate funding source.
We recommend that the BIA require the Omaha Tribe to revise its policy to ensure a complete property record for CARES Act-funded assets in accordance with 2 C.F.R. § 200.313(d)(1).
The Bureaus of Indian Affairs and Indian Education Have the Opportunity To Implement Additional Controls To Prevent or Detect Multi-dipping of Pandemic Response Funds
We recommend that the Bureaus of Indian Affairs and Indian Education develop and implement policies, procedures, or guidance designed to prevent or detect <span class="tx-tooltip" tabindex="0">
multi-dipping
<span class="tx-tooltip-text">
When a recipient receives money from multiple federal sources and uses it for the same purpose, this could be an indication of multi-dipping.
</span>
</span>
.
We recommend that the Bureaus of Indian Affairs and Indian Education communicate the policies and procedures developed and train bureau personnel and Tribes on preventing and detecting <span class="tx-tooltip" tabindex="0">
multi-dipping
<span class="tx-tooltip-text">
When a recipient receives money from multiple federal sources and uses it for the same purpose, this could be an indication of multi-dipping.
</span>
</span>
.
We recommend that the Bureaus of Indian Affairs and Indian Education develop and implement policies, procedures, or guidance designed to prevent or detect <span class="tx-tooltip" tabindex="0">
multi-dipping
<span class="tx-tooltip-text">
When a recipient receives money from multiple federal sources and uses it for the same purpose, this could be an indication of multi-dipping.
</span>
</span>
.
We recommend that the Bureaus of Indian Affairs and Indian Education develop and implement policies, procedures, or guidance designed to prevent or detect <span class="tx-tooltip" tabindex="0">
multi-dipping
<span class="tx-tooltip-text">
When a recipient receives money from multiple federal sources and uses it for the same purpose, this could be an indication of multi-dipping.
</span>
</span>
.
We recommend that the Bureaus of Indian Affairs and Indian Education develop and implement policies, procedures, or guidance designed to prevent or detect <span class="tx-tooltip" tabindex="0">
multi-dipping
<span class="tx-tooltip-text">
When a recipient receives money from multiple federal sources and uses it for the same purpose, this could be an indication of multi-dipping.
</span>
</span>
.
We recommend that the Bureaus of Indian Affairs and Indian Education communicate the policies and procedures developed and train bureau personnel and Tribes on preventing and detecting <span class="tx-tooltip" tabindex="0">
multi-dipping
<span class="tx-tooltip-text">
When a recipient receives money from multiple federal sources and uses it for the same purpose, this could be an indication of multi-dipping.
</span>
</span>
.
We recommend that the Bureaus of Indian Affairs and Indian Education communicate the policies and procedures developed and train bureau personnel and Tribes on preventing and detecting <span class="tx-tooltip" tabindex="0">
multi-dipping
<span class="tx-tooltip-text">
When a recipient receives money from multiple federal sources and uses it for the same purpose, this could be an indication of multi-dipping.
</span>
</span>
.
We recommend that the Bureaus of Indian Affairs and Indian Education communicate the policies and procedures developed and train bureau personnel and Tribes on preventing and detecting <span class="tx-tooltip" tabindex="0">
multi-dipping
<span class="tx-tooltip-text">
When a recipient receives money from multiple federal sources and uses it for the same purpose, this could be an indication of multi-dipping.
</span>
</span>
.
The Social Security Administration’s Enumeration Services During the COVID-19 Pandemic
Develop and periodically conduct comprehensive refresher training on topics including but not limited to:
- processing original Social Security Number (SSN) cards for individuals aged 12 or older and emphasize requirements and documentation of the in-person interview;
- acceptable forms of evidentiary documents, and
- processing new (different) and replacement SSN cards when adoption
Complete the privacy assessments for the WorkTrack application.
Update quality control reviews to include comparison of SSNAP inputs to an applicant-submitted Form SS-5 and evidentiary documents, and provide feedback to the technicians who made input errors (such as race and ethnicity) or did not use the appropriate evidentiary documents.
Revise enumeration policy to include clear instructions for when Form SSA-5002 is required and how to properly document the form.
Update Program Operations Manual System (POMS) to provide current instructions for enumeration notices and archive outdated policy.
Retain enumeration notices in the Online Retrieval System for individuals with assigned SSNs.
Create and implement automated tools to assist staff in navigating through enumeration evidentiary document requirements.
Take corrective action on all keying errors and cross-referencing errors we identified.
Require managers to verify that incident reports are submitted through the Personally Identifiable Information (PII) Loss Reporting Tool before they approve reimbursement to customers for replacing lost original documents.
Update the National Mail Handling Business Process to include standard Agency-wide mitigation steps for misdirected mail including original documents.
The Three Affiliated Tribes Did Not Account for CARES Act Funds Appropriately
We recommend that the BIA resolve the questioned costs of $237,270 by requiring the Three Affiliated Tribes to provide supporting documentation to ensure that the incurred costs are allowable, allocable, and reasonable.
We recommend that the BIA require the Three Affiliated Tribes to establish controls to ensure that it can determine the appropriate funding source for each CARES Act expense.
We recommend that the BIA resolve the questioned costs of $106,280 by creating and adjusting journal entries to reallocate the funds from the U.S. Department of the Interior to the U.S. Department of Health and Human Services.
We recommend that the BIA resolve the questioned costs of $89,623 by creating adjusted journal entries to reallocate the funds from the BIA CARES Act to the appropriate funding source.
The RRB Did Not Have Detailed Project Plans to Expend Information Technology Modernization Funds
The Railroad Retirement Board's Bureau of Information Services should identify, and document detailed project plans for their Information Technology Modernization initiatives through the Information Resources Management Strategic Plan, which should include the agency's goals, project milestones, and a description of the work necessary, as required by the Office of Management and Budget Circular A-130.
The Social Security Administration’s Mail Processing During the COVID-19 Pandemic
If cost-effective, invest in software and equipment to reduce manual processing of incoming mail.
Expand the use of Post Office Boxes for long-term, high-volume workloads.
If cost-effective, outsource additional mail duties to contractors.
Incorporate centralized printing of forms and notices into SSA’s systems modernization efforts.
Implement policy and operational changes, where appropriate, to decrease reliance on original documents.
Implement options for customers to submit the most frequently used forms online.
Implement capabilities for employees to securely correspond with the public electronically.
Implement online versions of the most frequently sent notices.
Evaluation of Department of Defense Military Medical Treatment Facility Challenges During the Coronavirus Disease-2019 (COVID-19) Pandemic in Fiscal Year 2021
Rec. A.1.a: The DoD OIG recommended that the Director of the Defense Health Agency, in conjunction with the Secretaries of the Military Departments, establish a working group to address the staffing challenges identified by Military Medical Treatment Facilities during this evaluation. The working group should establish milestones to streamline the hiring process to allow Military Medical Treatment Facilities to more quickly fill civilian staffing positions.
Rec. A.1.b: The DoD OIG recommended that the Director of the Defense Health Agency, in conjunction with the Secretaries of the Military Departments, establish a working group to address the staffing challenges identified by Military Medical Treatment Facilities during this evaluation. The working group should establish milestones to determine if salaries for Military Medical Treatment Facility civilian nurses are commensurate with each facility's local market and if military treatment facilities are able to hire nurses at those salaries. For locations where military treatment facility salaries are not commensurate with the local market, take appropriate actions that will reduce the disparity in those markets.
Rec. A.1.c: The DoD OIG recommended that the Director of the Defense Health Agency, in conjunction with the Secretaries of the Military Departments, establish a working group to address the staffing challenges identified by Military Medical Treatment Facilities during this evaluation. The working group should establish milestones to establish a central authority with the knowledge of the Services' requests for individual and large group deployments of medical staff coming out of Military Medical Treatment Facilities and the associated risks to health care delivery.
Rec. A.1.d: The DoD OIG recommended that the Director of the Defense Health Agency, in conjunction with the Secretaries of the Military Departments, establish a working group to address the staffing challenges identified by Military Medical Treatment Facilities during this evaluation. The working group should establish milestones to assess the ability of Military Medical Treatment Facilities to rapidly receive augmentation of medical staff from the Reserve Components.
Rec. A.2.a: The DoD OIG recommended that the Director of the Defense Health Agency, in coordination with the Secretaries of the Military Departments establish the manpower requirements for the coronavirus disease-2019 mission within the Military Medical Treatment Facilities for the staff required to support testing, vaccinations, contact tracing, and acute respiratory clinics.
Rec. A.2.b: The DoD OIG recommended that the Director of the Defense Health Agency, in coordination with the Secretaries of the Military Departments identify the medical personnel requirements within the Military Medical Treatment Facilities, including clinicians, nurses, and support staff, needed for future long-term pandemic response and biological incidents.
Rec. B: The DoD OIG recommended that the Assistant Secretary of Defense (Health Affairs) develop DoD policy for the maximum consecutive hours to be worked, maximum shifts per week, and coverage of duties when absent, for Military Health System staff (at minimum, active duty military and civilian physicians, nurses, respiratory therapists, and lab technicians) working in Military Medical Treatment Facilities to reduce the physical impacts leading to fatigue and burnout, and develop the appropriate waivers of this policy for Military Health System staff.
Rec. C: The DoD OIG recommended that the Assistant Secretary of Defense (Health Affairs) direct a new or existing working group to develop a plan to implement the recommendations in the Military Health System COVID-19 After Action Report and to develop and monitor milestones for each recommendation.