Report Type
Report Category
Submitting Agency
- (-) Department of Defense OIG (29)
- (-) Department of Labor OIG (33)
- Amtrak (National Railroad Passenger Corporation) OIG (1)
- Architect of the Capitol OIG (2)
- Department of Education OIG (11)
- Department of Health & Human Services OIG (41)
- Department of Homeland Security OIG (20)
- Department of Housing and Urban Development OIG (23)
- Department of Justice OIG (3)
- Department of the Interior OIG (3)
- Department of the Treasury OIG (22)
- Department of Transportation OIG (7)
- Department of Veterans Affairs OIG (3)
- Election Assistance Commission OIG (22)
- Environmental Protection Agency OIG (10)
- Federal Reserve Board & CFPB OIG (3)
- General Services Administration OIG (4)
- National Science Foundation OIG (10)
- National Security Agency OIG (1)
- Peace Corps OIG (1)
- Pension Benefit Guaranty Corporation OIG (1)
- Railroad Retirement Board OIG (5)
- Securities and Exchange Commission OIG (1)
- Small Business Administration OIG (6)
- Social Security Administration OIG (6)
- Special Inspector General for Pandemic Recovery (15)
- Special Inspector General for the Troubled Asset Relief Program (1)
- Tennessee Valley Authority OIG (3)
- Treasury Inspector General for Tax Administration (41)
- U.S. Agency for International Development OIG (13)
- U.S. Postal Service OIG (13)
State/Local Agency
State (State and Local Reports)
Fraud Type
Agency Reviewed
Related Organizations
Management Challenges
Any Recommendations
Any Open Recommendations
Reports
COVID-19: OSHA Needs To Strengthen Its Process for Awarding Future Emergency Supplemental Funds to State Plans
To strengthen OSHA’s process for awarding future emergency supplemental funds to State Plans, we recommend the Assistant Secretary for Occupational Safety and Health develop a plan for future crises (e.g., pandemic) to coordinate with the Departmental Budget Center on the time needed to afford State Plans the maximum opportunity to receive the appropriate federal assistance needed to ensure workers’ safety.
To strengthen OSHA’s process for awarding future emergency supplemental funds to State Plans, we recommend the Assistant Secretary for Occupational Safety and Health update OSHA’s monitoring procedures to temporarily impose restrictions, request monthly expense reports, and implement other noncompliance remedies if grantees fail to submit accurate Federal Financial Reports until the expense reconciliation issue is resolved.
ETA Did Not Provide Adequate Oversight of Emergency Administrative Grants
We recommend the Acting Assistant Secretary for Employment and Training specify within its policy the information states must include in their documentation to support compliance with the requirements to receive grant funds prior to disbursement of the funds.
We recommend the Acting Assistant Secretary for Employment and Training propose to the Office of Management and Budget an amendment to the annually updated Compliance Supplement for single audits to also disclose if states used the emergency administrative grant funds in accordance with applicable requirements in the single audit report.
We recommend the Acting Assistant Secretary for Employment and Training remedy the $136,353,567.50 in questioned costs.
Audit of the Reliability of the DoD Coronavirus Disease–2019 Patient Health Data
Rec. 1: The DoD OIG recommended that the Director of the Defense Health Agency work with the Program Executive Officer of the Program Executive Office, Defense Healthcare Management Systems to document and implement the process for identifying and collecting patient health data of DoD patients in the Military Health System in current and future registries within their purview in a written document, such as a standard operating procedure. The procedure should identify, at a minimum, the internal controls throughout the process, the relevant data sources, data fields, and diagnostic codes used in the computer scripts, and should be reviewed and approved when updates occur.
Rec. 2: The DoD OIG recommended that the Senior Contracting Official of the U.S. Army Medical Research Acquisition Activity and the Chief of the Joint Trauma System work with the Joint Trauma System contracting officer's representative to revise the quality assurance surveillance plan. The plan should include an appropriate sampling methodology for selecting patient health records from the Coronavirus Disease-2019 Registry to verify that the contractor is achieving the contract-required accuracy rate for entering patient data, and submit the revised quality assurance surveillance plan to the contracting officer.
Rec. 2: The DoD OIG recommended that the Senior Contracting Official of the U.S. Army Medical Research Acquisition Activity and the Chief of the Joint Trauma System work with the Joint Trauma System contracting officer's representative to revise the quality assurance surveillance plan. The plan should include an appropriate sampling methodology for selecting patient health records from the Coronavirus Disease-2019 Registry to verify that the contractor is achieving the contract-required accuracy rate for entering patient data, and submit the revised quality assurance surveillance plan to the contracting officer.
Rec. 3: The DoD OIG recommended that the Chief of the Joint Trauma System conduct an analysis to determine whether the patient data entered into the Coronavirus Disease-2019 Registry met the 90 percent accuracy rate requirement for contract W81XWH-20-P-0197 and contract W81XWH-22-C-0151.
Rec. 3.a: If the contractor did not meet the 90 percent accuracy requirement, the DoD OIG recommended that the Chief of the Joint Trauma System work with the Senior Contracting Official of the U.S. Army Medical Research Acquisition Activity to update the contractor's rating in the contractor's performance assessment reports for contract W81XWH-22-C-0151 and contract W81XWH-20-P-0197, when feasible.
Rec. 3.b: If the contractor did not meet the 90 percent accuracy requirement, the DoD OIG recommended that the Chief of the Joint Trauma System work with the Senior Contracting Official of the U.S. Army Medical Research Acquisition Activity to recoup any of the $3.9 million in questioned costs paid for services that did not comply with the terms of contract W81XWH-20-P-0197, if feasible.
Rec. 3.c: If the contractor did not meet the 90 percent accuracy requirement, the DoD OIG recommended that the Chief of the Joint Trauma System work with the Senior Contracting Official of the U.S. Army Medical Research Acquisition Activity to recoup any of the $2.3 million in questioned costs paid for services that did not comply with the terms of contract W81XWH-22-C-0151.
Rec. 3.d: If the contractor did not meet the 90 percent accuracy requirement, the DoD OIG recommended that the Chief of the Joint Trauma System work with the Senior Contracting Official of the U.S. Army Medical Research Acquisition Activity to consider all available contract remedies for contract W81XWH-22-C-0151, including modifying and, if necessary, terminating and re-competing the contract, and take action to ensure that the Department receives full value for the funds it expends for contract W81XWH-22-C-0151.
Rec. 3.e: If the contractor did not meet the 90 percent accuracy requirement, the DoD OIG recommended that the Chief of the Joint Trauma System work with the Senior Contracting Official of the U.S. Army Medical Research Acquisition Activity to delegate an official to review the concerns identified in this report, including the actions of the contracting officials, and take administrative actions, as necessary. The review should include a determination on whether the contractor's performance assessment reports were accurate and make updates as necessary.
Rec. 4.a: The DoD OIG recommended that the Director of the Defense Health Agency work with the Chief of the Joint Trauma System establish and implement a process for selecting Coronavirus Disease-2019 events for entry into the Coronavirus Disease-2019 Registry to limit selection bias.
Rec. 4.b: The DoD OIG recommended that the Director of the Defense Health Agency work with the Chief of the Joint Trauma System to include a bias disclosure notice on all reports generated from the Coronavirus Disease-2019 Registry until the Coronavirus Disease-2019 Registry data represent the population of DoD patients who had a Coronavirus Disease-2019 event.
Rec. 5.a: The DoD OIG recommended that the Assistant Secretary of Defense (Health Affairs) establish and implement a policy for developing and populating patient registries that aligns with the Department of Health and Human Services best practices, "Agency for Healthcare Research and Quality, Registries for Evaluating Patient Outcomes: A User?s Guide," current edition.
Rec. 5.b: The DoD OIG recommended that the Assistant Secretary of Defense (Health Affairs) conduct a review of all patient registries in the Military Health System to verify the reliability of data in each registry and implement corrective actions, as necessary.
The U.S. Department of Labor Did Not Meet the Requirements for Compliance with the Payment Integrity Information Act for FY 2022
We recommend the Deputy CFO maintain management’s current focus on increasing its technical assistance and funding to states to improve the improper payment reduction strategies in order to reduce the improper payments estimate rate below the 10 percent threshold.
We recommend the Deputy CFO revise the methodology used to calculate the improper payment information for the FPUC program.
We recommend the Deputy CFO continue to work with OMB to develop an approved Sampling and Estimation Methodology Plan for the PUA program, and publish the resulting improper payment information.
Audit of DoD Actions Taken to Protect DoD Information When Using Collaboration Tools During the Coronavirus Disease–2019 Pandemic
Recommendation is CUI
Recommendation is CUI
Recommendation is CUI
Recommendation is CUI
Recommendation is CUI
Recommendation is CUI
(U) Rec. B.1.a: The DoD OIG recommended that the Chief Information Officer for the Defense Finance and Accounting Service renegotiate changes with the Adobe Connect vendor to configure Adobe Connect to require privileged users to authenticate into the collaboration tool using multifactor authentication.
Recommendation is CUI
Recommendation is CUI
Recommendation is CUI
Recommendation is CUI
Rec. B.3.c: The DoD OIG recommended that the Chief Information Officer for the Defense Threat Reduction Agency configure Zoom for Government to lock user accounts after three unsuccessful logon attempts in a 15-minute period.
Recommendation is CUI
Audit of DoD Actions Taken to Implement Cybersecurity Protections Over Remote Access Software in the Coronavirus Disease–2019 Telework Environment
Rec. A.1: The DoD OIG recommended that the Director of the U.S. Southern Command - Joint Interagency Task Force South Command, Control, Communications, Computers, Cyber and Intelligence direct its network administrators to scan the VMware Horizon main virtual desktop for malware in accordance with the McAfee Endpoint Security Technical Implementation Guide, develop compensating controls, or formally accept the risk of not scanning the main virtual desktop.
Rec. A.2.a: The DoD OIG recommended that the Chief Information Officer of the Department of the Air Force revise its policy to align with the Windows 10 Security Technical Implementation Guide requirement for disabling inactive user accounts after no more than 35 days.
Rec. A.2.b: The DoD OIG recommended that the Chief Information Officer of the Department of the Air Force direct network and system administrators to disable inactive user accounts after no more than 35 days of inactivity in accordance with the Windows 10 Security Technical Implementation Guide, develop compensating controls, or formally accept the risk of not disabling the inactive user accounts.
Rec. A.3: The DoD OIG recommended that the Chief Information Officer of the Naval Surface Warfare Center - Panama City Division direct network and system administrators to disable inactive user accounts after no more than 35 days of inactivity in accordance with the Windows 10 Security Technical Implementation Guide, develop compensating controls, or formally accept the risk of not disabling the inactive user accounts.
Rec. A.4.a: The DoD OIG recommended that the Chief Information Officer of the Defense Intelligence Agency revise its policy to align with the Windows 10 Security Technical Implementation Guide requirement for disabling inactive users after no more than 35 days.
Rec. A.4.b: The DoD OIG recommended that the Chief Information Officer of the Defense Intelligence Agency direct network and system administrators to disable inactive user accounts after no more than 35 days of inactivity in accordance with the Windows 10 Security Technical Implementation Guide, develop compensating controls, or formally accept the risk of not disabling the inactive user accounts.
Rec. A.5.a: The DoD OIG recommended that the Director of the Marine Corps Information Command, Control, Communications, and Computers revise the organization's policy to align with the Windows 10 Security Technical Implementation Guide requirement for disabling inactive users after no more than 35 days.
Rec. A.5.b: The DoD OIG recommended that the Director of the Marine Corps Information Command, Control, Communications, and Computers direct network and system administrators to disable inactive user accounts after no more than 35 days of inactivity in accordance with the Windows 10 Security Technical Implementation Guide, develop compensating controls, or formally accept the risk of not disabling the inactive user accounts.
Rec. A.6: The DoD OIG recommended that the Director of the Defense Information Systems Agency Joint Service Provider direct network and system administrators to disable inactive user accounts after no more than 35 days of inactivity in accordance with the Windows 10 Security Technical Implementation Guide, develop compensating controls, or formally accept the risk of not disabling the inactive user accounts.
Rec. B.1: The DoD OIG recommended that the Director of the Defense Information Systems Agency Joint Service Provider direct network and system administrators to revise the vulnerability management program to include mitigation timeframes for all vulnerabilities and develop plans of actions and milestones for all vulnerabilities that cannot be mitigated in a timely manner.
FY 2022 Independent Auditors' on DOL's Consolidated Financial Statements Report
We recommend that the Deputy Chief Financial Officer and the Assistant Secretary for Employment and Training design and implement controls over their respective estimates to ensure management’s review of the estimates are performed at a sufficient level of detail, including the methodology, underlying data, and assumptions used to develop the estimates.
We recommend that the Deputy Chief Financial Officer and the Assistant Secretary for Employment and Training maintain documentation of the reviews performed to assess the reasonableness of the methodology, underlying data, and assumptions used to develop the estimates that is sufficiently detailed to evidence the specific items reviewed, analysis performed, and conclusions reached.
We recommend that the Deputy Chief Financial Officer and the Assistant Secretary for Employment and Training provide additional training to the reviewers of the estimates to reinforce established policies and procedures, as necessary.
COVID-19: OSHA's Enforcement Activities Did Not Sufficiently Protect Workers From Pandemic Health Hazards
We recommend the Assistant Secretary for Occupational Safety and Health: provide additional training to CSHOs to enforce the recording and reporting standard for fatalities.
We recommend the Assistant Secretary for Occupational Safety and Health: update guidance or policy to include supervisory review of inspection files to ensure they contain adequate support for the reasons regarding citation issuance decisions before closing inspections.
We recommend the Assistant Secretary for Occupational Safety and Health: develop a plan for a future pandemic or epidemic to collaborate with external agencies on worksite case data and to use this data to maximize rapid response and enforcement actions in worksites.
We recommend the Assistant Secretary for Occupational Safety and Health: as part of OSHA's rulemaking on infectious diseases, require employers to notify all employees of all known positive cases at the worksite.
We recommend the Assistant Secretary for Occupational Safety and Health: develop and implement a tracking tool to ensure OSHA receives and reviews all items CSHOs request during inspections to ensure alleged hazards have been mitigated.
COVID-19: ETA and States Did Not Protect Pandemic-Related UI Funds from Improper Payments Including Fraud or from Payment Delays
We recommend the Acting Assistant Secretary for Employment and Training: Use data collected from monitoring and BAM reports to identify the areas of highest improper payments including fraud and create a plan to prevent similar issues in future temporary UI benefit programs.
We recommend the Acting Assistant Secretary for Employment and Training: Require states to have written policies and procedures, which apply lessons learned during the COVID-19 pandemic, to continue eligibility testing and BPC procedures during emergencies or other times of increased claims volume. These policies and procedures should include strategies to pay claimants timely.
We recommend the Acting Assistant Secretary for Employment and Training: Work with NASWA to update the IDH Participant Agreement to require state to submit the results of their UI fraud investigations.
We recommend the Acting Assistant Secretary for Employment and Training: Work with NASWA to ensure the IDH cross matches are effective at preventing the types of fraud that were detected during the pandemic and regularly update using the results of state fraud investigations.
We recommend the Acting Assistant Secretary for Employment and Training: Work with the OIG and states to recover the greatest practicable amount of the $7,092,604 paid to claimants connected to likely fraudulent claims.