Reports
Search reports, investigative results, and agency plansShowing 21 - 30 of 43 results
Small Business Administration OIG
COVID-19 and Disaster Assistance Information Systems Security Controls
This report presents the results of our audit to determine whether the U.S. Small Business Administration (SBA) maintained effective management control activities and monitoring of the design and implementation of third-party operated SBA systems. SBA needed information technology systems from third-party service providers that could improve the system efficiency and productivity to process high transaction volumes, transmit data between other information systems, and safeguard the integrity and confidentiality of the personally identifiable information processed by the programs. We found the...
Small Business Administration OIG
COVID-19 Economic Injury Disaster Loan Applications Submitted from Foreign IP Addresses
We evaluated the U.S. Small Business Administration’s (SBA) controls to flag or prevent potentially fraudulent Coronavirus Disease 2019 (COVID-19) Economic Injury Disaster Loan (EIDL) applications submitted from foreign Internet Protocol (IP) addresses. Although the agency implemented several layers of controls to prevent or reduce fraud from foreign countries, individuals at foreign IP addresses were able to access the COVID-19 EIDL application system. SBA received millions of attempts to submit COVID-19 EIDL applications from foreign IP addresses and stopped most of them; however, the agency...
Tennessee Valley Authority OIG
Remote Application and Desktop Virtualization
The Office of the Inspector General OIG audited the Tennessee Valley Authority’s (TVA) use of remote application and desktop virtualization due to the risk of increased remote users during the COVID-19 pandemic and recent publicized remote access vulnerabilities. We found several areas where TVA was consistent with cybersecurity remote access best practices. However, we identified gaps in TVA’s configuration settings, architectural design, and administrative procedures. We recommend the Vice President and Chief Information and Digital Officer, Technology & Information, review the identified...
Peace Corps OIG
Final Report on the Peace Corps' Compliance with CARES Act Supplemental Funding Requirements
This audit assessed the Peace Corps' internal controls over the budget, obligation, and disbursement of CARES Act funds, including compliance with the law and other implementing guidance. We concluded that the Peace Corps complied with necessary provisions of the law and other relevant policies and did not issue any recommendations with this report.