Reports
Search reports, investigative results, and agency plansShowing 11 - 20 of 54 results
U.S. Postal Service OIG
Coronavirus Aid, Relief, and Economic Security (CARES) Act Funding
Our objective was to assess the Postal Service’s justification for and use of funds received under the CARES Act, as amended by the Consolidated Appropriations Act of 2021, and associated disclosure requirements.
Tennessee Valley Authority OIG
Remote Application and Desktop Virtualization
The Office of the Inspector General OIG audited the Tennessee Valley Authority’s (TVA) use of remote application and desktop virtualization due to the risk of increased remote users during the COVID-19 pandemic and recent publicized remote access vulnerabilities. We found several areas where TVA was consistent with cybersecurity remote access best practices. However, we identified gaps in TVA’s configuration settings, architectural design, and administrative procedures. We recommend the Vice President and Chief Information and Digital Officer, Technology & Information, review the identified...
Department of Transportation OIG
FTA Does Not Effectively Assess Security Controls or Remediate Cybersecurity Weaknesses To Ensure the Proper Safeguards Are in Place To Protect Its Financial Management Systems
What We Looked At The Coronavirus Aid, Relief, and Economic Security (CARES) Act of 2020 set up appropriations to support executive agency operations during the COVID-19 pandemic. The Federal Transit Administration (FTA) has received nearly $70 billion in CARES Act and other COVID-19 relief appropriations. FTA uses several financial management systems to approve, process, and disperse this funding for the transit industry’s COVID-19 response and recovery. Given the size of this investment, we initiated this audit. Our audit objective was to assess the effectiveness of FTA’s financial...
Railroad Retirement Board OIG
Audit of the Utilization of ARPA Information Technology Modernization Funds at the Railroad Retirement Board
The objectives of this audit are to: 1) obtain, review, and assess agency plans to expend these funds, 2) determine the current status of the RRB IT initiatives to expend all or part of the appropriation, 3) evaluate if the project progress is in accordance with the RRB’s project plan timeline, and reasons for delay, if any, 4) evaluate if the RRB’s goals and timeline are reasonable and attainable to achieve the intended purpose as stated in agency plans, and 5) evaluate the outcomes of the project relative to the anticipated improvements.
U.S. Postal Service OIG
U.S. Postal Service Protection Against External Cyberattacks
Our objective was to determine if the Postal Service has an effective security posture to protect its Information Technology (IT) infrastructure from external cyberattacks and prevent unauthorized access to restricted data.
Department of Commerce OIG
NIST Was Effective in Implementing the Requirements for Awarding Funds Under the CARES Act
Our objective was to determine whether NIST is complying with the requirements of the CARES Act. Specifically, we determined (1) what steps NIST took to implement and comply with the CARES Act, (2) challenges NIST faced during implementation, and (3) NIST’s status in the processing of applications and awarding funds under the CARES Act. Overall, we found that NIST implemented and followed the requirements of the CARES Act and applicable grant award policies and procedures. In addition, NIST implemented measures to mitigate challenges resulting from an increased workload and a forced transition...