Department of Education

For the time period reviewed, we found that the Pennsylvania Department of Labor and Industry, Office of Vocational Rehabilitation (Pennsylvania) had adequate internal controls to provide reasonable assurance that the data it reported in its Case Services Report (RSA-911) were complete, but it did...

For the time period reviewed, we determined that the Opportunities for Ohioans with Disabilities (Ohio) had adequate internal controls to ensure that the data it reported to the Rehabilitation Services Administration (RSA) were complete; however, it did not have adequate internal controls to ensure...

Our audit found that the Oregon Department of Education (Oregon) Consolidated Collection System, Oregon’s Statewide Longitudinal Data System, had a lack of documented internal controls in the system that increases the risk that Oregon will be unable to prevent or detectunauthorized access and...

We identified internal control weaknesses in the system that increase the risk that Virginia will be unable to prevent or detect unauthorized access and disclosure of personally identifiable information. Specifically, we found that although Virginia classified the Single Sign-on Web System as a...

We reported that FSA did not always accurately assess the operational status of the fully or partially operational functions, processes, and subprocesses. We also noted that FSA did not sufficiently document its validation assessments. As a result, there was a risk that FSA did not accurately assess...

we determined that that charter school relationships with charter management organizations posed a significant risk to Department program objectives. Specifically, we found that 22 of the 33 charter schools in our review had 36 examples of internal control weaknesses related to the charter schools’...

We found that the Department was complying with appropriate guidance and requirements and appeared to be on track for meeting its milestones. We did not find any evidence to indicate that the Department was not on track for implementing DATA Act reporting requirements by the May 2017 deadline. We...

We issued a management information report to the Department to highlight several areas of concern and some positive practices identified through our audits of SEA oversight of LEA single audit resolution. The results of our audits in the three States (Illinois, Massachusetts, andNorth Carolina)...

We found that the Institute of Education Sciences (IES) did not effectively implement Department requirements for the contractor personnel security screening process. We specifically noted weaknesses in IES’s development of internal policies and procedures, designation of contractpositions and...

We reported that the Indiana Department of Education did not provide adequate oversight to ensure that its system met minimum security requirements that included a creating System Security Plan, completing a compliance audit and risk assessment, and classifying its security level. We also reported...