Tennessee Valley Authority OIG

The Office of the Inspector General is required by the Federal Information Security Modernization Act of 2014 (FISMA) to conduct an annual independent evaluation that determines the effectiveness of the information security program (ISP) and practices of its respective agency. Our objective was to...

We performed an audit of the Tennessee Valley Authority’s (TVA) Internet perimeter. Our objective was to identify cybersecurity weaknesses in TVA’s Internet perimeter through penetration testing. In summary, we identified some vulnerabilities in TVA’s internet perimeter. Specifically, we (1)...

The Office of the Inspector General included an audit of Tennessee Valley Authority’s (TVA) corporate contributions in our annual audit plan due to the potential reputational risk associated with contributions that do not comply with TVA policies and procedures. Our audit objective was to determine...

In response to requests from stakeholders, we scheduled an evaluation to determine if the Tennessee Valley Authority (TVA) complied with the 2016 Board Practice regarding memberships in external organizations.We found no evidence TVA was out of compliance with the TVA Memberships in External...

A TVA contractor’s employee improperly received $146,359 in Temporary Living Allowance payments by claiming a house as his personal residence in which he did not actually live. Rather, he lived in a different dwelling, in a different state, and rented-out the house he claimed as his personal...

A contractor employee received temporary living allowances of $80,857.70 to which he was not entitled. Contrary to what the contract employee claimed on his TLA applications, he did not have a qualifying dependent living at the claimed residence and did not incur substantially all of the expenses...

The Office of the Inspector General conducted a review of the Lagoon Creek Combustion Turbine (LCCT) Plant to identify factors that could impact LCCT’s organizational effectiveness. During the course of our evaluation, we identified behaviors that had a positive impact on LCCT; however, we also...

The Office of the Inspector General conducted a review of the Lagoon Creek Combined Cycle (LCCC) Plant to identify factors that could impact LCCC’s organizational effectiveness. During the course of our evaluation, we identified behaviors that had a positive impact on LCCC including positive...

Patching is the process for updating products and systems. Patches correct security and functionality problems in software and firmware. We performed an audit of the Tennessee Valley Authority’s (TVA) patching of Windows® desktops and laptops to determine if high-risk vulnerabilities on desktops and...