The objective of our audit was to determine whether FSA was effectively implementing the Fostering Undergraduate Talent by Unlocking Resources for Education (FUTURE) Act and the FAFSA Simplification Act provisions pertaining to Federal Tax Information (FTI) through the Student Aid and Borrower Eligibility Reform Initiative (SABER) initiative. Our audit covered December 19, 2019 (when the FUTURE Act was enacted) through May 31, 2023. We found that FSA did not effectively implement the FUTURE Act and the FAFSA Simplification Act provisions pertaining to FTI through the SABER initiative. Overall, FSA did not effectively perform implementation activities for the four FTI-related SABER systems that we reviewed in accordance with some of the processes for monitoring project costs and budgets, monitoring contracts, and managing risks that FSA established as part of an effective systems implementation framework because it did not always perform key steps or could not provide sufficient evidence to support completion of such key steps. Specifically, these key steps pertained to FSA’s establishing and monitoring of the systems’ costs and budgets, its performance oversight of the contractors responsible for implementing the systems, and its management of the risks, decisions, and issues pertaining to the systems’ implementation. For the Internal Revenue System (IRS) Publication 1075 “Tax Information Security Guidelines for Federal, State, and Local Agencies” security requirements that the IRS required FSA to implement prior to allowing the transfer of FTI to FSA systems, we found that FSA established and followed a plan to ensure that the security requirements were implemented. Additionally, we found that FSA adhered to its change management process for two FTI systems for which we tested a sample of one contract modification for each.
Open Recommendations
| Recommendation Number | Significant Recommendation | Recommended Questioned Costs | Recommended Funds for Better Use | Additional Details | |
|---|---|---|---|---|---|
| 1.1 | Yes | $0 | $0 | ||
| We recommend that the Chief Operating Officer of FSA ensure that budget requests and lifecycle cost estimates forSABER-related projects are submitted and approved according to FSA’s Management Review 1 SOP and FSA’s otherestablished policies and procedures, and that they are properly maintained. | |||||
| 1.2 | Yes | $0 | $0 | ||
| We recommend that the Chief Operating Officer of FSA ensure that FSA Acquisition officials follow the Department’sContract Monitoring Directive, specifically pertaining to COR Appointment Memorandums, deliverable monitoring, contractpayment records, contract monitoring plans, and QASPs for the FTI SABER system contracts we reviewed. | |||||
| 1.3 | Yes | $0 | $0 | ||
| We recommend that the Chief Operating Officer of FSA ensure that all future SABER-related contract deliverables,including the FTI Infrastructure deliverables, are clearly defined in the contracts, related modifications, or as anattachment to contracts and related modifications to ensure proper tracking, monitoring, and contractor performance. | |||||
| 1.4 | Yes | $0 | $0 | ||
| We recommend that the Chief Operating Officer of FSA clearly define who is responsible for supervising each part of theCOR’s performance for SABER-awarded contracts and hold the contracting officers accountable for the overall monitoringof the contracts awarded by FSA, including the FTI Module, FTI SAIG, and FTI Infrastructure contracts. | |||||
| 1.5 | Yes | $0 | $0 | ||
| We recommend that the Chief Operating Officer of FSA require that the data fields that FSA defines as primary in theSABER risk registers be completed as appropriate, and data fields in decision logs be completed. | |||||
| 1.6 | Yes | $0 | $0 | ||
| We recommend that the Chief Operating Officer of FSA fix the technical issues to reduce data loss in SABER riskregisters and other risk registers. | |||||
