Skip to main content
Report File
Date Issued
Submitting OIG
Department of Labor OIG
Agencies Reviewed/Investigated
Department of Labor
Report Number
22-25-003-13-001
Report Type
Audit
Agency Wide
Yes
Number of Recommendations
12
Questioned Costs
$0
Funds for Better Use
$0
Report updated under NDAA 5274
No

Open Recommendations

This report has 12 open recommendations.
Recommendation Number Significant Recommendation Recommended Questioned Costs Recommended Funds for Better Use Additional Details
001 Yes $0 $0

We recommend the Director of the Office of Workers’ Compensation Programs develop policies and procedures for the monthly quality control review, provide training to the control operators, and monitor that the reviews are performed in accordance with such policies and procedures.

002 Yes $0 $0

We recommend the Deputy Chief Financial Officer develop policies and procedures to ensure all non-GAAP policies are identified and reported to the Division of Financial Reporting timely.

003 Yes $0 $0

We recommend the Director of the Division of Federal Employees’, Longshore and Harbor Workers’ Compensation design and implement monitoring procedures to periodically review control activities for effectiveness and develop action steps as appropriate based on such results.

004 Yes $0 $0

We recommend the Assistant Secretary for ETA design and implement monitoring controls to ensure Federal Project Officer responses are obtained and reviewed for all delinquent cost reports.

005 Yes $0 $0

We recommend the Assistant Secretary for ETA design and implement monitoring controls to enforce current policies and procedures for Federal Project Officers to timely review cost reports.

006 Yes $0 $0

We recommend the Acting Chief Information Officer perform an analysis of the other operating system servers within the U.S. Department of Labor environment to determine if other servers were incorrectly configured.

007 Yes $0 $0

We recommend the Acting Chief Information Officer implement the proper configurations for the impacted operating system servers.

008 Yes $0 $0

We recommend the Acting Chief Information Officer configure the systems to adhere to the password requirements from the U.S. Department of Labor Cybersecurity Policy Portfolio.

009 Yes $0 $0

We recommend the Acting Chief Information Officer implement monitoring controls to periodically assess security configurations in the systems to determine adherence to the U.S. Department of Labor Cybersecurity Policy Portfolio.

010 Yes $0 $0

We recommend the Assistance Secretary for Administrations and Management and the Acting Chief Information Officer perform risk assessments in order to design and implement procedures for effective internal communication over access provisioning controls.

011 Yes $0 $0

We recommend the Assistance Secretary for Administrations and Management and the Acting Chief Information Officer design and implement controls to ensure the completeness and accuracy of the users and user roles used in the semi-annual privileged access reviews and reauthorizations.

012 Yes $0 $0

We recommend the Assistance Secretary for Administrations and Management and the Acting Chief Information Officer design and implement controls to monitor the deprovisioning of system users access to ensure such access is removed in accordance with DOL policies, and enforce adherence to DOL’s policies over the timely removal of inactive accounts.

Department of Labor OIG

United States