Federal Reports

The Office of the Inspector General (OIG) performed procedures that were requested and agreed to by Tennessee Valley Authority (TVA) management solely to assist management in determining the validity of the Winning Performance/Executive Annual Incentive Plan (WP) Measures for fiscal year (FY) ending September 30, 2019. The WP Measures data provided to the OIG and to which the agreed-upon procedures were applied is the responsibility of TVA management. In summary, procedures applied by the OIG found: • The FY 2019 WP goals for the enterprise measures were properly approved. One change form was approved on November 9, 2018, and clarified the definition sheet methodology for calculating the goals for one of the measures. However, this change form did not impact the overall measure, weight, and goals of that measure. Another change form was approved on January 22, 2019, and affected one measure.• The FY 2019 goals (target) for the corporate multiplier measures were properly approved. • The actual FY to-date results for the enterprise measures agreed with the underlying support, without exception.• The actual FY to-date results for the corporate multiplier measures agreed with the underlying support, without exception.• The FY 2019 WP payout percentage provided by the Benchmarking and Enterprise Performance organization on November 6, 2019, was mathematically accurate and agreed with the OIG’s recalculation.

Audit of FTC Expert Witness Services (redacted)

This Comprehensive Healthcare Inspection Program provides a focused evaluation of the quality of care delivered at the James A. Haley Veterans' Hospital, covering leadership, organizational risks, and key processes associated with promoting quality care. For this inspection, areas of focus were Quality, Safety, and Value; Medical Staff Privileging; Environment of Care; Medication Management: Controlled Substances Inspections; Mental Health: Military Sexual Trauma Follow-Up and Staff Training; Geriatric Care: Antidepressant Use among the Elderly; Women’s Health: Abnormal Cervical Pathology Results Notification and Follow-Up; and High-Risk Processes: Emergency Department and Urgent Care Center Operations.The facility’s leadership team had been working together for almost seven months, although several had served in their positions for years. Selected survey scores related to employee satisfaction with the facility’s leaders and patient experience survey data revealed scores related to satisfaction with the facility were similar to or better than the VHA averages. The OIG did not identify any substantial organizational risks. The leaders who were permanently assigned were knowledgeable within their scope of responsibility about selected SAIL and SAIL CLC metrics but the leadership team should continue to take actions to sustain and improve performance measures contributing to the SAIL “4-star” and CLC “2-star.”The OIG issued seven recommendations for improvement in the following areas:(1) Medical Staff Privileging• Focused professional practice evaluation (including for cause) processes• Ongoing professional practice evaluation(2) Medication Management: Controlled Substances Inspections• Monthly reviews of automatic dispensing cabinet override reports(3) Mental Health: Military Sexual Trauma Follow-up and Staff Training• MST training(4) Geriatric Care: Antidepressant Use among the Elderly• Patient/caregiver education and understanding of medications• Medication reconciliation(5) Women’s Health: Abnormal Cervical Pathology Results Notification and Follow-Up• Women Veterans Health Committee core membership

The VA Office of Inspector General (OIG) conducted this review to determine whether the Veterans Benefits Administration’s (VBA) Records Management Center disclosed third-party information (including social security numbers of other service members and medical professionals) when responding to Privacy Act requests. The act requires VBA to let beneficiaries review their claims files and have copies made. Many VBA records include third-party information, which had been redacted until a May 2016 policy change. VBA changed the policy that month because the redaction requirement was a major contributor to its massive requests backlog. Redaction also interfered with VBA’s plans to give veterans online access to their records. The May 2016 policy change did not require third parties to be notified when their information was released, meaning individuals at risk of identity theft might not be aware of that risk. VBA also did not communicate the policy change to veterans and service members. The OIG also found VBA put individuals at risk by not following procedures to encrypt sensitive information on discs mailed to veterans.The review of a random sample of 30 Privacy Act responses found 1,027 unrelated third party names and social security numbers. The OIG determined those disclosures raised legal concerns and estimated that responses under the May 2016 policy put millions of people at risk of identity theft. VA’s Office of General Counsel, however, had provided VBA with legal support for the policy change, despite the risk.The OIG asked the under secretary for benefits in a December 11, 2018, memo to immediately suspend VBA’s release policy and reevaluate the Privacy Act request program. After initially rejecting the request, the under secretary responded on June 19, 2019, saying VBA concluded that a policy update was necessary, and redactions would resume by October 1, 2019.

We contracted with Williams, Adley & Company-DC, LLC, an independent certified public accounting firm (CPA firm), to audit the financial statements of the National Endowment for the Arts (Arts Endowment) for the fiscal year ended September 30, 2019. In the Independent Auditors' Report, the CPA firm concluded that Arts Endowment’s financial statements were fairly presented in all material respects and thereby issued an unmodified opinion on those statements. In the Report on Internal Control, the CPA firm did not identify any deficiencies. However, the CPA firm noted a matter related to missing approval for personnel actions. This matter is further communicated in the Management Letter (MLC-2019-01). In the Report on Compliance, the CPA firm concluded that there were no instances of noncompliance by the Arts Endowment with applicable laws and regulations that have a material effect on the financial statements insofar as they relate to accounting matters.

What We Looked AtWe contracted with the independent public accounting firm KPMG LLP to audit the Federal Aviation Administration’s (FAA) financial statements as of and for the fiscal years ended September 30, 2019, and September 30, 2018, and to report on internal control over financial reporting and compliance with laws and other matters. The contract requires the audit to be performed in accordance with U.S. generally accepted Government auditing standards, Office of Management and Budget audit guidance, and the Governmental Accountability Office’s and Council of the Inspectors General on Integrity and Efficiency’s Financial Audit Manual. In connection with the contract, we performed a quality control review of KPMG’s report dated November 9, 2019, and related documentation, and inquired of its representatives. What We FoundOur quality control review disclosed no instances in which KPMG did not comply, in all material respects, with U.S. generally accepted Government auditing standards. RecommendationsFAA concurred with KPMG’s seven recommendations. We agree with KPMG’s recommendations and are not making any additional recommendations.