Federal Reports

What We Looked AtAs the Federal Aviation Administration’s (FAA) operational arm, Air Traffic Organization (ATO) is responsible for providing safe and efficient air navigation services in U.S. controlled airspace. ATO provides air navigation services in over 17 percent of the world’s airspace and includes large portions of international airspace over the Atlantic and Pacific Oceans and the Gulf of Mexico. Until recently, FAA ATO had never applied the high-impact security categorization rating to any of its information systems. While many of these systems provide safety-critical services and would have adverse high impact to FAA’s mission in the event of system failure, and on the safety and efficiency of the National Airspace System (NAS), FAA categorized all of them as low or moderate. Given the importance of ATO’s information systems to air traffic control security and traveler safety, we initiated this audit. Our audit objectives were to assess (1) FAA’s information system categorization process and (2) the security controls that FAA has selected for the systems it recently re-categorized as high impact. Our RecommendationsFAA concurred with all six of our recommendations to enhance FAA’s categorization process, and mitigate security risks until the Agency selects and implements high security controls for its re-categorized high-impact systems. THE DEPARTMENT HAS DETERMINED THAT THIS REPORT CONTAINS SENSITIVE SECUITY INFORMATION (SSI) that is controlled under 49 CFR parts 15 and 1520 to protect Sensitive Security Information exempt from public disclosure. For U.S. Government agencies, public disclosure is governed by 5 U.S.C. § 552 and 49 CFR parts 15 and 1520. SSI will be redacted from the report version posted on our website.

The objective of the performance audit was to determine whether the Procurement List (PL) addition process was transparent and performed efficiently, effectively, and in compliance with applicable laws, regulations, and policies.To answer the audit objective, the auditors interviewed key officials and reviewed all PL additions and PL transaction data during fiscal years (FY) 2018, 2019, and 2020. The team also assessed 1) the effectiveness of the policies, procedures, and practices employed when approving the addition or removal of products and services to or from the PL, 2) Central Nonprofit Agency (CNA) processes for producing and providing PL addition packages, and 3) how the Procurement List Information Management System (PLIMS) supports the processing of additions to and deletions from the PL.Overall, the performance audit concluded that, in general, the PL additions process complied with applicable laws and regulations, and that the Commission has improved its guidance to the CNAs regarding the submission of transaction packages to PLIMS, which led to improvements in the approval rates of PL addition packages and reduced overall PL addition cycle time. There were also improvement opportunities in four areas of the Commission’s process for completing PL additions.The report offers 13 recommendations to help the Commission improve its controls over the PL additions process as well as improve the efficiency and effectiveness of the process in helping the Commission achieve its policy goals.

This report presents the results of our audit of the Vehicle, Fuel, and Oil Expenses – Birmingham, AL, Woodlawn Station Post Office. The Woodlawn Station Post Office is in the Alabama-Mississippi District of the Southern Area. This audit was designed to provide U.S. Postal Service management with timely information on potential financial control risks at Postal Service locations.

The objectives were to (1) identify Old-Age, Survivors and Disability Insurance beneficiaries whose benefits may have been affected by State or local government pensions and (2) determine whether the Agency implemented recommendations from our 2011 report.