Federal Reports

This report transmits the results of the Federal Election Commission Office of the Inspector General fiscal year (FY) 2025 annual review of the FEC's compliance with the Payment Integrity Information Act of 2019 (PIIA).

The Department of Homeland Security Office of Intelligence and Analysis (I&A) and Office of the Chief Information Officer (OCIO) did not effectively manage and secure I&A mobile devices, resulting in vulnerabilities and a higher risk of cyberattacks, unauthorized access to sensitive information, and waste. • Two I&A-developed apps used to share intelligence with law enforcement and first responders had three vulnerabilities known to I&A but not remediated, risking exploitation.  • 76 percent of apps installed on I&A mobile devices pose security risks, are prohibited, or allow prohibited activities. • I&A and OCIO did not ensure I&A devices were authorized and protected for use outside of the United States, increasing the risk of exploitation by foreign adversaries. • I&A accounted for only 11 percent of mobile devices recorded in OCIO’s asset management system as issued to I&A staff, and OCIO did not properly sanitize disposed-of I&A mobile devices, risking protection of sensitive information.  • 27 percent of mobile device and 44 percent of mobile device management system security settings did not comply with DHS requirements, exposing devices to cybersecurity risks such as unauthorized access and data breaches. These deficiencies occurred in part because I&A did not address known vulnerabilities in mobile apps.  Additionally, OCIO did not establish or enforce security policies and procedures for mobile devices and supporting infrastructure, and in some cases had not identified vulnerabilities.  Also, I&A’s foreign travel policy was outdated, and OCIO had not implemented separate security controls for I&A devices used for international travel.   Data Access: OCIO denied us direct access to ServiceNow, which precluded an independent, comprehensive review of the data. 

Why We Did This Report

We conducted this audit to determine whether the Environmental Finance Centers, which are funded by annual and Infrastructure Investment and Jobs Act appropriations and perform work in EPA Region 4 states, are accomplishing the outputs and outcomes established in their cooperative agreements.

Summary of Findings

We found that six out of the eight Environmental Finance Centers, or EFCs, that provided technical assistance, or TA, in EPA Region 4 exceeded their target output for the number of communities receiving TA over the first year of performance under their cooperative agreements.

Why We Did This Report

We conducted this evaluation to identify state-level trends in Resource Conservation and Recovery Act enforcement data for large quantity generators from 2020 through 2024.

Summary of Findings

From 2020 through 2024, the EPA and some authorized states did not fully meet their commitment to inspect all large quantity generators, or LQGs, within that five-year period.

From 2020 through 2024, the Department of Homeland Security, through the DHS Science and Technology Directorate (S&T), contracted with N5 Sensors, Inc. (N5) to develop and deploy wildfire detection sensors that did not consistently detect fires or alert state and local partners to aid response efforts.  Failure to detect wildfires early and notify first responders can result in the increased loss of life and property, and otherwise avoidable costs associated with rebuilding damaged communities.   Both technological limitations and environmental factors caused wildfire sensor issues.  The wildfire sensors required additional training and operational data to improve AI algorithms for fire detection.  Wind speed and direction also negatively impacted the performance of wildfire sensors.   S&T’s contract with N5 ended on December 31, 2024.  As of April 2025, the S&T had no plans to further fund wildfire sensor detection technologies.