Federal Reports

We found the DOI can improve its oversight of tasers to reduce the risk of injury to the public and law enforcement officers.

Our objective was to determine the adequacy of National Institute of Standards and Technology's (NIST’s) oversight of MEP to ensure requirements are met. We found that NIST’s inadequate oversight of Hollings Manufacturing Extension Partnership has led to inefficient use of financial resources and concerns that recipients did not comply with key award terms. Specifically, we found NIST did notrequire Centers to use unexpended program income (UPI) during the award period and allowed Centers to retain substantial amounts of UPI from federal financial assistance awards; review executive salaries for reasonableness, resulting in Center executives receiving considerable salaries in excess of limits used by other federal agencies; andaddress potential conflicts of interest amongst recipients.

Our audit objective was to identify SWFO program challenges that may affect cost, schedule, or overall mission performance and assess the extent to which NOAA is addressing them. To satisfy our objective, we reviewed the SWFO program acquisition strategy, identified challenges in key program milestone activities, assessed program control activities, and analyzed selected issues and risks. We found that NOAA needs to ensure that SWFO-L1 has launch contingency options commensurate with its role as a critical, high-profile mission and that the SWFO program should improve its lessons learned processes and contract surveillance oversight. We also found that NOAA should update its space weather observation requirements in accordance with its validation criteria.

This audit report found that the FCC security programs were ineffective in seven of the nine metric domains. The contractor’s assessment of the overall maturity of each metric domain remained relatively consistent with the prior year. The Supply Chain Risk Management domain is the one metric domain that improved from the prior year. The FISMA evaluation report included eight findings with 21 recommendations intended to 2 improve the effectiveness of the FCC’s information security program controls. FCC management concurred with the findings.

The Office of Community Planning and Development (CPD) traditionally uses onsite monitoring to monitor its grantees. However, in response to the coronavirus disease 2019 pandemic, CPD shifted to 100 percent remote monitoring. Monitoring was momentarily paused in fiscal year (FY) 2020 and was reinstituted remotely in FY 2021.To support its remote monitoring approach, CPD launched the Grantee Document Exchange (GDX), an externally accessible portal application that allows grantees and CPD to securely share documents during monitoring sessions. CPD trained its employees on the remote monitoring process, including on GDX. In a survey that we conducted on CPD employees’ experiences using remote monitoring, most CPD employees reported that the guidance, mentoring, or technical support prepared them well to monitor remotely. CPD’s Office of Field Management (OFM) delegated the responsibility of training grantees on remote monitoring to their respective field offices. Additionally, OFM issued materials with instructions to grantees on how to use GDX. Overall, most CPD employees found remote monitoring to be somewhat or very effective in achieving CPD’s monitoring objective. However, CPD employees faced challenges and limitations with remote monitoring related to safeguarding personally identifiable information, the duration of remote monitoring sessions, and the ability to verify physical assets effectively.Going forward, CPD has opportunities to use remote monitoring judiciously and provide its employees with additional guidance on how to use remote monitoring to further its monitoring objectives. In CPD’s formal comments, CPD indicated that it had begun taking action in this direction.

EAC OIG audited EAC’s testing and certification program. The Help America Vote Act established requirements for EAC to provide for the “testing, certification, decertification, and recertification of voting system hardware and software by accredited laboratories.”