Federal Reports

The objectives of our inspection were to describe 1. the involvement of the U.S. Department of Education (Department) in transactions among Education Management Corporation, Dream Center Education Holdings, LLC (Dream Center), Education Principle Foundation, and Studio Enterprise Manager, LLC, and the steps the Department took to protect students and taxpayers; 2. how the Department drew down and applied surety funds from letters of credit for Education Management Corporation and Dream Center and how the Department ensured that the surety funds were used in accordance with the terms of the provisional program participation agreements and any other requirements; and 3. how the Department ensured that Dream Center complied with requirements for drawing down and disbursing Title IV of the Higher Education Act of 1965, as amended (Title IV), program funds.During and after Federal Student Aid’s (FSA) preacquisition review, the Department identified significant financial risks associated with Dream Center’s purchase of 13 postsecondary schools, including Dream Center’s loss of the financial backing of an investor who was to provide at least 50 percent of the capital for the purchase, Dream Center’s lack of experience investing in or operating schools participating in the Title IV programs, potential cash flow issues, and more than a decade of failing financial health scores for all 13 schools.

The VA Office of Inspector General (OIG) conducted this review to determine whether Veterans Health Administration (VHA) contracting officers complied with mandates to ensure contractors account for and return their personnel’s personal identity verification (PIV) cards as required, such as at the end of a contract or employment. PIV cards are federally issued credentials used by authorized individuals to gain access to federal facilities and information systems. The Federal Acquisition Regulation (FAR) establishes that it is the contracting officer’s responsibility to ensure that contractor employees return all PIV cards they are issued. Unreturned cards increase risks for unauthorized access to VA facilities and information systems.The review team examined a random sample of 46 professional service and healthcare resource contracts. None of the reviewed contracts had adequate evidence to demonstrate FAR requirements were met. VHA contracting officers’ noncompliance with PIV card requirements occurred because they were unaware of their responsibilities and the requirements. In addition, VHA did not have policies or procedures detailing supervisory oversight of contracting officers’ duties regarding PIV cards, the internal audit office did not review compliance, and there was no automated tool for continuous tracking and monitoring of PIV cards issued to contractors’ personnel.The OIG made 10 recommendations to the under secretary for health to address deficiencies related to compliance with requirements for PIV cards issued to contractors’ personnel. Recommendations include ensuring all PIV cards are returned prior to contract closeout, outlining specific supervisory responsibilities for contracting officer oversight, and periodically reviewing contract compliance. The OIG also recommended VHA assess whether the existing and planned information systems could have the functionality to allow effective and routine monitoring of contractors’ PIV cards or a new system is needed.

We reviewed the U.S. Department of Housing and Urban Development’s (HUD) information technology (IT) modernization roadmap. A significant number of HUD’s mission-essential applications have not been modernized, which presents multiple sources of risk. These applications are hosted on legacy information systems and mainframe platforms, which are operationally inefficient, increasingly difficult to secure, and costly to maintain. Historically, HUD has failed to successfully implement multiple modernization plans and projects. Leadership changes with shifting priorities and insufficient funding pose potential risk to modernization. As a result, hundreds of millions of dollars in potential savings from modernization have not been realized, and security risks have remained. Our objectives were to (1) determine the extent to which HUD has developed an IT modernization roadmap and to report on its current and future state, (2) gain an understanding of HUD’s IT modernization strategy and priorities, and (3) assess the effectiveness of the roadmap and strategy.HUD’s recent efforts to modernize key IT systems that support its programs has been well managed and resulted in positive outcomes. HUD made significant progress with implementing its multiyear modernization roadmap; formalizing its strategy for converting to modern technology; and delivering improved information systems. HUD reported that these modernization efforts result in long-term cost savings and industry efficiencies. Prior IT modernization efforts often failed, costing millions of dollars and lost resources. HUD’s Office of the Chief Information Officer (OCIO) developed an enterprisewide IT modernization roadmap in April 2020. This roadmap includes initiatives within HUD program offices, enterprise capabilities, and improving technologies, such as migrating legacy mainframe platforms to modernized cloud technologies. The roadmap includes initiatives and timelines based on an agile approach, which allows HUD to deliver new functionality incrementally, maximize flexibility, and adjust to shifting program office modernization priorities. The Federal Housing Administration (FHA), Office of Public and Indian Housing (PIH), and mainframe modernization were identified as priority modernization initiatives. This evaluation report contains two recommendations and five opportunities for improvement to assist in continued successes for future modernization efforts.