Federal Reports

What We Looked AtWe performed a quality control review (QCR) on the single audit that FORVIS, LLP performed for the Indianapolis Airport Authority’s (IAA) fiscal year that ended December 31, 2021. During this period, IAA expended approximately $48.5 million from a U.S. Department of Transportation (DOT) grant program, the Federal Aviation Administration’s Airport Improvement Program, which FORVIS determined was a major program. Our QCR objectives were to determine (1) whether the audit work complied with the Single Audit Act of 1984, as amended, and the Office of Management and Budget’s Uniform Guidance, and the extent to which we could rely on the auditors’ work on DOT’s major program; and (2) whether IAA’s reporting package complied with the reporting requirements of the Uniform Guidance. What We FoundIn our QCR, we determined that FORVIS’ audit work complied with the requirements of the Single Audit Act, the Uniform Guidance, and DOT’s major program. We found nothing to indicate that FORVIS’s opinion on DOT’s major program was inappropriate or unreliable. In addition, we did not identify deficiencies in IAA’s reporting package that required correction and resubmission.

We found the DOI can improve its oversight of tasers to reduce the risk of injury to the public and law enforcement officers.

Our objective was to determine the adequacy of National Institute of Standards and Technology's (NIST’s) oversight of MEP to ensure requirements are met. We found that NIST’s inadequate oversight of Hollings Manufacturing Extension Partnership has led to inefficient use of financial resources and concerns that recipients did not comply with key award terms. Specifically, we found NIST did notrequire Centers to use unexpended program income (UPI) during the award period and allowed Centers to retain substantial amounts of UPI from federal financial assistance awards; review executive salaries for reasonableness, resulting in Center executives receiving considerable salaries in excess of limits used by other federal agencies; andaddress potential conflicts of interest amongst recipients.

Our audit objective was to identify SWFO program challenges that may affect cost, schedule, or overall mission performance and assess the extent to which NOAA is addressing them. To satisfy our objective, we reviewed the SWFO program acquisition strategy, identified challenges in key program milestone activities, assessed program control activities, and analyzed selected issues and risks. We found that NOAA needs to ensure that SWFO-L1 has launch contingency options commensurate with its role as a critical, high-profile mission and that the SWFO program should improve its lessons learned processes and contract surveillance oversight. We also found that NOAA should update its space weather observation requirements in accordance with its validation criteria.

This audit report found that the FCC security programs were ineffective in seven of the nine metric domains. The contractor’s assessment of the overall maturity of each metric domain remained relatively consistent with the prior year. The Supply Chain Risk Management domain is the one metric domain that improved from the prior year. The FISMA evaluation report included eight findings with 21 recommendations intended to 2 improve the effectiveness of the FCC’s information security program controls. FCC management concurred with the findings.