An official website of the United States government
Here's how you know
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Brought to you by the Council of the Inspectors General on Integrity and Efficiency
Federal Reports
Report Date
Agency Reviewed / Investigated
Report Title
Type
Location
National Archives and Records Administration
Audit of NARA's Office of Human Capital Hiring Practices
Risk Assessment of the Utah Office for Victims of Crime Subrecipient Monitoring Activities for the Office of Justice Programs Victim Assistance Grants, Salt Lake City, Utah
Our Objective(s)
To determine (1) whether Cherry Bekaert LLP's work complied with the Single Audit Act of 1984, as amended, and the Office of Management and Budget's Uniform Guidance, and the extent to which we could rely on the auditor's work on the U.S. Department of Transportation's (DOT) major program, and (2) whether the Chesapeake Bay Bridge and Tunnel District's (CBBT) reporting package complied with the reporting requirements of the Uniform Guidance.
About This Report
During the fiscal year that ended on June 30, 2023, CBBT expended approximately $338.5 million from a DOT program. Cherry Bekaert determined DOT's major program was OST's Transportation Infrastructure Finance and Innovation Act program. We performed a quality control review on the single audit conducted by Cherry Bekaert to verify compliance with all Federal laws and regulations.
The independent public accounting firm of RMA Associates, LLC, under contract with the Office of Inspector General, audited the EAC’s information security program for fiscal year 2025 in support of the Federal Information Security Modernization Act of 2014 (FISMA). The objective was to determine whether the EAC implemented an effective information security program.
The DoD and Department of State OIG Joint Audit of U.S. Assistance Provided in Support of Ukraine Through the Foreign Military Financing Program (Full Report is CUI)
This report presents a review of the U.S. Postal Regulatory Commission’s (PRC) information security program and practices for fiscal year (FY) 2025. The Federal Information Security Modernization Act, amended in 2014 (FISMA) requires agencies to develop, implement, and document agencywide information security programs and practices. FISMA also requires inspectors general to conduct annual reviews of their agencies’ information security programs and report the results to the Office of Management and Budget.
In September 2025, the OIG issued a special report on the Peace Corps’ Information Technology environment. OIG contracted with technical subject matter experts to conduct three cybersecurity tests from January 2025 to March 2025. The three tests included a simulated phishing campaign, a review of the agency’s internal vulnerability management practices, and penetration tests that targeted critical Peace Corps systems.
While observing the agency’s security processes throughout the assessment, OIG found that the Peace Corps’ monitoring capabilities were able to identify the testing activities and demonstrate its incident response procedures. However, the cybersecurity tests also uncovered multiple vulnerabilities and misconfigurations, ranging from informational issues to critical severity risks that the Peace Corps needs to review and address.
