Federal Reports

The audit objectives were to determine whether program funds were managed in accordance with the ARC and Federal grant requirements.

This is an annual report to Congress regarding the U.S. Consumer Product Safety Commission’s (CPSC) efforts to prevent and protect trafficking victims in 2025 in accordance with the Trafficking Victims Prevention and Protection Reauthorization Act of 2022.

Our objective was to determine whether the U.S. Census Bureau has implemented adequate data collection procedures to ensure that American Community Survey (ACS) estimates are reliable. We found that the bureau did not effectively implement its data collection and quality control procedures to ensure that ACS estimates were reliable. We also found that the bureau did not sufficiently monitor ISR data collection procedures and did not effectively implement personal visit data collection and quality control procedures.  

The objective of this audit was to determine whether the Farm Credit Administration has designed and implemented appropriate controls over its Emergency Operations Center.

During fiscal year (FY) 2025, the Office of Inspector General (OIG) conducted cybersecurity reviews to determine whether the Department of Energy’s unclassified cybersecurity program was implemented in accordance with Federal and Department requirements. The OIG also performed the audit, The Department of Energy’s Fiscal Year 2025 Consolidated Financial Statements, which included test work over controls related to information technology.

The management letter discusses the results of cybersecurity reviews conducted by the OIG in FY 2025 and the results of our Federal Information Security Modernization Act of 2014 evaluation.

The OIG issued 33 cybersecurity findings (including 13 repeat prior year findings) to Department sites and programs related to information technology controls. However, three of those prior year findings, along with their recommendations, are being tracked in other OIG issued reports. Additionally, the audit, The Department of Energy’s Fiscal Year 2025 Consolidated Financial Statements, identified a significant deficiency related to access controls over various Department financial systems. The findings that led to the significant deficiency are included within this report.

The weaknesses occurred for a variety of reasons. For instance, deficiencies related to access controls occurred, in part, due to management not responding to changes in risks or identifying risks associated with inappropriate or unnecessary access to systems.

Without improvements to address the weaknesses identified in our report, the Department may be unable to adequately protect its information systems and data from compromise, loss, or unauthorized modification.