Federal Reports

A Yard Conductor based in Washington, D.C., was terminated on April 29, 2021, for excessive consecutive days of absence without authority. The employee was arrested on April 6, 2021, and remained in custody for at least a week on several charges. The case is pending in the United States District Court, District of Columbia.

The Federal Information Security Modernization Act (FISMA) requires annual evaluations of the information security program at each federal agency. The Department of Homeland Security and the Office of Management and Budget review the results, which are part of a report to Congress on agencies’ compliance with FISMA.The VA Office of Inspector General (OIG) contracted with an independent public accounting firm to assess VA’s information security program for fiscal year (FY) 2020. CliftonLarsonAllen LLP evaluated 48 major applications and general support systems hosted at 24 VA sites that support VA’s three administrations.The firm concluded that VA continues to face significant challenges meeting FISMA requirements and made 26 recommendations for improving VA’s information security program. Specifically, VA should address security-related issues that contributed to the information technology material weakness reported in the FY 2020 audit of VA’s consolidated financial statements, improve deployment of security patches, system upgrades, and system configurations that will mitigate significant security vulnerabilities and enforce a consistent process across all field offices. The firm also recommended VA improve performance monitoring to ensure controls are operating as intended at all facilities and communicate identified security deficiencies so the appropriate personnel can mitigate significant risks.Two recommendations from previous years were closed, and three new recommendations were added. Some recommendations were modified or not closed because relevant information security control deficiencies were repeated. Despite VA’s commitment that the recommendations would be closed, some of them have been repeated for multiple years.CliftonLarsonAllen LLP will follow up on the outstanding recommendations in the FY 2021 audit of VA’s information security program. The OIG remains concerned that continuing delays in effectively addressing the recommendations could contribute to reporting a material weakness in VA’s information technology security controls during the FY 2021 audit of the department’s consolidated financial statements.

The Postal Service reported processing and delivering record numbers of ballots during the 2020-2021 election season — over 135 million ballots. Within that total were ballots of international origin, including 62,139 for the general election and 1,055 for the Georgia Senate runoffs. These figures included only those mailings with trackable barcodes processed for either the general election or the subsequent Georgia Senate runoff elections. The total number of ballots processed without a barcode is unknown. Our objective was to evaluate the Postal Service’s international mail operations during the 2020 general election and the state of Georgia Senate runoff elections.