An official website of the United States government
Here's how you know
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Brought to you by the Council of the Inspectors General on Integrity and Efficiency
Federal Reports
Report Date
Agency Reviewed / Investigated
Report Title
Type
Location
Department of Commerce
Evaluation of NIST’s Management of the National Vulnerability Database
Identifying and resolving security flaws and weaknesses in IT infrastructure—known as vulnerability management—helps prevent cyberattacks, data breaches, and system disruptions. The National Vulnerability Database (NVD), maintained by the National Institute of Standards and Technology (NIST), provides data for vulnerability management to cybersecurity professionals in the public and private sectors. A backlog of unprocessed vulnerabilities began in February 2024 and continued to grow, undermining the NVD’s utility and public trust.
Our objective was to evaluate the effectiveness and sustainability of NIST’s processes for managing cybersecurity vulnerabilities submitted to the NVD, including the long-term effectiveness of NIST’s strategy for reducing its vulnerability backlog and its measures to prevent future processing delays. NIST considers the NVD a key piece of the U.S. cybersecurity infrastructure, but its actions to resolve the growing backlog did not reflect that characterization. We found that NIST did not have sustainable processes to manage NVD submissions and would be unable to clear the backlog of unprocessed vulnerabilities or prevent future processing delays without significant changes.
We made six recommendations to help NIST manage and establish priorities for the NVD, improve the efficiency and sustainability of enrichment processes, and ensure the best use of government resources.
This statutory report presents the activities and accomplishments of the OIG from October 1, 2025, through March 31, 2026. The audits, investigations, and related work highlighted in the report are products of our mission to identify and stop fraud, waste, and abuse; and promote accountability, efficiency, and effectiveness through our oversight of the Department’s programs and operations.
The independent public accounting firm of Allmond & Company, LLC, under contract with the Office of Inspector General, audited Help America Vote Act (HAVA) grants administered by the Mississippi Secretary of State's Office, totaling $15.07 million. This included federal funds, state matching funds, and interest income earned on the Election Security and Reissued Section 251 grants.
The National Security Agency (NSA) Office of the Inspector General (OIG) publicly released an unclassified version of its Semiannual Report (SAR) to Congress summarizing the OIG’s oversight work during the first half of fiscal year 2026.
As required by the Inspector General Act of 1978, as amended, the SAR was transmitted to Congress on 22 May 2026.
We determined that the Rural Housing Service did not consistently perform timely servicing of multi-family housing projects we reviewed in the Midwest Region, which is essential to ensure that borrowers provided rental residents with safe and sanitary housing.
To evaluate single audit reports uploaded to the Federal Audit Clearinghouse between January 1, 2026, and March 31, 2026, and identify findings that affect directly awarded Department of Transportation (DOT) programs.
Why This Audit
OIG performs oversight of independent, non-Federal auditors' single audit reports. Over the past 3 fiscal years, on average over 200 single audit reports were issued that included findings related to programs directly funded by DOT. We issue memoranda that summarize these reports' significant findings and recommendations that require priority action by DOT. When warranted, we also recommend that DOT recover funds inappropriately expended by non-Federal entities.
What We Found
Auditors reported 26 findings related to 17 grantees that included significant noncompliance with Federal guidelines requiring prompt action from DOT's Operating Administrations.
Of the 26 findings, 8 were repeat findings related to 6 grantees.
Auditors identified questioned costs totaling $2,703,783 for five grantees.
Of this amount, $1,148,672 was related to the Northern Arizona Intergovernmental Public Transportation Authority, Flagstaff, AZ, and $971,676 was related to the Confederated Tribes of the Colville Reservation, Nespelem, WA.
We identified nonmonetary repeat findings that caused qualified opinions for four grantees.
Recommendations
We made 3 recommendations to strengthen OST oversight of non-Federal entities and determine the allowability of questioned costs.
