Federal Reports

At the request of the Tennessee Valley Authority's (TVA) Supply Chain, we examined the cost proposal submitted by a company for performance of nonnuclear modification and supplemental maintenance services. Our examination objective was to determine if the company's cost proposal was fairly stated for a planned 5-year, $386 million contract.In our opinion, the company's cost proposal was overstated. Specifically, we found (1) the application base for the company's proposed markup rate for the recovery of general and administrative (G&A) costs did not reflect TVA's intent, (2) the company's proposed markup rate for the recovery of workers' compensation and general liability costs exceeded the markup rate provided for in TVA's request for proposal (RFP), and (3) the company's proposed markup rate for the recovery of noncraft payroll tax costs was overstated compared to recent actual costs. We estimated TVA could avoid about $54.29 million over the planned $386 million contract by (1) requiring the company's G&A markup rate to be applied to unburdened noncraft wages to more accurately reflect TVA's intent for reimbursing G&A costs, (2) negotiating revised workers' compensation and general liability insurance markup rates to comply with the RFP requirements, and (3) revising the contract to provide for reimbursement of actual noncraft payroll tax costs. (Summary Only)

This report contains information about recommendations from the OIG's audits, evaluations, reviews, and other reports that the OIG had not closed as of the specified date because it had not determined that the Department of Justice (DOJ) or a non-DOJ federal agency had fully implemented them. The list omits information that DOJ determined to be limited official use or classified, and therefore unsuitable for public release.The status of each recommendation was accurate as of the specified date and is subject to change. Specifically, a recommendation identified as not closed as of the specified date may subsequently have been closed.

This report communicates the results of the Fiscal Year 2022 Federal Trade Commission Office of Inspector General review of the FTC’s compliance with the Payment Integrity Information Act of 2019 (PIIA) (Public Law 116-117).

The fiscal year 2022 FISMA evaluation concluded that AmeriCorps’ information security program remains ineffective. Control weaknesses in the following areas prevent AmeriCorps’ cybersecurity program from maturing: (1) mobile devices, (2) IT asset inventory management, (3) vulnerability and patch management program, (4) Personal Identity Verification (PIV) multifactor authentication, (5) performance measures, (6) security assessments and (7) contingency planning. AmeriCorps has not made significant progress in implementing prior FISMA recommendations: it has implemented only 12 of the 42 open recommendations from the FY 2017- FY 2021 FISMA evaluations. The failure to address critical deficiencies leaves AmeriCorps systems and data vulnerable to breach, which may expose sensitive information, including Personally Identifiable Information, to unauthorized access, use, and disclosure. Implementing more of these recommendations will help AmeriCorps to mature its information security program and bring it closer to effectiveness. AmeriCorps concurred with the three new recommendations in our report, which together with the 30 remaining prior year recommendations, will assist AmeriCorps in developing a mature and effective information security program. The full report contains a summary and evaluation of management’s response.