An official website of the United States government
Here's how you know
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Brought to you by the Council of the Inspectors General on Integrity and Efficiency
Federal Reports
Report Date
Agency Reviewed / Investigated
Report Title
Type
Location
Appalachian Regional Commission
Memorandum Report on Review of Center for Technology Enterprise, Inc.
We performed an interim audit of costs billed to TVA by a contractor for providing (1) modification and supplemental maintenance services at TVA nuclear plants (operating unit work) and (2) construction services for the restart of Browns Ferry Nuclear Plant (BFN) Unit 1. The scope of our review included $492.4 million of craft labor costs billed by the contractor through October 29, 2006, which had not previously been audited including: (1) $214 million for modification and supplemental maintenance services and (2) $278.4 million for the BFN Unit 1 services. In summary, we found TVA had been overbilled $1,986,254 because the contractor had (1) used a labor classification not provided for by TVA's contract, (2) miscalculated its payroll tax costs, (3) overpaid certain craft employees as a result of duplicate hours and ineligible double-time labor costs, and (4) misclassified some employees when it paid them. TVA management is planning to review the audit findings in detail to determine what amounts should be recovered from the contractor.
While TVA has taken several actions to better protect social security numbers (SSNs), we found opportunities to further protect or reduce the usage of SSNs that will lower the risk of exposure. TVA's Information Services has several initiatives under way to improve protection of SSNs. We are recommending several actions to further protect SSNs. Management agreed and has initiated corrective actions.
We initiated a special project to determine if (1) TVA's policies, procedures, and practices for handling lost or stolen computer equipment were adequate; (2) those policies, procedures, and practices were followed; and (3) the lost or stolen computers contained sensitive or restricted information. We found:TVA's policies, practices, and procedures for maintaining an accurate inventory of computer equipment were not adequate. Since the August 2004 implementation of the HP Service Desk (HPSD), which contains an inventory of TVA computers, TVA has been unable to track over 5,550 computers. The inability to adequately track, as well as the lack of encryption, on these computers increases the risk for the disclosure of sensitive or restricted information.The policies for handling/reporting stolen computers were not consistently followed. At least one of the stolen computers contained personally identifiable information-employee social security numbers. We have not been able to confirm whether the remaining stolen computers contained sensitive or restricted information, although we believe the risk is moderate.
