Federal Reports

While TVA has taken several actions to better protect social security numbers (SSNs), we found opportunities to further protect or reduce the usage of SSNs that will lower the risk of exposure. TVA's Information Services has several initiatives under way to improve protection of SSNs. We are recommending several actions to further protect SSNs. Management agreed and has initiated corrective actions.

We initiated a special project to determine if (1) TVA's policies, procedures, and practices for handling lost or stolen computer equipment were adequate; (2) those policies, procedures, and practices were followed; and (3) the lost or stolen computers contained sensitive or restricted information. We found:TVA's policies, practices, and procedures for maintaining an accurate inventory of computer equipment were not adequate. Since the August 2004 implementation of the HP Service Desk (HPSD), which contains an inventory of TVA computers, TVA has been unable to track over 5,550 computers. The inability to adequately track, as well as the lack of encryption, on these computers increases the risk for the disclosure of sensitive or restricted information.The policies for handling/reporting stolen computers were not consistently followed. At least one of the stolen computers contained personally identifiable information-employee social security numbers. We have not been able to confirm whether the remaining stolen computers contained sensitive or restricted information, although we believe the risk is moderate.

We audited $22.1 million of costs paid by TVA to a contractor for construction and modification services at TVA facilities. In summary, we foundAn estimated $20.8 million billed by the contractor for craft augmentation labor using hourly billing rates was inflated by approximately $619,000 because the contractor's billing rates included (a) overstated payroll tax costs and (b) calculation errors; andThe contractor billed TVA $25,658 for subcontract services it had not incurred. We recommended TVA management recover the inflated and overbilled costs and take steps to ensure the contractor's billing rates for craft augmentation labor are reasonable based on the company's actual costs. Summary Only

We completed agreed-upon procedures to assist the Center for Resource Solutions (CRS) in determining TVA's compliance with the annual reporting requirements of CRS' Green Pricing Accreditation Program for the year ended December 31, 2007. The required information on TVA's renewable energy initiative, "Green Power Switch," was provided to CRS. No exceptions were identified. Summary Only

ED OIG Semiannual Report 56 Final 508

EAC OIG audited $19.3 million in funds received by the New Mexico Secretary of State under the Help America Vote Act. The objectives of the audit were to determine whether the Secretary of State (1) expended HAVA payments in accordance with the Act and related administrative requirements and (2) complied with the HAVA requirements for establishing an election fund, meeting its matching share requirement, and maintaining state expenditures for elections at a level not less than the level expended in fiscal year 2000.

We determined that TCI met requirements in the HEA and regulations for institutional (excluding the 90/10 rule), program, and student eligibility and for award calculations. However, our review disclosed that (1) TCI improperly paid $440,487 to FFEL lenders to pay off its students’ loans and prevent their default; and (2) TCI had internal control deficiencies in the administration of Title IV programs during the period under review.