Federal Reports

To ensure the continued operations of the International Space Station and the safety of the crew, NASA and its spacesuit support contractor must ensure the suits used for spacewalks, designed more than 50 years ago, are well-maintained and reliable. The contractor, Collins Aerospace, has struggled to ensure sufficient life support components for the suits are delivered when needed and within budget and that meet quality expectations. While Collins’ performance over the last several years has declined, NASA has limited leverage to incentivize improved performance.

The VA Office of Inspector General (OIG) conducted a healthcare inspection to determine whether leaders and staff followed required procedures related to suspected elder abuse of a community living center (CLC) resident at the St. Albans VA Medical Center in Queens, part of the VA New York Harbor Healthcare System (system). 

The OIG determined leaders and staff failed to follow procedures to report suspected abuse. A nursing assistant witnessed another nursing assistant allegedly abuse a resident but failed to immediately notify a supervisor, due to being “scared.” Nursing leaders and staff did not immediately ensure the resident’s safety, and did not report the suspected abuse to a unit social worker, VA Police, the resident’s family, and the New York State Department of Health. A nurse practitioner evaluated bruises on the resident and did not document a complete physical exam, consider whether the bruises were related to abuse, or inform the resident’s family. Staff described a culture of silence in the CLC in which staff generally did not report, or underreported, patient safety incidents due to fear of reprisal or administrative burdens. 

Leaders conducted two factfinding investigations into the alleged abuse; however, neither factfinding was thorough, which led to inaccurate conclusions. Factfinding 2 was completed approximately five months after the alleged abuse, exceeding a 14-day completion requirement. An accurate conclusion would have indicated the allegation of patient abuse was plausible and required system leaders to conduct an administrative investigation board. 

The OIG found additional reporting deficiencies related to other incidents of suspected resident abuse; insufficient staff training; substandard documentation by staff, which hindered reviews and investigations; and omissions in Veterans Health Administration and system abuse-related policies. 

The OIG made one recommendation to the Under Secretary for Health, who concurred in principle, and six recommendations to the System Director.
 

Our Objective(s)
To evaluate the Federal Aviation Administration's (FAA) (1) policies and procedures for the International Aviation Safety Assessment (IASA) program and (2) ability to monitor foreign civil aviation authorities (CAAs) for potential safety concerns.

Why This Audit
In 2022, FAA announced changes intended to better mitigate international civil aviation risks, strengthen international relationships with CAAs, and improve effectiveness in executing the IASA process. While the changes were suspended in 2024, a new set of revisions was proposed. It remains uncertain how the Agency's proposed changes will impact the program's ability to evaluate and monitor foreign CAAs' compliance with ICAO standards.

What We Found
The IASA program's execution is hindered by inadequate milestones, lack of documentation, and fluctuating policy and guidance.
FAA's assessment times have increased overall for higher-risk CAAs, and the Agency does not have completion goals for tracking assessments, which may prevent it from promptly addressing safety issues.
In 2022, FAA issued a policy statement intended to enhance the IASA program. However, the Agency suspended it in 2024, issued a new policy statement, and requested comments on the proposed changes. These comments have not yet been finalized as of April 2025.
FAA does not consistently maintain documentation for its assessments and some in-country evaluation checklists are outdated, causing disagreements between officials and delayed assessment times.

FAA monitors CAAs for safety concerns but competing priorities and limited resources restrict the number of IASA reassessments.
In 2023, FAA updated and improved its Risk Assessment Tool-originally developed in 2006-which the Agency uses to determine which CAAs should be reassessed.
FAA is not always able to conduct recommended CAA reassessments timely, and sometimes the Agency does not conduct these reassessments at all.

Recommendations
We made 7 recommendations to improve FAA's administration of the IASA program.

Our Objective(s)
To perform a quality control review (QCR) of Sikich's fiscal year 2025 audit of the effectiveness of the Department of Transportation's (DOT) information security program and practices.

Why This Audit
The Federal Information Security Modernization Act of 2014 requires agencies to develop, implement, and document agencywide information security programs and practices. The Act also requires inspectors general to conduct annual reviews to determine the effectiveness of their agencies' information security programs and report their review results to the Office of Management and Budget. To meet this requirement, we contracted with Sikich to conduct this audit subject to our oversight. We performed a QCR of Sikich's report and related documentation.

What We Found
The independent auditor, Sikich, found that DOT's information security program and practices were not effective and made seven recommendations to improve DOT's information security program.
Establish and implement guidance for performing Cybersecurity Framework 2.0 activities through policies and procedures, including the development of current and target cybersecurity profiles which consider anticipated changes in DOT's cybersecurity posture.
Define and implement policies and procedures that utilize standard data elements and taxonomy to develop and maintain an up-to-date inventory of all software assets and associated licenses, including Executive Order critical software.
Document policies and procedures for developing and maintaining a comprehensive and accurate inventory of data and the corresponding metadata for DOT's data types.
Create and maintain a comprehensive inventory of data and corresponding metadata.
Work with Federal Aviation Administration (FAA) Chief Information Officer (CIO) to secure a reliable funding stream for continuous vetting.
Work with FAA CIO to initiate and complete the background investigation of FAA employees in public trust positions.
Work with FAA CIO to enroll FAA employees into continuous vetting through Trusted Workforce.

Our QCR disclosed no instances in which Sikich did not comply, in all material respects, with generally accepted Government auditing standards.

Recommendations
DOT concurs with Sikich's seven recommendations.

Our objectives were to determine whether the Wisconsin Department of Public Instruction (Wisconsin) designed and implemented (1) application processes that adequately assessed nonpublic schools’ eligibility for Emergency Assistance to Nonpublic Schools (EANS)-funded services or assistance and complied with other applicable requirements, and (2) oversight processes to ensure that EANS-funded services or assistance were used for allowable purposes. Although we found Wisconsin’s processes to assess nonpublic schools’ eligibility for EANS-funded services and assistance ensured that funds were obligated within 6 months of receipt and that applications for the EANS programs were generally approved or denied timely in accordance with Federal regulations, we found that Wisconsin allocated ARP EANS funds to nonpublic schools that did not meet program eligibility requirements and did not verify some information that nonpublic schools provided in their applications for EANS funds. Additionally, Wisconsin’s oversight of its contractor’s administration of EANS expenditures and inventory processes could be improved. Specifically, Wisconsin did not effectively monitor its contractor to ensure that expenditures were properly accounted for, supporting documentation was maintained, and assets purchased with EANS funds were tracked. Further, Wisconsin’s processes did not ensure that fees charged to the nonpublic schools’ EANS funds were reasonable and appropriate. However, Wisconsin’s oversight was adequate to ensure that EANS-funded services and assistance were for allowable purposes.  Wisconsin’s improper approval of ineligible nonpublic schools’ applications resulted in providing over $20 million in ARP EANS-funded services and assistance to 184 nonpublic schools. Further, because Wisconsin did not verify certain information in nonpublic schools’ applications, it provided $838,829 for EANS-funded services and assistance to one ineligible school and did not have assurance that all schools that were approved to participate in the programs had a nonprofit status. We made seven recommendations to address the issues we identified in Wisconsin’s administration and oversight of its EANS programs.

The objective of our audit was to determine whether West Virginia Department of Education (WVDE) implemented selected components of its statewide accountability system in accordance with West Virginia’s approved Every Student Succeeds Act State plan and any approved amendments. The selected components were (1) indicators used to measure student academic achievement and school success, (2) annual meaningful differentiation, and (3) identification of schools needing additional support. We evaluated WVDE’s processes for implementing selected components of West Virginia’s statewide accountability system for school year 2021–2022.  We found that WVDE generally implemented selected components of the statewide accountability system in accordance with West Virginia’s State plan and amendments and WVDE’s policies and procedures and correctly allocated additional funding to local educational agencies (LEA) with schools identified in the fall of 2022 as needing additional support. However, WVDE incorrectly identified for additional support and improvement 12 schools that were not eligible for additional support services. Additionally, WVDE did not always keep records showing that it provided additional support services, such as planning and collaboration, diagnostic and monitoring activities, and technical assistance, to LEAs with schools identified as needing additional support. We made three recommendations to strengthen WVDE’s implementation of selected components of its statewide accountability system.

The objective of our audit was to determine whether Connecticut State Department of Education (CSDE) implemented selected components of its statewide accountability system in accordance with Connecticut’s approved Every Student Succeeds Act State plan and any approved amendments. The selected components were (1) indicators used to measure student academic achievement and school success, (2) annual meaningful differentiation, and (3) identification of schools needing additional support. We evaluated CSDE’s processes for implementing selected components of Connecticut’s statewide accountability system for school year 2021–2022. We found that CSDE implemented two (student academic achievement and school success indicators and annual meaningful differentiation) of the three selected components of the statewide accountability system and provided additional funding and support services to local educational agencies with identified schools in accordance with Connecticut’s approved State plan and CSDE’s policies and procedures. However, its implementation of certain aspects of the third selected component (identification of low-performing schools) of the accountability system deviated from the plan. As a result, CSDE did not identify all schools for comprehensive support and improvement that it should have identified in the fall of 2022. Additionally, CSDE did not always identify or correctly identify the student subgroups needing additional targeted support and improvement in accordance with Connecticut’s approved State plan, which it attributed to a system coding error for additional targeted support and improvement. We recommended that CSDE amend Connecticut’s State plan by updating its procedures for identifying schools for CSI to ensure they align with the procedures in CSDE’s “Using Accountability Results to Guide Improvement” and the definition of a school identified for CSI in the ESEA and provide support to the five Title I schools that should have been identified for CSI. We also recommend that the Department verify that CSDE implemented corrective actions to fix the system coding error to ensure that it correctly identifies student subgroups needing ATSI in the future.