Federal Reports

This report highlights OIG’s work from October 1, 2025, to March 31, 2026, including the closure of 10 significant recommendations.

EAC OIG performed this review to determine whether the EAC complied with the Payment Integrity Information Act of 2019 reporting requirements for fiscal year 2025.

Elevated privileges grant users broad authority to modify configurations, access sensitive data, and control critical system functions of NASA information systems. IT privileges can pose security risks if not properly controlled. In the two elevated privileges accounts that we reviewed, we determined the Agency is effectively managing which users get administrative rights to NASA-provided computers.

This audit, performed by KPMG LLP (KPMG) on behalf of the Department of Energy Office of Inspector General (OIG), examined the Department’s cybersecurity and information technology (IT) governance program.

The audit’s objective was to determine whether the Department developed and implemented a governance structure over its cybersecurity and IT activities.

In contracting with an independent audit firm and drawing from the results of the audit, auditing standards require the OIG to review the work performed. Accordingly, the OIG oversaw the audit and reviewed the results. Our review disclosed no instances where KPMG did not comply, in all material respects, with generally accepted government auditing standards.

KPMG identified eight areas for improvement to the Department’s cybersecurity and IT governance program. Specifically, KPMG identified findings related to areas such as outdated contracts, policies, and/or requirements to include standard terms and conditions for prime and subcontractors. In addition, the Department had not fully implemented an enterprise data strategy, risk monitoring program, or comprehensive enterprise information system inventory to include those with personally identifiable information. Further, improvements were needed for ensuring compliance with Federal requirements, developing a comprehensive workforce assessment, and verifying the completeness and accuracy over various requests for data from Department elements.

KPMG made 11 recommendations to the Department to address the report’s 8 areas for improvement. These areas include enterprise-level approaches for ensuring the most recent Federal cybersecurity and IT governance requirements are more timely implemented and contractually required, enterprise-level areas, such as a data strategy, risk monitoring, and systems inventories, are either formalized and/or completed, and data call information is verified for completeness and accuracy.

The Department concurred with each of the 11 recommendations and planned to take corrective actions.

The Office of Inspector General is tasked with ensuring efficiency, accountability, and integrity in the U.S. Postal Service and its regulator, the Postal Regulatory Commission (PRC). We also have the distinct mission of helping to maintain confidence in the mail and postal system, as well as to improve USPS's bottom line. We use audits and investigations to help protect the integrity of the Postal Service and the PRC. Our Semiannual Report to Congress presents a snapshot of the work we did to fulfill our mission for the six-month period ending March 31, 2026. Our dynamic report format provides readers with easy access to facts and information, as well as succinct summaries of the work by area. Links are provided to the full reports featured in this report, as well as to the appendices.