An official website of the United States government
Here's how you know
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Brought to you by the Council of the Inspectors General on Integrity and Efficiency
Federal Reports
Report Date
Agency Reviewed / Investigated
Report Title
Type
Location
AmeriCorps
Audit of AmeriCorps' FY2025 Trust Financial Statements
The National Service Trust holds the funds set aside to pay the education awards of national service members who successfully complete their service terms. Responsibility for the education awards that have been earned or will be earned in the near future is the largest liability on AmeriCorps’ financial statements at $278 million.
AmeriCorps has been unable to produce auditable financial statements for the last nine years. This year, independent auditors issued another disclaimer of opinion, reporting five material weaknesses and one significant deficiency and added two new recommendations. The auditors, however, verified that AmeriCorps took appropriate actions to close 4 of the 32 prior year recommendations. As a result of this audit, there are now 30 open recommendations.
Independent Auditors’ Performance Audit Report on the U.S. Department of the Interior’s Compliance With the Federal Information Security Modernization Act for Fiscal Year 2025
The Office of Inspector General engaged the independent public accounting firm Harper, Rains, Knight, & Company, P.A. (HRK) to conduct the annual Federal Information Security Modernization Act (FISMA) evaluation and complete the FY 2025 Inspector General (IG) FISMA Reporting Metrics.
The objective of the evaluation was to assess the effectiveness of the Commission's information security program and practices for FY 2025. HRK determined the Commission’s maturity levels were consistently implemented and its information security program and practices were effective.
HRK identified one new finding with three corresponding recommendations.
The following is the U.S. Department of Housing and Urban Development (HUD), Office of Inspector General’s (OIG) Annual Work Plan (AWP) for Fiscal Year (FY) 2026. The OIG conducts audits and evaluations to prevent and detect fraud and abuse and promote the economy, efficiency, and effectiveness of HUD’s programs and operations.
The AWP highlights audits and evaluations the OIG will initiate in FY 2026, as well as ongoing projects that continue from prior years. All of the projects span HUD programs and operations and take into account HUD’s Top Management and Performance Challenges we identified through our past oversight work, HUD’s priorities as described in its Annual Performance Plan for FY 2026, and recommendations for action we issued to HUD that remain open. The projects also encompass mandatory audits and evaluations required by laws or regulations.
We organized the AWP by focus areas that correspond to the challenges described in our Top Management and Performance Challenges Report. These focus areas are:
• Improving Business Operations: Modernizing IT Systems and Streamlining Procurement
• Protecting Taxpayer Funds from Fraud, Waste, and Abuse
• Modernizing the Management of Grant Funds
• Ensuring the Availability of and Access to Affordable and Quality Housing
We are committed to providing objective oversight to protect taxpayer funds from fraud and waste and to improve the efficiency and effectiveness of HUD’s programs and operations. As with any plan, the AWP is subject to periodic review and revision to address emerging programmatic issues, priorities, and resource changes and to respond to HUD requests or legislative mandates. One area of developing oversight is the OIG’s work in support of safer homes and communities as mandated by the President’s Executive Orders and Presidential Memoranda.
The VA OIG conducts information security inspections to assess whether VA facilities meet federal security requirements. The OIG followed up on an inspection it conducted at the VA Beckley Healthcare System in West Virginia in 2023. During this follow-up inspection, the OIG identified substantial progress in addressing prior recommendations, and some continued deficiencies in configuration management, security management, and access controls.
For configuration management, the team identified one deficiency over vulnerability remediation: the healthcare system did not meet required timelines for addressing critical vulnerabilities and lacked necessary remediation plans, leaving outdated software on numerous systems. Additionally, the OIG identified several unique high and critical vulnerabilities within the network that were not reflected in the agency’s standard vulnerability reports.
The healthcare system had deficiencies in three security management controls: a special-purpose system lacked authorization to operate; a special-purpose system had inappropriate security categorizations; and staff had administrative access and a lack of separation of duties for managing a pharmacy inventory system.
Finally, the healthcare system had deficiencies in physical controls restricting access to computer rooms, although the facility was addressing these deficiencies. The team also found that the facility was not monitoring the destruction of temporary records as required.
The OIG made three recommendations to the assistant secretary of information and technology, who also serves as the chief information officer, and two recommendations to the Beckley VA Medical Center director. VA concurred with four recommendations and did not concur with one. Nevertheless, the OIG noted VA provided sufficient evidence of implementation for four of the recommendations (including the one VA did not concur with) and considers those recommendations closed. The OIG will monitor implementation of the remaining recommendation.