An official website of the United States government
Here's how you know
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Brought to you by the Council of the Inspectors General on Integrity and Efficiency
Federal Reports
Report Date
Agency Reviewed / Investigated
Report Title
Type
Location
Environmental Protection Agency
Management Implication Report: Lack of Readily Accessible Small Business Innovation Research Data
We have identified a concern regarding the inability of both OIG and Agency personnel to extract EPA SBIR contract data—such as information about proposals, bids, awards, contractors, and subcontractors—from the EPA Acquisition System in meaningful ways to allow for oversight through data analytics, queries, and other proactive initiatives.
The EPA should review unliquidated obligations for programs that received a substantial increase through the IIJA to ensure that the funds are used for the intended programs or deobligated timely to fund other environmental projects, as appropriate.
Implementation Review of Corrective Action Plan PBS’s National Capital Region is Failing to Adequately Manage and Oversee the Building Services Contracts at the FDA’s White Oak Campus Report Number A190021/P/5/R21003 May 17, 2021
Evaluation of KDNA-FM, Northwest Communities’ Education Center, Compliance with Selected Communications Act and General Provisions Diversity and Transparency Requirements, Report No. ECR2301-2316
For this audit, our objective was to determine if the U.S. Department of Commerce and its bureaus identify and remediate vulnerabilities on their high value IT assets (HVAs) in accordance with federal requirements. We found that while the Department conducts HVA assessments in accordance with federal requirements, it did not always effectively identify and remediate vulnerabilities. It also did not follow best practice security guidance for HVAs. As a result, I. HVAs are operating with significant risk due to unresolved vulnerabilities; and II. OIG successfully exploited security weaknesses on multiple HVAs. All seven of the HVAs in our review had at least one exploitable vulnerability type, and the Department’s vulnerability scanners do not always identify vulnerabilities in HVAs. We also learned during our audit that the U.S. Patent and Trademark Office (USPTO) had asked the Department to downgrade all of its HVAs to non-HVAs. In September 2023, the Department’s Chief Information Officer agreed to downgrade the majority of USPTO’s HVAs.
COVID-19: ETA Needs a Plan to Reconcile and Return to the U.S. Treasury Nearly $5 Billion Unused by States for a Temporary Unemployment Insurance Program
The objective was to determine whether the Social Security Administration’s mobile phone security conformed with Federal standards and guidelines. Our audit report (A-14-19-50811) contain information that, if not protected, could result in adverse effects to the Agency’s information systems. In accordance with government auditing standards, we have separately transmitted to SSA management our detailed findings and recommendations and excluded from this report certain sensitive information because of the potential damage if the information is misused. We have determined the omitted information neither distorts the audit results described in this summary report nor conceals improper or illegal practices.
