Federal Reports

The Office of the Inspector General (OIG) determined that U.S. Nuclear Regulatory Commission (NRC) information technology (IT) assets were not managed effectively throughout aspects of the IT lifecycle management process. The OIG substantiated four allegations, and found that some NRC assets were not returned upon employee separation from the NRC. Specifically, three employees separated from the NRC without returning four laptops. Additionally, NRC IT assets are not located in the locations that are shown in the configuration management database. The OIG found that 666 of 980 items were not in the locations assigned within the ITSM toolset. Further, new IT assets were not logged into the appropriate database for a period of 3 months. The OIG also found that NRC decommissioning procedures were not followed for IT assets.This report makes six recommendations to improve the NRC’s information technology asset management program.

Although Denali Commission's expenditures fall below the mandatory reporting threshold, even a small number of improper payments could negatively impact delivery of its mission. A risk assessment was undertaken and found no programs as susceptible to significant improper payments.

The NRC could improve its IT services and support through more consistent management with an emphasis on service level agreements (SLAs) and the closeout of IT-related contracts. Consistent with federal regulations and prudent business practices, contract requirements should be clearly defined, and the appropriate performance standards should be developed so the contractors’ performance can be measured. However, the NRC does not consistently use SLAs when awarding IT contracts because the agency has no specific guidance on how or when to use SLAs. As a result, the NRC may be limiting its ability to measure contractor performance and may not receive the services the agency requires or purchases. The NRC is required to close out contracts in an orderly and timely manner. However, the NRC is not always prompt in contract closeouts and in deobligating excess funds. This occurs because the NRC does not always prioritize contract closeouts and does not have a tracking method for contracts in the closeout process. This has led to a surplus of unliquidated obligations that could be put to better use. This report makes two recommendations to improve the NRC's management and closeout of IT contracts.

We reviewed mother/father and disabled widow(er) beneficiaries who were at, or beyond, full retirement age as of February 2024 to determine whether the Social Security Administration (SSA) had appropriately converted their benefit type to widow(er)s. We identified 757 widow(er)s who were not converted. As a result, SSA may be underpaying these beneficiaries.

An Amtrak Director based in Chicago, Illinois, was terminated from employment on July 3, 2024, following the issuance of our investigative report. Our investigation found that the employee, along with another former employee, violated company policies by surreptitiously transmitting confidential company information without authorization to do so. Specifically, the employee transmitted the information to a private rail advocacy organization, resulting in its publication in the press and jeopardizing the company’s relationship with its stakeholders.

U.S. Citizenship and Immigration Services (USCIS) did not adjudicate affirmative asylum applications in a timely manner to meet statutory timelines and to reduce its existing backlog. At the end of fiscal year 2023, USCIS had more than 1 million asylum cases pending determination. Of those, USCIS had more than 786,000 affirmative asylum cases pending determination for a period longer than 180 days from the date of filing. This occurred because USCIS did not have sufficient funding, staffing, and planning to complete its affirmative asylum caseload. USCIS received limited appropriated funding and primarily relied on application fees. However, in 2023, USCIS determined that its fee-funded revenue was not sufficient to support staffing needed to fully execute adjudication and naturalization services. This shortage forced USCIS to prioritize certain types of work over resolving its backlog of affirmative asylum cases and also resulted in USCIS setting performance goals at levels too low to timely adjudicate new claims within the statutory limits and address the existing affirmative asylum backlog.

What We Looked At The Department of Transportation’s (DOT) Office of the Secretary of Transportation (OST) provides technical and administrative services, including information technology (IT) services, to DOT components through the Working Capital Fund (WCF). The Office of the Chief Information Officer (OCIO) and the Office of Financial Management (OFM) administer the WCF, which is designed to be self-sustaining and to achieve full cost recovery. Our prior audit work identified inconsistencies in OCIO’s WCF billing procedures. Given those findings and that DOT’s fiscal year 2023 budget estimates represented significant estimated expenditures—$271.4 million for IT services—we initiated this audit. Our objective was to assess whether OCIO’s WCF billing-rate methodologies for IT services achieve cost recovery, to include evaluating how OFM determines the operating and capital reserves and assesses whether excess funds or advances exist in the WCF. What We Found DOT lacks effective controls and processes to determine whether its WCF billing-rate methodologies achieve cost recovery for IT services. Specifically, OCIO could not provide sufficient documentation for the billing rates to validate 26 of the 36 transactions in our sample. Without adequate documentation, we cannot confirm if OCIO’s rates recover the costs to provide these services, totaling over $194 million. We also identified internal control weaknesses that hinder OCIO’s ability to confirm cost recovery, including inadequate oversight to validate charges, inaccurate accounting of IT services, and noncompliant agreements between OCIO and WCF customers. OFM also lacks written policies and procedures to demonstrate how it governs reserves, identifies surplus advances and excess funds, and evaluates if the WCF is breaking even. As a result, we cannot determine if the WCF is appropriately managed or achieves cost recovery.  Our Recommendations We made nine recommendations to improve the WCF’s ability to achieve cost recovery for IT services. OST concurs with recommendation 1–3, 6, and 8–9, which we consider resolved but open pending completion of planned actions. OST partially concurs with recommendations 4 and 5, and non-concurs with recommendation 7. We consider 4 and 7 open and unresolved and 5 resolved and closed.