The Office of the Inspector General reviewed the IT controls for granting and monitoring non-nuclear contractor access to TVA Assets, including general network access. The OIG found TVA's controls over processes for managing and tracking non-Nuclear contractor logical and physical access need to be strengthened to reduce the risk of loss or compromise of sensitive TVA data and physical assets. Specifically, the OIG found:Three enterprise risks identified by TVA's Enterprise Risk Council could be impacted by weak controls over contractor access identified in this report.The current maturity of TVA's contractor management process is relatively low.Certain contractors had access to sensitive TVA assets without proper background investigation and clearance.TVA's system for assigning physical access to TVA facilities does not clearly identify facilities for which special clearance is needed.TVA does not have a process to require complete and accurate entry for all non-nuclear contractors into the Human Resource Information System.The IT Customer Center does not ensure Virtual Private Network tokens used by contractors are returned when the contractor leaves TVA employment. Summary Only
| Report Date | Agency Reviewed / Investigated | Report Title | Type | Location | |
|---|---|---|---|---|---|
| Tennessee Valley Authority | Review of Physical and Logical Access for Contractors | Audit | Agency-Wide | View Report | |
| Federal Deposit Insurance Corporation | Evaluation of the FDIC's Economic Analysis of Three Rulemakings to Implement Provisions of the Dodd-Frank Act | Inspection / Evaluation | Agency-Wide | View Report | |
| Appalachian Regional Commission | Compliance Audit of KY Highlands Investment Corporation | Audit |
|
View Report | |
| Department of Justice | Audit of the Use of Equitable Sharing Revenues by the Cleveland Police Department, Cleveland, Ohio | Audit |
|
View Report | |
| Federal Labor Relations Authority | Peer Review of FLRA OIG | Peer Review of OIG | Agency-Wide | View Report | |
| National Aeronautics and Space Administration | NASA's Management of the Mars Science Laboratory Project | Audit |
|
View Report | |
| Office of Personnel Management | Audit on Global Coordination of Benefits For Bluecross and Blueshield Plans 1A-99-00-10-055 | Audit | Agency-Wide | View Report | |
| Office of Personnel Management | Audit of the Federal Employees Health Benefits Program Operations at PacifiCare of Nevada | Audit | Agency-Wide | View Report | |
| Department of Justice | Audit of the Office of Juvenile Justice and Delinquency Prevention Awards to the Best Friends Foundation, Washington, District of Columbia (Redacted Version) | Audit |
|
View Report | |
| AmeriCorps | Agreed-Upon Procedures for Corporation for National & Community Service Grants Awarded to Commonwealth of Northern Mariana Islands Public School System | Audit | Agency-Wide | View Report | |
