An official website of the United States government
Here's how you know
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Brought to you by the Council of the Inspectors General on Integrity and Efficiency
As part of our annual audit plan, the OIG audited costs billed to the Tennessee Valley Authority (TVA) by CSX Transportation, Inc. (CSXT) for the transportation of coal from various coal mines and blending facilities to the Bull Run Fossil Plant (BRF) under contract numbers 65133, 14474, 86072, 85702, and 85770. Our audit included approximately $41.5 million in costs CSXT billed to TVA from October 1, 2014, to March 31, 2016, under these five contracts. Our objective was to determine if the costs billed to TVA by CSXT were in compliance with the contracts' terms and conditions. In summary, we determined CSXT overbilled TVA $8,045,846 for costs billed under contract numbers 65133 and 85702. The overbilling included (1) $8,040,045 for overstated adjustments of per-ton rates under contract number 65133 dating back to January1, 2007, and (2) $5,801 for overstated fuel price adjustments under contract number 85702.(Summary Only)
The OIG audited TVA's compliance with the North American Electric Reliability Corporation's (NERC) Critical Infrastructure Protection (CIP) standards for logical and physical access for systems and locations that are considered high risk assets under NERC CIP standards. We found TVA was within the NERC CIP compliance standards for logical and physical access to high risk systems and locations with minor exceptions that were addressed during the audit. In addition, during our testing, we noted discrepancies between initial clearance dates in the hard copy and electronic records that were addressed during the audit.(Summary Only)
Independent Accountant’s Report on the Application of Agreed-Upon Procedures: Employee Benefits, Withholdings, Contributions, and Supplemental Semiannual Headcount Reporting Submitted to the Office of Personnel Management
Public Summary Report: The State of Colorado Did Not Meet Federal Information System Security Requirements for Safeguarding Its Medicaid Systems and Data
The Colorado Department of Health Care Policy and Financing (HCPF) had not implemented adequate information system general controls over the Colorado Medicaid eligibility determination and claims processing systems to fully comply with Federal requirements. The vulnerabilities that we identified increased the risk to the confidentiality, integrity, and availability of Colorado's Medicaid data. In evaluating HCPF's risk assessment, database security, Web site security, and universal serial bus (USB) device security for its Medicaid eligibility determination and claims processing information systems, we identified vulnerabilities related to inadequate risk assessment policies and procedures, improper administration of the Medicaid claims database, inadequate security of Medicaid databases, inadequate Web site security, and improper management of USB ports and devices.
