Federal Reports

To comply with Section 508 of the Rehabilitation Act of 1973, VA must make the information and communication technology it uses accessible to veterans with disabilities and anyone else seeking VA information. The OIG conducted this audit to follow up on a 2024 report on areas where VA’s implementation and monitoring of Section 508 requirements could be improved and to evaluate whether the procurement process for information and communication technology meets Section 508 standards.

The OIG team sampled 30 critical information technology and communications systems for review. The team did not independently verify compliance with Section 508 standards and relied on self-reporting by VA to assess progress and deficiencies. Of the 30 systems, VA’s Office of 508 Compliance classified only four as compliant. The OIG concluded that VA officials did not ensure the sampled information technology systems they procured would meet the accessibility standards required by law. The team also reviewed contract documentation for the 30 systems and found contracting officers and the designated officials for VA program offices did market research on vendors that could meet business requirements, but they took no additional action to verify that sampled systems were accessible to individuals with disabilities.

The OIG made four recommendations, including that the assistant secretary for information and technology ensure staff receive training and updated guidance on their roles and responsibilities. VA should also ensure the Office of 508 Compliance receives complete market research showing the technology VA seeks to procure is the most compliant under Section 508. The OIG also recommended the deputy assistant secretary for acquisition and logistics develop policies for ensuring information and communications technology procurements comply with Section 508.

We rated the Department of Homeland Security’s information security program for fiscal year 2024 as “effective,” according to this year’s reporting instructions. We based this rating on our evaluation of the Department’s compliance with requirements of the Federal Information Security Modernization Act of 2014 for unclassified and national security systems. DHS received a maturity rating of “Level 5 – Optimized” in the Identify and Respond functions and received a maturity rating of “Level 4 – Managed and Measurable” in the Protect, Detect, and Recover functions based on this year’s reporting guidance

Our audit objective was to assess the U.S. Department of Commerce’s management and implementation of the Grants Enterprise Management System (GEMS) project. We found that bureaus have procured multiple systems to manage grants; bureaus did not follow Department information technology investment review and governance processes before contracting for alternative grants management systems; the GEMS project should improve its management of requirements, cost, and schedule; and the National Oceanic and Atmospheric Administration’s transition to GEMS provided lessons for future transitions.

Why We Did This Report

The U.S. Environmental Protection Agency Office of Inspector General initiated an evaluation of the risks to federal facility Superfund site remedies from sea-level rise or increased storm surge.

Summary of Findings

The OIG determined that 49 of the 157 federal facility Superfund sites on the National Priorities List are potentially at risk from sea-level rise or increased storm surge. Sea-level rise and increased storm surge at federal facility Superfund sites are of concern to the EPA because of the federal government’s role in overseeing cleanup at these sites and also because many of these sites are located near population centers and important ecological areas. Federal facility Superfund sites may be at risk if the cleanup remedies that have been implemented at those sites to keep people and the environment safe are susceptible to sea-level rise or increased storm surge.