An official website of the United States government
Here's how you know
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Brought to you by the Council of the Inspectors General on Integrity and Efficiency
Federal Reports
Report Date
Agency Reviewed / Investigated
Report Title
Type
Location
Department of the Interior
Investigation of Management Practices at FWS Region 5
In response to a letter requesting that the OIG review the Department's actions related to certain provisions of the gainful employment and borrower defense regulations, we provided our views on the regulations and how the Department's proposed changes to those regulations could affect the integrity and efficiency of the student financial aid programs.
Although the Department and FSA made progress in strengthening their information security programs, we found weaknesses in the Department’s and FSA’s information systems, and those systems continued to be vulnerable to security threats. As guided by the maturity model used in the FY 2017 IG FISMA Metrics, we found the Department and FSA were not effective in all five security functions—Identify, Protect, Detect, Respond, and Recover. We also identified findings in all seven metric domains: (1) Risk Management, (2) Configuration Management, (3) Identity and Access Management, (4) Security Training, (5) Information Security Continuous Monitoring, (6) Incident Response, and (7) Contingency Planning.
Prescriber identifiers are a valuable program integrity safeguard. They enable CMS and Part D plan sponsors to determine if legitimate practitioners have prescribed drugs for enrollees. Plan sponsors are required to include prescriber identifiers on the Part D prescription drug event (PDE) records they submit to CMS. The Medicare Access and CHIP Reauthorization Act of 2015 (MACRA) requires that, beginning in 2016, pharmacy claims for covered Part D drugs must contain valid prescriber National Provider Identifiers (NPIs). Additionally, the law requires the Secretary of the Department of Health and Human Services to establish procedures for determining the validity of these prescriber NPIs. The law also requires OIG to submit to Congress a report on the effectiveness of these procedures no later than January 1, 2018. This evaluation report fulfills OIG's MACRA mandate.
FINANCIAL MANAGEMENT: Audit of the Department of the Treasury's Schedules of United States Gold Reserves Held by Federal Reserve Banks as of September 30, 2017 and 2016
The objective of this review was to perform an independent assessment of the Peace Corps’ information security program, including testing the effectiveness of security controls for a subset of systems as required, for FY 2017. Our results demonstrate that the Peace Corps lacks an effective information security program because of problems related to people, processes, technology, and culture. The Peace Corps needs to embrace a risk-based culture and place greater emphasis on the importance of a robust information security program by involving senior leadership, ensuring agency policies are comprehensive, and prioritizing the time and resources necessary to become fully compliant with Federal laws and eliminate weaknesses.
