Federal Reports

The Cybersecurity and Infrastructure Security Agency (CISA) has improved coordination efforts to secure the Nation’s systems used for voting, but should take additional steps to protect the broader election infrastructure, which includes polling and voting locations and related storage facilities, among other things. For example, CISA has developed or updated a set of plans and guidance aimed at securing election systems for the 2020 election cycle. However, these documents do not sufficiently factor in risks associated with physical security, terrorism threats, and targeted violence to the election infrastructure. CISA can also improve the quality of information shared, as well as the timeliness of its assistance to election stakeholders. With the 2020 elections at hand and increased potential for revised election processes due to the COVID 19 pandemic, it is critical that CISA institute a well-coordinated approach and provide the guidance and assistance necessary to secure the Nation’s election infrastructure. We made three recommendations to CISA to address the deficiencies we identified. CISA concurred with all three recommendations.

We audited TVA’s onboarding actions completed for all active IT contractors as of March 26, 2020, including background investigations and cybersecurity awareness training requirements to determine if IT contractors are granted logical access in accordance with TVA policy. TVA Information Technology and TVA Police require contractors have various levels of background investigations completed for logical access to different classifications of information. We found that (1) TVA policy does not align between business units, (2) the majority of Tier 1 IT contractor suitability background investigations were not in accordance with TVA policy, and (3) the majority of IT contractor higher level background investigations were not in accordance with TVA policy. TVA management agreed with the recommendations.

Our objective was to assess whether the Postal Service is effectively achieving EPS program objectives, controlling program costs, and accurately attributing costs to products. We began fieldwork before the President of the U.S. issued the national emergency declaration concerning the novel coronavirus disease (COVID-19) outbreak on March 13, 2020. The results of this audit do not reflect any management process changes related to the expedited packaging supplies program that may have occurred as a result of the pandemic.

Our objective was to determine whether the Social Security Administration (SSA) had taken appropriate actions for disabled beneficiaries whose benefits it suspended for address development, whereabouts unknown, or miscellaneous reasons.

This audit is part of a series of hospital compliance audits. Using computer matching, data mining, and other data analysis techniques, we identified hospital claims that were at risk for noncompliance with Medicare billing requirements. For calendar year (CY) 2017, Medicare paid hospitals $206 billion, which represents 55 percent of all fee-for-service payments; accordingly, it is important to ensure that hospital payments comply with requirements.

For a covered outpatient drug to be eligible for Federal reimbursement under the Medicaid program's drug rebate requirements, manufacturers must pay rebates to the States for the drugs. Previous OIG audits found that States did not always bill and collect all rebates due for drugs administered by physicians to enrollees of Medicaid managed-care organizations (MCOs).Our objective was to determine whether Minnesota complied with Federal Medicaid requirements for billing manufacturers for rebates for drugs dispensed to MCO enrollees.