Federal Reports

For nearly 25 years, astronauts have continuously lived and worked onboard the International Space Station. As the Station ages, NASA will be challenged to ensure the safety of astronauts aboard and to sustain continuous operations, which includes conducting science and research and maintaining the ISS. At the same time, the Agency will need to develop capabilities to safely deorbit the ISS. In this audit, we examined NASA’s management of risks to sustaining ISS operations through 2030, ensuring crew and operational safety and conducting a safe, controlled deorbit in 2031.

The AmeriCorps Office of Inspector General (OIG) has identified concerns regarding the award, management, and oversight of a contract for AmeriCorps’ new grants management system. Specifically, this alert identifies several factors contributing to cost overruns that will likely exceed $9 million—more than double the amount of the original contract—including the choice of a firm-fixed price contract for a project with uncertain requirements, a lack of technical expert involvement in contract oversight, and the descoping of contract tasks to accommodate cost overruns. While the OIG has not yet undertaken a full review of the allegations received, information collected to date warrants alerting AmeriCorps leadership of these concerns so that management has timely information to mitigate these risks in its ongoing management of this and other major contracts. AmeriCorps oversees many contracts, including other contracts related to IT modernization. As set forth below, AmeriCorps OIG suggests specific steps that AmeriCorps take to improve its contract management practices and avoid wasteful contract overruns.

The VA Office of Inspector General’s (OIG’s) Mental Health Inspection Program (MHIP) evaluates Veterans Health Administration’s (VHA’s) continuum of mental healthcare services. This inspection focused on the inpatient care delivered at the VA Augusta Health Care System (HCS) in Georgia. Augusta HCS met some VHA requirements for inpatient mental health units, such as the presence of a mental health executive council, completion of twice-yearly environment of care inspections, and a plan for continued transformation to recovery-oriented services. A review of electronic health records indicated veterans and the interdisciplinary treatment team were involved in treatment planning, and most veterans had documented safety plans. However, some records did not include evidence of timely suicide risk screening. Discharge instructions were typically difficult to understand and lacked important details for appointment follow-up and medication management.The OIG was concerned about access to inpatient mental health care. Specifically, the high volume of community referrals contrasted with Augusta HCS’s low bed utilization. The OIG identified communication gaps between Augusta HCS and mental health leaders regarding the explanations for beds being out of service, causes of low bed utilization, and process improvement efforts to address these concerns.The inpatient unit’s physical environment incorporated natural sunlight in some common areas, but needed cosmetic improvements in sleeping areas and contained toilets with ligature points that posed a safety risk. Additionally, many inpatient unit staff did not have evidence of completed trainings on environment of care inspection requirements or suicide prevention strategies. As a result of its findings, the OIG issued 21 recommendations to Augusta HCS and Veterans Integrated Service Network leaders. These recommendations, once addressed, may improve the quality and delivery of veteran-centered, recovery-oriented care on the inpatient mental health unit and beyond.

In January 2023, the VA Office of Inspector General (OIG) received a hotline allegation that Network Contracting Office (NCO) 12 participated in unethical sole-source contracting practices while procuring cardiothoracic services contracts at the Captain James A. Lovell Federal Health Care Center in North Chicago, Illinois, with a nonaffiliate contractor. The OIG referred the complaint to Regional Procurement Office (RPO) Central, the responsible VA office. RPO Central in March 2023 asked the Medical Sharing Office/Affiliate National Program Office (MSO) to determine whether contract reviews were circumvented. One month later, the MSO completed its investigation and found contracting officers made decisions that indicated a preference to avoid review processes and not maximize competition. Contracting officers also did not publicly post sole-source acquisition justifications as required. NCO 12 disagreed with the MSO’s findings.The OIG reviewed whether NCO 12 participated in improper sole-source procurement and to determine whether the results of the MSO investigation were resolved. The OIG substantiated that NCO 12 avoided the MSO review process by regularly awarding short-term contracts since 2012 to avoid a lapse in service. Although NCO 12 did not violate VHA policy, the OIG found that contracting officials were not effective at ensuring their strategies for acquiring cardiothoracic services at Lovell were in the best interest of the government and in keeping with the latest VA clinical care standards.Because RPO Central has not resolved the issues MSO identified, it did not comply with the requirement to maintain effective internal controls intended to support efficient operations. Unless RPO Central directs NCO 12 to submit contracts for MSO review, these practices may continue.The OIG made four recommendations to correct the deficiencies identified and ensure the best interests of the government is served in contracting for cardiothoracic services at Lovell.

The Cybersecurity and Infrastructure Security Agency (CISA) addressed the basic information-sharing requirements of the Cybersecurity Act of 2015. In calendar years 2021 and 2022, CISA updated its guidance, properly classified cyber threat indicators (CTI) and defensive measures, and accurately accounted for security clearances to address the basic information-sharing requirements of the Act. In March 2022, CISA completed upgrades to its Automated Indicator Sharing (AIS) 2.0 capability to address information-sharing limitations.

U.S. Immigration and Customs Enforcement (ICE) did not effectively manage and secure its mobile devices or the infrastructure supporting the devices. Specifically, ICE did not implement security settings required to protect its mobile devices and did not mitigate vulnerabilities from applications installed on these devices. In addition, ICE did not use its Mobile Device Management software and other threat defense tools to fully manage and secure some mobile devices and did not address vulnerabilities within the Mobile Device Management software and the servers supporting it. Further, ICE did not implement increased monitoring and protection for devices used outside the United States, which were at a higher risk of cyberattacks. Finally, ICE did not always perform required steps to reduce risks associated with disposal, loss, or theft of its mobile devices.

We performed this review to determine whether the Lower Kuskokwim School District expended Elementary and Secondary School Emergency Relief (ESSER) grant funds for allowable purposes in accordance with applicable requirements. We determined that all the ESSER expenditures we reviewed for Lower Kuskokwim were allowable and in accordance with applicable requirements. We also found that Lower Kuskokwim complied with key Federal procurement requirements, including those covering the procurement methods to be followed and contract cost, price, and provisions, when procuring the goods or services associated with each ESSER expenditure we reviewed. Because we identified no exceptions, our report does not include recommendations. However, our results are limited to the ESSER expenditures we reviewed, and it is critical that any remaining ESSER funds continue to be used appropriately.

The objective of our audit was to determine whether the Oregon Department of Education (ODE) implemented selected components of its statewide accountability system in the fall of 2022 based on data for school year 2021–2022. We found that ODE implemented the indicators used to measure student academic achievement and school success, applied a system of annual meaningful differentiation, and identified public schools as needing additional support and improvement in the fall of 2022 in accordance with Oregon’s approved State plan and amendment and ODE’s policies and procedures. We also found that ODE allocated additional funding to local educational agencies (LEAs) with schools identified in the fall of 2022 as needing additional support based on data for school year 2021. Although ODE implemented the selected components of the statewide accountability system in accordance with Oregon’s State plan, it did not identify one school that should have been identified for additional support and. Additionally, ODE did not provide additional funding to one LEA with three schools that it identified as needing additional support. Finally, ODE did not keep records showing how it calculated the amount of Title I funds reserved under section 1003 of the Elementary and Secondary Education Act that each LEA should receive or records showing that it provided additional support services, such as ongoing professional learning and networking, technical assistance, and coaching, to LEAs with schools that it identified as needing improvement. We recommend that the U.S. Department of Education verify that ODE provided additional funding, support services, or both, to the LEAs that should have received them; designed and implemented policies and procedures for calculating the amount of reserved Title I funds to allocate to LEAs with schools identified as needing additional support; and is keeping records showing how it is calculating the amount of funds provided to each LEA and showing that it is delivering the additional support services that it promised the LEAs and schools.