Federal Reports

Between March and August 2016, VA’s Technology Acquisition Center (TAC) awarded the Transformation Twenty-One Total Technology Next Generation multiple award contract to 28 contractors for information technology services. The contract has a total maximum value of $22.3 billion. The VA Office of Inspector General (OIG) conducted this audit to determine whether task orders issued under the contract were administered according to federal and VA acquisition regulations, as well as VA national and local policies and procedures. The OIG also examined whether the TAC performed task order award and modification procedures according to applicable regulations and policy and took actions that reasonably ensured contractors could successfully complete contract requirements. While the OIG identified no violations of federal and VA acquisition regulations, the audit team found oversight weaknesses that, if not corrected, could increase the likelihood of VA conducting business with contractors unable to provide services according to contract requirements. These weaknesses place information technology systems and hundreds of millions of taxpayer dollars at unnecessary risk and potentially harm VA’s ability to fulfill its mission to care for veterans. The OIG made recommendations to address identified deficiencies with improved procedures that program office contracting officer’s representatives and TAC contracting officers should perform. These include determining the method and level of detail required for contracting officer’s representatives to document their review of the acceptability of deliverables and procedures that will provide contracting officers the assurance this review was adequately completed. The OIG also recommended timeliness requirements for submitting performance assessments. Finally, the OIG recommended implementing procedures to monitor contracting officers’ actions through compliance reviews; assessing the risk related to removing certain past performance assessments from procedures; and defining actions to take when higher-risk financial stability risk scores are identified.

Our audit objective was to determine whether the U.S. Patent and Trademark Office has adequately managed its Active Directory to protect mission critical systems and data. Our review focused on fundamental security practices of Active Directory management and security control implementations of the servers hosting Active Directory .

Three-dimensional conformal radiation therapy (3D-CRT) allows doctors to sculpt radiation beams to the shape of a patient's tumor. Medicare makes a single payment to hospitals for development of a 3D-CRT treatment plan. Automated prepayment edits generally prevent additional payments for separately billed radiation planning services if they are billed on the same date of service as the 3D-CRT treatment plan. However, Medicare billing requirements do not prohibit and system edits do not prevent additional payments if the services are billed on a different date of service (e.g., 1 to 14 days before).

To see our report, click on the link below

We evaluated the process TVA uses to verify the accuracy of payments made to the Department of Labor (DOL) for workers compensation benefits. We determined TVA did not have a formal process to verify the accuracy of payments made for schedule awards. Although TVA’s Sarbanes-Oxley Act (SOX) controls verified certain aspects of the DOL billings, the SOX controls did not include steps to verify the accuracy of the elements in award of compensation letters and, as a result, some errors were not identified. Additionally, we found TVA was not performing a SOX control related to providing a summary of workers' compensation charges to the applicable organizations for review.