Federal Reports

We audited selected controls of the GrantSolutions and OneStream applications as part of the internal control assessments required for the fiscal year 2018 financial statement audit under the Chief Financial Officer’s Act of 1990. Our objective was to review the controls for compliance with U.S. Department of Housing and Urban Development information technology policies and Federal information system security and financial management requirements. The OIG has determined that the contents of this audit report would not be appropriate for public disclosure and has therefore limited its distribution to those officials listed on the report distribution list.

As part of our annual audit plan, we audited the tool controls at Sequoyah Nuclear Plant (SQN). Our audit objective was to determine if SQN is in compliance with the Tennessee Valley Authority’s (TVA) Nuclear Power Group Business Practice 226 (BP-226), Tool and Equipment Accountability. In summary, we determined SQN is not in compliance with BP-226. Specifically, we found (1) issues and returns of tools and equipment are not made in TVA’s Tool Management System, and periodic random inventories are not performed; (2) tool room access is not adequately controlled; and (3) a new tool tracking system TVA is planning to use cannot accommodate rigging requirements. TVA management agreed with our findings and recommendations.

Fiscal Year 2018 Risk Assessment of the FTC's Charge Card Program

We determined that Border Patrol lacks the data and procedures needed to determine whether it is meeting workload requirements related to investigative and law enforcement activities. Although directed by Congress in 2011, neither U.S. Border Protection (CBP) nor Border Patrol has completed or submitted a satisfactory workforce staffing model as required. Additionally, Border Patrol officials do not consistently schedule agents’ work duties or accurately document actual work hours and duties completed. In fiscal year 2017, Border Patrol agents received approximately $55.2 million for 1.3 million hours of work that had no supporting documentation to show they were working as needed to fulfill mission requirements. We recommended that CBP and Border Patrol expedite development and implementation of a workforce staffing model and that Border Patrol develop and implement procedures, training, and internal controls for the Border Patrol Enforcement Tracking System. CBP and Border Patrol concurred with both our recommendations.

We conducted a limited scope audit of Mid-America Arts Alliance (M-AAA) for the period of July 1, 2015 to June 30, 2018. Limited scope audits involve a limited review of financial and nonfinancial information to ensure validity and accuracy of award recipients’ reported information, and compliance with state and Federal requirements. Our limited scope audit concluded that M-AAA generally complied with the financial management system and recordkeeping requirements established by OMB and NEA. However, we identified some areas requiring improvement to ensure that M-AAA complies with OMB and NEA award requirements. The following are specific deficiencies requiring corrective action:M-AAA did not report actual costs on its Federal Financial Report for NEA Award Nos. 14-6100-2002 and 15-6100-2058; M-AAA reported unsupported costs in its total outlays for NEA Award Nos. 14-6100-2002, 15-6100-2058, and 17-6100-7006; M-AAA did not have written policies and procedures for the management of Federal awards; M-AAA did not have written policies and procedures in place to ensure that contractors or recipients were not debarred or suspended from receiving Federal assistance prior to the award or payment of Federal funds; M-AAA did not have record retention policies and procedures that meet Federal award requirements; and M-AAA did not have written policies and procedures for subrecipient monitoring.

We determined that the Department has taken some steps to mitigate risks to the Nation’s election infrastructure; however, improved planning, more staff, and clearer guidance could facilitate its coordination with states. Specifically, despite Federal requirement, DHS has not completed the plans and strategies critical to identify emerging threats and mitigation activities, and establishing metrics to measure progress in security the election infrastructure. Further, DHS provides assistance to state and local election officials upon request. Over time, the assistance provided has increased and the quality of information shared has improved. However, staff shortage, lengthy security clearance process, and state and local officials; historic mistrust of the Federal government assistance restrict DHS’ efforts to provide services and assessments needed to secure the election infrastructure. Addressing these issues is essential for continued improvement in the services. We made five recommendations to CISA to enhance the overall effectiveness of DHS’ assistance to secure the election infrastructure, including providing sufficient resources to ensure an organized strategy, improved services and assessments, expanded outreach and information sharing. CISA concurred with all five recommendations.