Federal Reports

This report presents the results of our independent performance audit of the U.S. EqualEmployment Opportunity Commission’s (EEOC) information security program and practices inaccordance with the Federal Information Security Modernization Act of 2014 (FISMA). FISMArequires Federal agencies, including EEOC, to have an annual independent evaluation performedof their information security programs and practices to determine the effectiveness of suchprograms and practices, and to report the results of the evaluation to the Office of Managementand Budget (OMB) and the Department of Homeland Security (DHS). The EEOC Office ofInspector General (OIG) contracted with Harper, Rains, Knight & Company, PA (HRK) to conducta performance audit of EEOC’s information security program and practices for Fiscal Year (FY)2023.

What We Looked AtTo prevent Government agencies from making improper payments, the Do Not Pay (DNP) Initiative (the Initiative) requires the agencies to verify recipients’ eligibility to receive payments in the U.S. Department of the Treasury’s (Treasury) Working System databases before the release of Federal funds. The Initiative is authorized and governed by the Payment Integrity Information Act (PIIA) of 2019 and an Office of Management and Budget (OMB) memorandum. As part of the Initiative, the Treasury’s Bureau of the Fiscal Service (BFS) developed the DNP Business Center, which provides agencies with a variety of ways to review recipients’ eligibility in the databases prior to award and payment. In fiscal year 2021, the Department of Transportation (DOT) made approximately $96 billion in payments to grant recipients, State and local governments, businesses, and individuals in support of DOT’s mission. While we have annually audited DOT’s compliance with PIIA, we have not assessed the Department’s compliance with the Initiative. Therefore, we initiated this audit to assess the Department’s internal controls for assuring compliance with the Initiative. What We FoundWe identified two internal control weaknesses that result in DOT’s lack of compliance with the Initiative. First, the Department lacks policies and procedures to ensure ineligible recipients do not receive payments. Also, DOT is not using the DNP portal for pre-payment checks as OMB guidance and PIIA require. Our RecommendationsWe made two recommendations to help strengthen the Department’s internal controls to comply with the Initiative. OST concurred with our recommendations. We consider the recommendations resolved but open pending completion of planned corrective actions.

The Annual Plan provides the audit and investigative strategies and associated summaries of the specific work planned for the coming year.In addition, it sets forth the OIG’s formal process for identifying priority issues and managing its workload and resources for FY 2024. Since 2014, the NRC OIG has also been assigned to serve as the OIG for the Defense Nuclear Facilities Safety Board. A separate document contains the OIG’s Annual Plan for our work pertaining to that agency.

The audit objectives were to determine whether program funds were managed in accordance with the ARC and Federal grant requirements.

The audit objectives were to determine whether program funds were managed in accordance with the ARC and Federal grant requirements.

The audit objectives were to determine whether program funds were managed in accordance with the ARC and Federal grant requirements.

Independent auditors have declined to issue an opinion on AmeriCorps’ financial statements for the seventh year. They issued a disclaimer of opinion reporting 12 material weaknesses and two significant deficiencies. Eleven of the material weaknesses are recurring, four of them since FY 2017, six since FY 2018, and one since FY 2021. AmeriCorps included in its Annual Management Report a Statement of No Assurance, acknowledging that its system of internal controls does not currently provide the necessary level of assurance in any of the three required areas, internal control over operations, reporting, and compliance with laws. This is the fourth year that AmeriCorps has issued a No Assurance statement. Despite developing corrective action plans to address prior years of findings and recommendations, the auditors verified that AmeriCorps took appropriate actions to close seven of the 81 prior year recommendations. The remaining 74 recommendations continue to be valid, five of them in modified form. The auditors also made 21 new recommendations, for a total of 95.AmeriCorps acknowledged the disclaimer of opinion and expressed concurrence to three material weaknesses and two significant deficiencies. However, AmeriCorps did not concur with nine material weaknesses. AmeriCorps did not specify which material weaknesses they were in agreement or disagreement. The Chief Financial Officer stated:While much work remains ahead, and we expected this year’s audit report to read like last year’s, we are focusing our efforts on remediating long-standing issues. AmeriCorps is making significant improvements that strengthen the agency and ensure the effective stewardship of federal resources dedicated to national and community service. Audit Report, p. 46.The independent accounting firm RMA Associates LLC performed the audit of the AmeriCorps FY 2023 consolidated financial statements, under contract with AmeriCorps-OIG.