An official website of the United States government
Here's how you know
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Brought to you by the Council of the Inspectors General on Integrity and Efficiency
As part of our annual audit plan, we performed an audit of physical access to Tennessee Valley Authority’s (TVA) substations. Our audit objective was to determine if substations had appropriate physical access controls. Our scope included substations that contain devices with TVA network connectivity.We found substations had overall appropriate physical access controls. However, we identified control weaknesses in TVA’s annual access review process and management of one of the physical access controls. Additionally, we determined TVA’s Standard Programs and Processes should be revised to define requirements for physical access reviews.
Financial Audit of the Dry Corridor Activity in Honduras, Managed by the Millennium Challenge Account, Grant Agreement 522-0502, January 1 to December 31, 2021
DOJ Press Release: Prince George’s County Man Pleads Guilty To A Federal Wire Fraud Conspiracy To Obtain Over $1 Million In Covid-19 Cares Act Loans And Unemployment Insurance Benefits
The Federal Emergency Management Agency (FEMA) did not consistently apply the information technology (IT) access controls needed to restrict unnecessary access to its systems and information. Specifically, FEMA did not promptly remove or adjust system and information access when personnel separated or changed positions.
We conducted this evaluation to assess the maturity of HUD’s Robotic process automation (RPA) activities and determine whether HUD had implemented related controls to address technology and program management risks. RPA is a software technology used to emulate human actions on a computer. RPA software programs, referred to as “bots,” can complete repetitive tasks quickly and consistently, freeing up employees to work on other, higher value activities. RPA has the potential to increase business process efficiency, improve the effectiveness and consistency of mission services, and lower costs. However, because RPA interacts with HUD information technology (IT) systems and can be used within important agency business processes, it can introduce new technology and operational risks for HUD programs.We found that HUD lacked adequate controls and capacity to operate its RPA program efficiently and effectively. After more than 3 years since its inception, HUD’s program had achieved minimal progress and results. HUD lacked adequate internal controls and staffing capacity to effectively oversee and manage the program. HUD had not established a clear vision for the RPA program or set measurable metrics to define program success. HUD also did not maintain adequate oversight of bot development and operations to ensure that limited RPA program funds were used efficiently. Finally, HUD lacked important IT controls related to the security and auditability of its RPA system. As a result of these weaknesses, HUD missed opportunities to capitalize on the potential benefits of RPA and expended IT resources inefficiently on projects that provided minimal value.This evaluation report contains four recommendations for HUD to implement new internal controls and further develop its internal capacity to manage and oversee the RPA program. Appendix A of the report includes opportunities for improvement that will not be tracked as formal recommendations but are noted as general suggestions to improve HUD’s RPA program effectiveness.
