Federal Reports

Michael Devine, a former Fire, Life and Safety Assistant Supervisor based in New York, was found guilty on March 15, 2023, of one count of Grand Larceny in the Fourth Degree after a three-day bench trial in the Supreme Court of the State of New York. Devine created counterfeit Amtrak badges for himself and other employees and participated in a scheme with co-workers to use these fake badges and/or their official Amtrak badges to “swipe” each other in and out on Amtrak’s time and attendance machines. Devine resigned on December 10, 2021, and he is ineligible for rehire. A sentencing hearing is pending.

What We Looked AtThe Contractor Performance Assessment Reporting System (CPARS) is the official Governmentwide source for entering information on the past performance of Federal contractors. The assessments reported in CPARS can help provide a balanced view of contractor performance and give source selection officials valuable information to consider when making award decisions. This information is particularly important when officials need to make award decisions quickly, such as when responding during natural disasters or to the COVID-19 global pandemic and implementing new legislative requirements with short suspense dates. However, various reports issued by the Government Accountability Office have highlighted the lack of contractor performance information as an ongoing issue in the Federal Government. In addition, a 2017 Department of Defense (DoD) Office of Inspector General (OIG) audit found significant shortfalls in DoD’s contractor performance reporting. Given these issues, we initiated this audit to assess the Department of Transportation’s (DOT) compliance with requirements for reporting contractors’ past performance information. What We FoundDOT faces challenges in meeting Federal CPARS reporting guidance for the system’s registration and assessment deadlines. Specifically, Operating Administration officials assigned CPARS responsibilities frequently did not register contracts within 30 days of the award or complete contractor performance assessments within 120 days after the period of performance ended, as recommended. Overall, DOT’s ability to meet its CPARS timeframes is impacted by insufficient departmental oversight and guidance, other priorities and staffing issues, disagreements over contractor assessments, and inadequate training. Until the Department addresses these issues, DOT cannot ensure it is in compliance with CPARS guidance for reporting contractors’ past performance information. Also, source selection officials—looking to initiate new procurement actions—may question the value of or may not have the CPARS assessments they need to make timely award decisions. Our RecommendationsWe made 10 recommendations to improve DOT’s compliance with requirements for reporting contractors’ past performance information. DOT concurred with all 10 recommendations and provided appropriate planned actions and completion dates. We consider all recommendations as resolved but open pending completion of the planned actions.

This Office of Inspector General Comprehensive Healthcare Inspection Program report describes the results of a focused evaluation of the inpatient and outpatient care provided at the Amarillo Health Care System in Texas. This evaluation focused on five key operational areas:• Leadership and organizational risks• Quality, safety, and value• Medical staff privileging• Environment of care• Mental health (emergency department and urgent care center prevention initiatives)The OIG identified concerns within the medical staff privileging area of review:• Focused Professional Practice Evaluation processes• Privileging request review

The U.S. Environmental Protection Agency Office of Inspector General identified vulnerabilities related to the EPA's network structure, specifically, the Microsoft Office 365, or O365, environment in which little or no network segmentation exists between the EPA proper and the OIG. The EPA's 0365 administrators can modify OIG account settings as well as access and view sensitive data within the O365 environment without the knowledge or input of the OIG, including email and other data of senior OIG employees and sensitive shared email inboxes. Additionally, poor user access controls and limited event logging degrade the OIG's ability to determine details about user activity within the O365 environment.