Federal Reports

What We Looked AtUnmanned Aircraft Systems (UAS), commonly known as “drones,” are rapidly growing in number in the National Airspace System. Currently, there is limited infrastructure available to manage widespread expansion of small UAS operations in low-altitude airspace (below 400 feet) where the Federal Aviation Administration (FAA) does not provide air traffic services. Congress directed FAA to conduct activities that will allow implementation of UAS Traffic Management (UTM), including a UTM Pilot Program. Citing the importance of UAS traffic management, the Ranking Members of the House Committee on Transportation and Infrastructure and its Aviation Subcommittee requested that we evaluate FAA’s efforts to develop and implement UTM, including the pilot program and any interactions FAA has had with other Government agencies. Our objectives were to assess FAA’s (1) progress with UTM development and implementation, including results of its UTM Pilot Program, and (2) collaboration with other Government agencies regarding UTM. What We FoundFAA has made initial progress in developing a UTM framework and testing UTM concepts through the UTM Pilot Program. For example, FAA continues to develop and refine its concept of operations and has deployed some initial UTM capabilities, such as an automated system for authorizing UAS operations near airports. However, FAA has not established milestones for implementing the policies and processes necessary to allow for UTM deployment or finalized how the Agency plans to use the UTM Pilot Program results to inform near-term efforts. While UTM stakeholders stated that the pilot program was successful, they noted common areas of concern with UTM implementation, such as slow progress, the need for additional rules for remotely identifying UAS, and lack of information on next steps. In addition, FAA has not yet completed coordination with other Government agencies. Our RecommendationsFAA concurred with two of our four recommendations to improve FAA’s efforts to develop and implement a UTM and partially concurred with the other two. Based on FAA’s response, we consider all four recommendations resolved but open pending completion of planned actions.

What We Looked AtThis report presents the results of our quality control review (QCR) of an audit of the Department of Transportation’s (DOT) information security program and practices. The Federal Information Security Modernization Act of 2014 (FISMA) requires agencies to develop, implement, and document agencywide information security programs and practices. FISMA also requires inspectors general to conduct annual reviews of their agencies’ information security programs and report the results to the Office of Management and Budget. To meet this requirement, we contracted with CliftonLarsonAllen LLP (CLA) to conduct this audit subject to our oversight. The audit objective was to determine the effectiveness of DOT’s information security program and practices in five function areas—Identify, Protect, Detect, Respond, and Recover. What We FoundOur QCR disclosed no instances in which CLA did not comply, in all material respects, with generally accepted Government auditing standards. Our RecommendationsDOT concurs with all eight of CLA’s recommendations. CLA considers all eight recommendations resolved but open pending completion of planned actions.

“According to the Centers for Disease Control and Prevention (CDC), lead-based paint and lead-contaminated dust are some of the most widespread and hazardous sources of lead exposure for young children in the United States. When lead-based paint peels and cracks, it results in lead-contaminated paint chips and dust. Children can be poisoned if they chew on surfaces coated with lead-based paint, eat flaking paint chips, or eat or breathe in lead dust. CDC has reported that there is no safe blood lead level in people and there is no cure for lead poisoning, which is why it is important to prevent exposure to lead, especially among young children. Approximately 126,380 public housing buildings and 696,260 units were built before 1978, which was the year the Federal Government banned lead-based paint. As of March 2022, HUD’s Real Estate Assessment Center—an office within HUD’s Office of Public and Indian Housing—was establishing the Environmental Shared Services office (ESS) to improve its risk assessment and inspection capabilities for health and safety hazards, including lead-based paint hazards. ESS will provide insight into potential and existing environmental hazards, compliance issues, and data gaps to improve HUD’s decision making and facilitate allocating resources to drive effective hazard management strategies. As part of its purpose, ESS will rank risks related to four environmental hazards—carbon monoxide, mold, lead, and radon. In establishing its risk-ranking model, ESS identified five indicators for its lead risk ranking. Using the best available data collected from both HUD and sources external to HUD, we identified nine indicators of potential risk for lead-based paint hazards in public housing:American Healthy Homes Survey II estimated regional percentage of lead-based paint hazards.Number and percentage of public housing units in the region constructed before 1978.Number of recorded children with EBLLs living in public housing.Number of substandard or troubled Public Housing Assessment System scores.Number of public housing agencies (PHA) on the Lead-Based Paint Response tracker.Amount of funding received from HUD’s Lead-Based Paint Capital Fund or Housing Related Hazards Capital Fund grant programs.Amount of funding received from CDC childhood lead poisoning prevention programs.Number and percentage of confirmed EBLLs in tested children greater than 5 µg/dL, as reported by CDC.Lead Exposure Risk Index.Based on our analysis of these nine risk indicators, we identified five HUD regions and six States within those regions—New York, Pennsylvania, Georgia, Kentucky, Illinois, and Texas—with the most potential risk of having PHAs with lead-based paint hazards. In addition, our analysis identified eight other States that, while not measuring as the most at-risk State in their respective regions, also have a higher potential risk of having lead-based paint hazards. Although HUD has identified its own risk indicators for lead-based paint hazards, of which four overlap with our indicators, this report may be helpful to HUD as it continues identifying and evaluating risk indicators and evaluating how well those indicators are identifying potential issues of lead-based paint in HUD-assisted public housing.”

An Amtrak Electronic Specialist and a Maintainer based in Newark, New Jersey, resigned in lieu of their disciplinary hearings on September 14, 2022, and September 27, 2022, respectively. We determined that Keith Kovaleski, an Assistant Foreman based in New York who is currently awaiting sentencing after pleading guilty on March 21, 2022, to conspiring to distribute misbranded and unapproved new drugs, paid the two former employees to set up financial accounts to accept payments on behalf of Kovaleski for his illegal activities in exchange for a portion of the proceeds. In addition, the Maintainer received packages at his home for Kovaleski that contained misbranded and/or unapproved new drugs from Kovaleski’s company, All American Peptide (AAP). The Electronic Specialist ordered and received misbranded and/or unapproved new drugs from AAP at his home. The former employees are ineligible for rehire.

As required by FISMA, OIG reviewed USDA’s ongoing efforts to improve its information technology security program and practices during FY 2022.

The Geospatial Data Act of 2018 (Act) was signed into law in October 2018 to help develop, drive, and manage the National Spatial Data Infrastructure, which includes the technology, policies, criteria, standards, and employees necessary to promote geospatial data sharing throughout Federal, state, tribal, and local governments, and the private sector. The Act outlines requirements for Federal geospatial data governance structures, encourages organized use and collaboration within agencies, and promotes broader sharing of geospatial data—information linked to specific geographic locations—across agencies. The Act requires the Office of Inspector General to report on the Department of Energy’s collection, production, acquisition, maintenance, distribution, use, and preservation of geospatial data. In particular, the Office of Inspector General shall evaluate compliance with: (1) standards for geospatial data, including metadata for geospatial data established under the Act; (2) the agency responsibilities and requirements under the Act; and (3) limitations on the use of Federal funds under the Act. In September 2020, we released the results of our inaugural review that evaluated the Department’s initial efforts to implement the Act. At that time, we found that although the Department had initiated or completed actions related to each of the covered agency responsibilities, we identified that it had not fully implemented 12 of the 13 requirements outlined in the Act.We conducted our current audit to determine whether the Department met the requirements of the Act. This report documents the results of our test work.Due to limitations with agencies’ abilities to implement the Act, our test work was limited to identifying the Department’s efforts to implement the 13 covered agency responsibilities contained in Section 759 of the Act. In particular, the Federal Geographic Data Committee had not yet adopted or endorsed any Geospatial Data Theme Standards at the time of our review. As such, and consistent with current guidance issued by the Council of the Inspectors General on Integrity and Efficiency, we did not evaluate the effectiveness of the Department’s efforts to implement these standards or to limit the use of Federal funds for geospatial data at this time. Our audit found that while the Department had taken some additional steps to implement the Act since our initial report in September 2020, significant work remained to fully implement the Act’s requirements. Specifically, the Department had completed additional actions related to the 13 covered agency responsibilities; however, we identified that it still had not fully implemented 12 of the requirements. For instance, we found:• Although the Department prepared and published a geospatial data strategy in support of the strategic plan for the National Spatial Data Infrastructure, as required by the Act, it had not implemented the strategy to advance geographic information, related geospatial data, and activities appropriate to its mission. • The Department also had not completed its geospatial data inventory and, therefore, could not optimize data integration between its geospatial users. Further, the Department had not ensured that all geospatial data included metadata and that the metadata was available through the GeoPlatform, as required by the Act.These concerns occurred, in part, because progress on the development and issuance of an implementation plan for the Department of Energy Geospatial Data Management Strategy 2021–2025 had been delayed. Additionally, there was confusion among program and site officials about the amount and types of geospatial data that existed within the Department. We also noted a general lack of awareness of the Department’s centralized geospatial data information sites dedicated to the sharing of geospatial data best practices and tools.Although we determined that the Department had made progress since our last review, significant work remains for it to meet the Act’s requirements. We made three recommendations that, if fully implemented, will improve understanding and implementation of the Act. In particular, we recommend that the Department’s Chief Information Officer: (1) determine the actions, milestones, and resources needed to fully implement the Department of Energy Geospatial Data Management Strategy 2021–2025 and issue a corresponding implementation plan to the Department’s geospatial data users; (2) develop and implement a process to increase engagement with the Department’s program offices and field sites to ensure that the requirements of the Act are better understood; and (3) develop a mechanism to ensure all Department program offices and field sites can access the Department’s centralized geospatial data information.