Federal Reports

BackgroundCybersecurity, a major enterprise risk consideration, is the practice of protecting systems, networks, and programs from cyberattacks. Cyberattacks targeting the critical infrastructure are increasing in frequency and sophistication, making a well-defined, proactive cybersecurity approach critical. To address these threats, the U.S. Postal Service’s Corporate Information Security Office (CISO) focuses on five cybersecurity strategic objectives: protect, monitor, respond, manage, and innovate. What We DidOur objective was to assess the effectiveness of the Postal Service’s state of cybersecurity, specifically evaluating its (1) risk profile and organizational alignment with the cybersecurity strategy, (2) cybersecurity risk management process and vulnerability management program for consistency and appropriateness, and (3) enterprise security architecture processes for alignment with best practices.

At the request of the Tennessee Valley Authority's (TVA) Supply Chain, we examined the cost proposal submitted by a company for coal combustion residual (CCR) program management services. Our examination objective was to determine if the company's cost proposal was fairly stated for a planned 20-year contract.In our opinion, the company's cost proposal was overstated. Specifically, we found the company's proposed:Gallatin Fossil Plant (GAF) project for $364.1 million included (1) craft labor rates not compliant with TVA's Project Labor Agreement (PLA), (2) overstated markup rates, and <br> (3) excessive fee.Alternate GAF proposal for $361.5 million included overstated escalation on TVA's heavy equipment, in addition to the same overstated costs in the company's $364.1 million GAF proposal.Contract rate attachments included (1) overstated and incorrect labor and labor markup rates, (2) overstated equipment rates, and (3) overstated time and material (T&M) rates.We estimated TVA could avoid either (1) $20.1 million on the proposed $364.1 million GAF project or (2) $28.6 million on the alternate proposed $361.5 million GAF project by negotiating appropriate reductions to the proposals. In addition, we suggest TVA negotiate to revise the company's rate attachments to (1) comply with the PLA and (2) appropriately reduce the labor markup rates, equipment rates, and T&M rates.(Summary Only)

We reviewed prior oversight reports and identified lessons to help the EPA’s administration and oversight of IIJA grant awards. With IIJA appropriations, the EPA will receive approximately $55 billion in additional funding for grants over a five-year period.