Open Recommendations

The Chief, Taxpayer Services, and Chief, Tax Compliance Officer, should analyze the 8,452 individual and 31,967 business cases that we identified and determine whether additional programming or procedural errors exist in the process of offsetting refunds and credit elects. Take appropriate corrective action to prevent erroneous refunds and credit elects in the future.

The Chief Information Officer should ensure that the requested programming changes are implemented by January 2026.

The Chief, Taxpayer Services, and Chief, Tax Compliance Officer, should remove the erroneous LLC indicator from the 76 sole proprietorship accounts.

We recommend that USAID/Uganda verify that Agency for Cooperation in Research and Development Uganda corrects the one instance of material noncompliance detailed on page 35 of the audit report.

We recommend that the Centers for Medicare & Medicaid Services instruct the SSAs to follow up with the five nursing homes (three nonprofit and two Government-owned) that may not have complied with Federal requirements to verify that they have taken corrective actions.

We recommend that the Health Resources and Services Administration require the OPTN IT system contractor to remediate the 22 vulnerabilities identified and verify that the 22 vulnerabilities identified were remediated.

We recommend that the Health Resources and Services Administration require the OPTN IT system contractor to improve network monitoring by implementing NIST SP 800-53, Revision 5, for the OPTN IT system, to include data loss prevention technology to prevent unauthorized exfiltration of information (Control SC-7(10)) and red-team exercises to simulate attempts by adversaries to compromise organizational systems (Control CA-8(2)).

We recommend that the Health Resources and Services Administration implement procedures to help ensure that the OPTN IT system contractor maintains compliance with federally required cybersecurity controls policies and standards on a continuing basis.

Castro recommends Treasury OIG follow-up with Guam's management to confirm the transactions noted as unsupported expenditures within the Direct Payments greater than or equal to $50,000, Aggregate Reporting less than $50,000, and Aggregate Payments to Individuals can be supported. If support is not provided, Treasury OIG should recoup the funds or request that Guam management provide support for replacement expenses, not previously charged, that were eligible during the CRF period of performance. Further, based on the Government of Guam's responsiveness to Treasury OIG's requests and its ability to provide to provide sufficient documentation and/or replace unsupported and ineligible transactions charged…

We recommend that USAID/Tanzania verify that Tanzania Women Lawyers Association corrects the one material weakness in internal control detailed on page 23 of the audit report.

We recommend that USAID/Tanzania verify that Tanzania Women Lawyers Association corrects the one instance of material noncompliance detailed on page 27 of the audit report.

We recommend that CGS Administrators, LLC discontinue its practices that limit the reopening of prior years' cap calculations and start reopening all prior years' cap calculations.

We recommend that CGS Administrators, LLC revise its policies and procedures so that it meets the reopening deadlines established in Federal requirements.

We recommend that CGS Administrators, LLC conduct the prior years' hospice cap calculations for the five hospices with UPIC recoupments and collect any additional overpayments.

We recommend the Vice President, Contracts and Rates Strategy, Pricing and Contracts formalize and update the cost of service study internal guidance, and develop a cadence for review and approval.

We recommend the Vice President, Contracts and Rates Strategy, Pricing and Contracts evaluate the inclusion of Valley Investment Initiative and Performance Grant credits, as well as any other local power company or customer specific costs going forward, as part of the cost of service study.

The Chief, FMSS, should ****** **** ******* ****** *** ********* *** ********* ** ******** ** **** ***** * *** * *************** ** ******** ****** ****** *** ******** **************** ** *********

The Chief, FMSS, ****** ***** *** *** ************** ** ********* * **** ** *** *********** *********** ***** ****** **** **** ** **** *** ******* **** *** ************** ** **********

The Chief, FMSS, ****** ****** **** *** ** ********* ** ******* ******** ** *** *** ******** ******** *** ***** ** ******** **** **********

Ensure the Wyoming DVS implements policies and procedures and maintains documentation to support its methodology for allocating at least 10 percent of the total grant funds to priority funding program areas as required by the VOCA Guidelines.

Ensure the Wyoming DVS enhances its risk assessment policies and procedures to help ensure that the risk rating more appropriately reflects the specific factors that most lead to risk of noncompliance.

Remedy $93,696 in unsupported pass-through entity expenditures.

We recommend that the Puerto Rico Health Department (the Health Department) update its policies and procedures to conform to Federal procurement standards—including policies and procedures related to contracts for leases, goods, and nonprofessional services—and to address the role of the Oversight Lead and the certification process.

We recommend that the Puerto Rico Department of Health (the Health Department) provide training to staff on policies and procedures.

OCIO to develop and implement a plan to remediate all identified critical, high, and medium vulnerabilities identified on OCIO devices providing services to Federal Highway information technology infrastructure within organization defined time periods required by DOT's Security Weakness Management Guide.