Facing over $4.6 billion in potentially fraudulent Paycheck Protection Program (PPP) loans and continuing challenges with IT investments, the Small Business Administration (SBA) has yet to meet its goal to revise the agency’s Certify system by the end of 2021, according to SBA Inspector General Hannibal “Mike” Ware. […]

Information security remains a prevalent concern for the State Department based on numerous previous recommendations regarding fundamental information technology-related issues that still require close attention, according to a recent agency Office of Inspector General (OIG) report.

The report assesses 107 unclassified, open OIG recommendations from 19 reports addressed to the Bureau of Information Resource Management (IRM) as of July 30, 2021. OIG found that IRM had addressed three of the 107 recommendations and closed one duplicative recommendation related to risk management, one related to data protection and privacy, and one related to general IT policies. Additionally, OIG closed 14 recommendations in August 2021 as part of its normal compliance process.

However, the remaining 90 recommendations – 57 percent of which dated back to fiscal 2019 or earlier – remain relevant and require “close attention to close them,” the report read.

A larger number of the recommendations involve configuration management of products and systems to ensure information security. The other unaddressed recommendations pertain to several areas including as risk management, IT investments, contingency planning, and shared services.

To facilitate closing the remaining recommendations addressed to IRM, OIG made two recommendations to Carol Perez, the agency’s under secretary for management. OIG recommended her office develop a method for periodically reviewing IRM’s efforts – and indicated that step has since been taken.

OIG also recommended that Perez’s office verify IRM plans of action and milestones (POA&M) documented for all 90 recommendations. However, Perez disagreed with that recommendation, explaining that if the end goal is for IRM to solve open recommendations, developing an individual action plan for each recommendation is “overly cumbersome.”

“IRM’s staff, time, and resources are better spent working on compliance-related activities, maintaining a high standard of day-to-day operations, and communicating directly with OIG,” Perez wrote in her response to OIG.

However, OIG argued that under guidance from the National Institutes of Standards and Technology, agencies are required to develop a POA&M, and that Perez must submit a POA for the recommendation. […]

A recent report from the Department of Veterans Affairs (VA) Office of Inspector General (OIG) revealed limitations with the VA’s patient scheduling system, a component of the agency’s new electronic health record (EHR) system. […]

The State Department’s Office of Inspector General (OIG) said in a new report that it found deficiencies in State’s reporting of security clearance data to the Office of the Director of National Intelligence (ODNI) during fiscal year 2019. […]

While the COVID-19 pandemic pushed much of the Federal government to telework, a delay in IT Modernization efforts left the Passport Services Directorate forced to work in a paper-based environment during the pandemic, a new report from the State Department’s Office of the Inspector General (OIG) found. […]

The State Department’s Office of the Science and Technology Adviser (STAS) has been an asset for the State Department in the ten years since its inception. Still, a failure to develop implementation plans and constant personnel and leadership turnover hampered the agency’s overall effectiveness, according to a recent audit from the department’s Office of Inspector General (OIG). […]

The Office of Inspector General (OIG) at the U.S. Agency for International Development (USAID) found the agency needs to do more to strengthen its privacy program in order to better protect personally identifiable information (PII) and mitigate the risk of a privacy breach. […]

The State Department’s Office of Inspector General (OIG) has found in a follow-up audit that the agency’s Bureau of Information Resource Management (IRM) has taken corrective action on one of several recommendations the OIG made in 2016 to improve IT management practices, but said the bureau still has work to do on another four recommendations. […]

The Small Business Administration (SBA) Office of the Inspector General (OIG) said in its newly released annual Federal Information Security Modernization Act (FISMA) report for Fiscal Year 2020 that SBA’s  information security was “not effective” last year due in part to the COVID-19 pandemic. […]

A Department of Defense (DoD) Office of Inspector General (OIG) report found that 3D printers pose a cybersecurity risk to the agency, after discovering DoD employees were not properly securing the IT systems used to develop 3D products, and were unaware the 3D printers even had IT systems that could be hacked. […]

The Small Business Administration’s (SBA) Office of the Inspector General (OIG) has recovered over $1.1 billion in funds paid through the COVID-19 Economic Injury Disaster Loan Program (EIDL) that were initially granted based on false application information, SBA OIG said in a report released May 6. […]

Federal Offices of Inspectors General (OIGs) saved the government an estimated $53 billion through investigations in fiscal year 2020, the Council of the Inspectors General on Integrity and Efficiency (CIGIE) reported in its annual report to Congress and the President. […]

Federal Inspectors General have the crucial task of agency oversight, often handling that job for large agencies while operating on relatively small budgets. To keep up with their responsibilities amid the COVID-19 pandemic, IG offices have had to leverage new technologies – and old technologies in new ways – over the past year-plus, IG officials explained today. […]

The Energy Department’s (DoE) Office of the Inspector General (OIG) found in a new audit that the agency needs to take action to improve planning for the restoration of information systems in the case of system disruptions. […]

In a report by the Office of Inspector General (OIG) for the Department of State that identifies the most significant management and performance challenges, the OIG found information security and management as one of those seven challenges. […]

The Department of Homeland Security’s (DHS) Office of the Inspector General (OIG) has flagged several ongoing IT management issues at the agency as part of its annual report of major management and performance challenges facing DHS. […]

The U.S. Department of Transportation (DOT) Office of Inspector General (OIG) said in a memorandum that it plans to audit the security of the Federal Transit Administration’s (FTA) financial management systems. […]

The Treasury Department’s Office of Inspector General (OIG) said in a new information memorandum that IT Acquisition, and Project Management and Cyber Threats, remain from the previous year as two of five management and performance challenges for the agency. […]

The Small Business Administration (SBA) Office of Inspector General (OIG) has released its report on performance challenges facing the agency for fiscal year 2021, including a new challenge related to the impact of the COVID-19 pandemic. […]

According to a new report by NASA’s Office of Inspector General (OIG), NASA is not adequately securing its networks from unauthorized access by IT devices, and has not fully implemented controls to remove or block unauthorized IT devices from accessing the agency’s networks and systems. […]

The Office of Personnel Management (OPM) made progress during Fiscal Year 2019 on cybersecurity issues, and closed eight prior recommendations from its Office of Inspector General (IG) during the year, according to the IG’s 2019 Federal Information Security Modernization Act (FISMA) audit. […]

An Office of the Inspector General (OIG) report cites prosecuting cybercrime in the age of encryption, maintaining election security, and protecting its own IT systems as areas of top management and performance challenges facing the Department of Justice (DOJ). […]

The General Services Administration’s (GSA) financial and award data was of “higher” quality and in compliance with Office of Management and Budget (OMB), Treasury Department, and Digital Accountability and Transparency (DATA) Act standards as of late 2018, according to a GSA Office of Inspector General (OIG) report. […]

The Securities and Exchange Commission (SEC) Office of Inspector General (OIG) has identified several management and performance challenges at the agency in a report dated Oct. 7. […]

An Office of Inspector General (OIG) report released today says that one of the Federal Trade Commission’s (FTC) top management challenges is securing its information systems and networks from destruction, data loss, and compromise, based on an audit covering Fiscal Year 2018. […]

The Government Accountability Office’s (GAO) compliance with the Digital Accountability and Transparency Act (DATA Act) for the first quarter of FY2019 was timely and complete but still has room for improvement, according to a Sept. 27 Office of Inspector General (OIG) report. […]

With the upcoming release of the Federal Data Strategy’s final action plan on the horizon, Federal chief data officers (CDOs) agreed on Sept. 25 that the strategy holds plenty of promising features to advance their work, including an official CDO council that will help them share ideas and experiences. […]

A new report from the Federal Housing Finance Agency (FHFA) Office of Inspector General (OIG) finds that FHFA doesn’t have an agency-wide cybersecurity incident data analysis program based on a consistent data set, and that it lacks sufficient information to conduct trend or other time-series analyses for security purposes. […]

The Environmental Protection Agency’s (EPA) reorganization led to gaps in the agency’s compliance with IT policies for its Enterprise Customer Service Solution (ECSS) system, according to an EPA OIG report released August 19. […]

A Federal hiring freeze ordered in a January 2017 presidential memo resulted in “significant” staffing reductions across the State Department – including the inability to fill two Senior Executive Service cybersecurity positions, which then delayed implementing an enterprise risk management program for IT systems. […]