Reports & Testimonies

  • GAO’s recommendations database contains report recommendations that still need to be addressed.

    GAO’s recommendations help congressional and agency leaders prepare for appropriations and oversight activities, as well as help improve government operations. Recommendations remain open until they are designated as Closed-implemented or Closed-not implemented. You can explore open recommendations by searching or browsing.

    GAO's priority recommendations are those that we believe warrant priority attention. We sent letters to the heads of key departments and agencies, urging them to continue focusing on these issues. These recommendations are labeled as such. You can find priority recommendations by searching or browsing our open recommendations below, or through our mobile app.

  • Browse Open Recommendations

    Explore priority recommendations by subject terms or browse by federal agency

    Search Open Recommendations

    Search for a specific priority recommendation by word or phrase



  • Governing on the go?

    Our Priorities for Policy Makers app makes it easier for leaders to search our recommendations on the go.

    See the November 10th Press Release


  • Have a Question about a Recommendation?

    • For questions about a specific recommendation, contact the person or office listed with the recommendation.
    • For general information about recommendations, contact GAO's Audit Policy and Quality Assurance office at (202) 512-6100 or apqa@gao.gov.
  • « Back to Results List Sort by   

    Results:

    Topic: "Auditing and Financial Management"

    95 publications with a total of 327 open recommendations including 70 priority recommendations
    Director: Asif A. Khan
    Phone: (202) 512-9869

    2 open recommendations
    Recommendation: The DHS Under Secretary for Management should develop and implement effective processes and improve guidance to reasonably assure that future AAs fully follow AOA process best practices and reflect the four characteristics of a reliable, high-quality AOA process. (Recommendation 1)

    Agency: Department of Homeland Security
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: The DHS Under Secretary for Management should improve the Risk Management Planning Handbook and other relevant guidance for managing risks associated with financial management system modernization projects to fully incorporate risk management best practices, including (1) defining thresholds to facilitate review of performance metrics to determine when risks become unacceptable; (2) identifying and analyzing risks to include periodically reconsidering risk sources, documenting risks specifically related to the lack of sufficient, reliable cost and schedule information needed to help properly manage and oversee the project, and timely disposition of IV&V contractor-identified risks; (3) developing risk mitigation plans with specific risk-handling activities, the costs and benefits of implementing them, and contingency plans for selected critical risks; and (4) implementing risk mitigation plans to include establishing periods of performance for risk-handling activities and defining time intervals for updating and certifying the accuracy and completeness of information on risks in DHS's risk register. (Recommendation 2)

    Agency: Department of Homeland Security
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: J. Lawrence Malenich
    Phone: (202) 512-9399

    7 open recommendations
    Recommendation: To help ensure that agencies' civil monetary penalties are adjusted timely and keep pace with inflation, the Acting Administrator of the General Services Administration (GSA) should publish the initial catch-up inflation adjustment in the Federal Register.

    Agency: General Services Administration
    Status: Open

    Comments: GSA agreed with our recommendation and stated that it is developing a comprehensive plan to address the recommendation. GSA also stated that its projected time frame for publishing the catch-up inflation adjustment ruling is the end of October 2017, after completing the review and concurrence process.
    Recommendation: To help ensure that agencies' civil monetary penalties are adjusted timely and keep pace with inflation, the Acting Chairman of the National Transportation Safety Board (NTSB) should publish the initial catch-up inflation adjustment in the Federal Register.

    Agency: National Transportation Safety Board
    Status: Open

    Comments: In an e-mail commenting on our draft report, the Governmental Affairs Liaison at NTSB stated that NTSB plans to publish the initial catch-up inflation adjustment in October 2017.
    Recommendation: To help ensure that agencies' civil monetary penalties are adjusted timely and keep pace with inflation, the Secretary of Agriculture (USDA) should publish the initial catch-up inflation adjustment in the Federal Register.

    Agency: Department of Agriculture
    Status: Open

    Comments: In response to our request for comments on our draft report and recommendation to USDA, the Attorney-Advisor in the Office of General Counsel at USDA stated in an e-mail that USDA did not have any comments.
    Recommendation: To help ensure timely and complete reporting of agencies' civil monetary penalty information in agency financial reports (AFR) and to provide the Office of Management and Budget (OMB) and other decision makers with the information needed to help ensure the effectiveness of civil monetary penalties in enforcing statutes and preventing violations, the Chairman of the Federal Election Commission (FEC) should publish civil monetary penalties within its jurisdiction, including any penalty adjustments, in FEC's 2017 AFR.

    Agency: Federal Election Commission
    Status: Open

    Comments: In response to our request for comments on our draft report and recommendation to FEB, the Director of Congressional, Legislative and Intergovernmental Affairs at FEC stated in an e-mail that FEC had no comments.
    Recommendation: To help ensure timely and complete reporting of agencies' civil monetary penalty information in agency financial reports (AFR) and to provide the Office of Management and Budget (OMB) and other decision makers with the information needed to help ensure the effectiveness of civil monetary penalties in enforcing statutes and preventing violations, the Acting Chairman of the Federal Maritime Commission (FMC) should publish civil monetary penalties within its jurisdiction, including any penalty adjustments, in FMC's 2017 AFR.

    Agency: Federal Maritime Commission
    Status: Open

    Comments: In responding to our draft report, FMC stated that it plans to publish updates to its civil monetary penalty information in its 2017 performance and accountability report.
    Recommendation: To help ensure timely and complete reporting of agencies' civil monetary penalty information in agency financial reports (AFR) and to provide the Office of Management and Budget (OMB) and other decision makers with the information needed to help ensure the effectiveness of civil monetary penalties in enforcing statutes and preventing violations, the Chairman of the National Indian Gaming Commission (NIGC) should publish civil monetary penalties within its jurisdiction, including any penalty adjustments, in the Department of the Interior's 2017 AFR.

    Agency: National Indian Gaming Commission
    Status: Open

    Comments: In response to our request for comments on our draft report, NIGC stated that it generally agreed with our recommendation. In addition, NIGC stated that as an independent federal regulatory agency within the Department of the Interior (DOI), NIGC and DOI have developed procedures to ensure that the required civil monetary penalty information will be reported to DOI for its annual agency financial report starting with fiscal year 2017.
    Recommendation: To help ensure timely and complete reporting of agencies' civil monetary penalty information in agency financial reports (AFR) and to provide the Office of Management and Budget (OMB) and other decision makers with the information needed to help ensure the effectiveness of civil monetary penalties in enforcing statutes and preventing violations, the Director of OMB should clarify its guidance related to civil monetary penalty inflation adjustment information that agencies are required to report in the AFRs.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: In response to our request for comment, OMB staff stated that they generally agreed with our recommendation.
    Director: Beryl H. Davis
    Phone: (202) 512-2623

    15 open recommendations
    including 4 priority recommendations
    Recommendation: To improve annual reporting on PTC improper payments, control activities related to eligibility determinations, and calculations of advance PTC, the Secretary of Health and Human Services should direct the Administrator of CMS to annually report improper payment estimates and error rates for the advance PTC program.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: HHS concurred with this recommendation. HHS stated that in FY 2016, it completed a risk assessment of the advance PTC program and reported results in the FY 2016 Agency Financial Report. Currently, HHS is unable to specify the year the rate and amount will be reported due to the complexity and timing of the error rate measurement methodology process, which involves conducting pilot testing, using those pilots to refine the methodology, and then undergoing the rulemaking process before implementing the methodology to ensure accurate and efficient reporting of an improper payment rate.
    Recommendation: To improve annual reporting on PTC improper payments, control activities related to eligibility determinations, and calculations of advance PTC, and until annual reporting of improper payment estimates and error rates for the advance PTC program is performed, the Secretary of Health and Human Services should direct the Administrator of CMS to disclose significant matters relating to the Improper Payments Information Act (IPIA) estimation, compliance, and reporting objectives for the advance PTC program in the agency financial report, including CMS's progress and timeline for expediting the achievement of those objectives and the basis for any delays in meeting IPIA requirements.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: HHS concurred with this recommendation. HHS stated that it reported information on the status of the advance PTC risk assessment in the FY 2014 to FY 2016 Agency Financial Reports. Now that the program's improper payment risk assessment is completed, HHS will continue to report on its progress in designing and implementing an improper payment estimate for the advance PTC program in future Agency Financial Reports.
    Recommendation: To improve annual reporting on PTC improper payments, control activities related to eligibility determinations, and calculations of advance PTC, the Secretary of Health and Human Services should direct the Administrator of CMS to design and implement procedures for verifying the identities of phone and mail applicants to reasonably assure that ineligible individuals are not enrolled in qualified health plans in the marketplaces or provided advance PTC.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: HHS neither agreed nor disagreed with this recommendation. However, regarding verification of filer identity, HHS stated that for individuals starting a new application via phone, the call center representatives use verbal attestations for identity verifications from individuals. HHS stated that for paper applications, individuals must provide names and complete addresses as well as other information. In addition, HHS stated that individuals must attest that the information they provide on all applications is accurate by signing under penalty of perjury. GAO continues to believe that because CMS does not validate the identities of individuals who apply by phone or mail, CMS is vulnerable to enrolling ineligible individuals in qualified health plans with advance PTC.
    Recommendation: To improve annual reporting on PTC improper payments, control activities related to eligibility determinations, and calculations of advance PTC, the Secretary of Health and Human Services should direct the Administrator of CMS to assess and document the feasibility and availability of obtaining sufficiently reliable data to verify individuals' residencies and lack of minimum essential coverage from nonfederal employers and, if appropriate, design and implement procedures for using such data in its verification processes.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: HHS concurred with this recommendation. HHS stated that its previous assessments of available electronic data sources did not identify any comprehensive national data source for verifying residency. HHS recently conducted a study to assess the feasibility of developing an employer-sponsored coverage database and determined that development would be costly and highly burdensome given available resources. Additionally, HHS stated that it would impose extra burden on employers to collect the information needed to build a comprehensive employer-sponsored coverage database. HHS will continue to assess and document whether any sufficiently reliable data sources exist and examine the feasibility of implementation.
    Recommendation: To improve annual reporting on PTC improper payments, control activities related to eligibility determinations, and calculations of advance PTC, the Secretary of Health and Human Services should direct the Administrator of CMS to design and implement procedures for sending notices to nonfederal employers routinely and terminating advance PTC for individuals who have access to minimum essential coverage from their employers.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: HHS neither agreed nor disagreed with this recommendation. However, regarding sending notices to nonfederal employers, HHS stated that it is evaluating its 2016 employer notice program to determine the best approach for notifying employers in the future. Such an evaluation may provide useful information; however, GAO continues to believe that designing and implementing procedures for sending notices to nonfederal employers and terminating advance PTC to individuals with access to employer-sponsored coverage can reduce the risk of providing advance PTC to issuers on behalf of ineligible individuals.
    Recommendation: To improve annual reporting on PTC improper payments, control activities related to eligibility determinations, and calculations of advance PTC, the Secretary of Health and Human Services should direct the Administrator of CMS to assess and document the feasibility of approaches for (1) identifying duplicate government-sponsored coverage for individuals receiving Medicaid and Children's Health Insurance Program coverage in federally facilitated marketplace states outside of the states where they attest to residing and (2) periodically verifying individuals' continued eligibility by working with other government agencies to identify changes in life circumstances that affect advance PTC9 eligibility--such as commencement of duplicate coverage or deaths-- that may occur during the plan year and, if appropriate, design and implement these verification processes.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: HHS concurred with this recommendation. HHS stated that its preliminary analysis indicates that identifying government sponsored coverage for individuals receiving Medicaid and CHIP in Federally-facilitated Exchange states outside of the state where the applicant is enrolled in coverage would add several months to the time needed to execute the process of identifying duplicate enrollees and ending their advance PTC. Such additional time would significantly reduce the timeliness and effectiveness of the process and lead to an increase in burden on the state Medicaid systems used to verify duplicate coverage. HHS stated that it will continue this analysis and document the feasibility of approaches for identifying duplicate government sponsored coverage for individuals receiving Medicaid and CHIP coverage in Federally-facilitated Exchange states outside the application state of the consumer as well as periodically verifying individual's continued eligibility. In addition, HHS stated that it has implemented a Periodic Data Matching process to proactively identify consumers who may be receiving Minimum Essential Coverage through Medicare, and thus are no longer eligible for financial assistance to help pay for Exchange coverage. HHS is also exploring approaches to identifying Exchange enrollees who may be deceased and should thus be disenrolled from coverage.
    Recommendation: To improve annual reporting on PTC improper payments, control activities related to eligibility determinations, and calculations of advance PTC, the Secretary of Health and Human Services should direct the Administrator of CMS to assess and document the feasibility of approaches for terminating advance PTC on a timelier basis and, as appropriate, design and implement procedures for improving the timeliness of terminations.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: HHS concurred with this recommendation. HHS stated that it continues to assess the feasibility of terminating advance PTC at various times of the month as a result of consumers not resolving inconsistencies. HHS currently terminates advance PTC between the 1st and 15th of the month following the end of the inconsistency clock in order to accommodate issuer processes. HHS stated that processing in these cohorts also allows for operational and quality efficiencies for HHS since processes can be completed in batches.
    Recommendation: To improve annual reporting on PTC improper payments, control activities related to eligibility determinations, and calculations of advance PTC, the Secretary of Health and Human Services should direct the Administrator of CMS to design and implement procedures for verifying compliance with applicable tax filing requirements--including the filing of the federal tax return and the Form 8962, Premium Tax Credit--necessary for individuals to continue to be eligible for advance PTC.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: HHS concurred with this recommendation. HHS stated that the IRS provides information to Exchanges on consumers who received advance PTC in the prior coverage year but have not taken the necessary steps to file a tax return and reconcile advance PTC. Beginning in Open Enrollment for 2018, the Federally-facilitated Exchange will end advance PTC on behalf of the tax filers who have not filed or have not reconciled advance PTC when that information is reported to the Exchange by IRS.
    Recommendation: To improve annual reporting on PTC improper payments, control activities related to eligibility determinations, and calculations of advance PTC, the Secretary of Health and Human Services should direct the Administrator of CMS to design and implement procedures for verifying major life changes using documentation submitted by applicants enrolling during special enrollment periods.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: HHS concurred with this recommendation. HHS stated that it is continually monitoring the operations of the Exchange and has taken several steps to analyze and strengthen current rules and procedures to ensure that only those who are eligible enroll through special enrollment periods. While special enrollment periods provide a criticial pathway to coverage for qualified individuals who experience qualifying events, it's equally important that special enrollment periods are not misused or abused. HHS also stated that in April 2017, it issued a final rule on Market Stabilization that promotes program integrity by requiring individuals to submit supporting documentation for special enrollment periods and ensures that only those who are eligible are able to enroll. It will encourage individuals to stay enrolled in coverage all year, reducing gaps in coverage and resulting in fewer individual mandate penalties and help to lower premiums. This process will begin in June 2017.
    Recommendation: To improve annual reporting on PTC improper payments, control activities related to eligibility determinations, and calculations of advance PTC, the Secretary of Health and Human Services should direct the Administrator of CMS to design and implement procedures for verifying with IRS (1) household incomes, when attested income amounts significantly exceed income amounts reported by IRS or other third-party sources, and (2) family sizes.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: HHS neither agreed nor disagreed with this recommendation. However, regarding verification of household income and family sizes, HHS stated that as part of its eligibility verification requirements, it verifies consumer-reported income with data from IRS. However, HHS stated that because household incomes may fluctuate year to year, it is difficult for consumers to project income for the year in advance. According to HHS, in instances where applicant-reported income is higher than the IRS data, HHS accepts the consumer attestation. However, HHS stated that it will assess the feasibility and burden on individuals of setting a reasonable threshold for the generation of annual household income inconsistencies that would require additional verification for consumer-attested income that significantly exceeds income amounts reported by IRS or other third party sources. We believe that such an evaluation is a reasonable step to address our recommendation to enhance the effectiveness and efficiency of the program related to verification of household income. In addition, HHS stated that it currently accepts attestation when the family size provided by the individual does not match IRS's records. HHS stated that establishing a process to verify family size with IRS would require significant operational and privacy complexity. While we recognize that there may be certain complexities in the verification of family sizes, it is important that CMS develop policies and procedures to reasonably assure that such verifications are made on a regular basis.
    Recommendation: To comply with improper payments reporting requirements and improve procedures related to processing PTC information on tax returns, the Commissioner of Internal Revenue should direct the appropriate officials to assess the program against applicable IPIA-defined thresholds and conclude on its susceptibility to significant improper payments, and revise the scope of its improper payments susceptibility assessment for the PTC program to include instances in which advance PTC is greater than or equal to the amount of PTC claimed on the tax return. If the program meets the IPIA definition for being susceptible to significant improper payments based on this assessment, estimate and report improper payments associated with the PTC program consistent with IPIA requirements.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open
    Priority recommendation

    Comments: The IRS partially agreed with this recommendation. IRS stated that instances in which the advance payment of the PTC is greater than or equal to the amount of the PTC claimed on the tax return do not result in the IRS increasing the outlay related to PTC, and so by definition these occurrences are not subject to IPIA, as amended. The IRS understands and shares the concern about the misreporting of items on tax returns, including cases where the taxpayer misreports excess advance PTC, but the IRS has many compliance programs that operate outside the scope of IPIA and that address taxpayer error and noncompliance. The IRS conducted its fiscal year 2016 PTC improper payment risk assessment consistent with guidance from the Office of Management and Budget (OMB), which concurred with our methodology. However, the IRS is committed to discussing with OMB a future change to the agreed-upon procedures to assessing PTC improper payments as part of our larger and ongoing discussions with OMB about the administration of refundable tax credits and the challenges of reporting those credits through the framework of improper payments legislation and guidance.
    Recommendation: To comply with improper payments reporting requirements and improve procedures related to processing PTC information on tax returns, the Commissioner of Internal Revenue should direct the appropriate officials to assess and document the feasibility of approaches for incorporating information from the marketplaces on individuals who did not demonstrate that they met the eligibility requirements for citizenship or lawful presence in the tax compliance process. If determined feasible, IRS should work with Treasury to require marketplaces to periodically provide such information on individuals and use such information to recover advance PTC made for those individuals.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: The IRS agreed with this recommendation. IRS stated that it will evaluate the feasibility of receiving information from the marketplaces, and the value of using that information in its processes. If IRS determines that obtaining the data would be feasible and using it would be cost-effective, IRS will consult with Treasury on regulations or other guidance needed to obtain the information. Although eligibility determinations for the advance PTC are made outside the IRS's purview, the IRS has taken steps to ensure that the PTC is administered fairly and properly. For example, IRS has updated guidance in Publication 974, Premium Tax Credit, to clarify that any advance payment of the PTC made on behalf of individuals who did not meet the citizenship or lawful presence requirements must be repaid in full. Taxpayers are required to report the excess advance PTC on their tax returns. If they do not, IRS will address it through post-filing compliance. We will request and review supporting documentation for IRS's reported actions.
    Recommendation: To comply with improper payments reporting requirements and improve procedures related to processing PTC information on tax returns, the Commissioner of Internal Revenue should direct the appropriate officials to assess whether IRS should require its examiners to verify health care coverage of individuals to determine eligibility for PTC. To do this, IRS should complete its evaluation of the level of noncompliance related to duplicate health insurance coverage. Based on this evaluation and if cost effective, IRS should design and implement formal policies and procedures to routinely identify individuals inappropriately receiving PTC because of their eligibility for or enrollment in health care programs outside of the marketplaces and notify such individuals of their ineligibility for PTC.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open
    Priority recommendation

    Comments: IRS agreed with this recommendation. IRS stated that it developed an Affordable Care Act (ACA) Compliance Strategy in October 2016, which included post-filing checks for the PTC. The IRS must rely upon post refund checks to verify if taxpayers had other healthcare coverage and therefore were not eligible to claim the PTC. For tax year 2017 the IRS plans to implement additional capabilities to evaluate coverage. The IRS will continue to evaluate the results and design and implement cost effective policies and procedures that routinely identify individuals inappropriately receiving PTC, as warranted.
    Recommendation: To comply with improper payments reporting requirements and improve procedures related to processing PTC information on tax returns, the Commissioner of Internal Revenue should direct the appropriate officials to design and implement procedures in the Internal Revenue Manual (IRM) for examiners in the post-filing compliance units to review tax returns for health insurance coverage for the entire year, and to identify and assess individual shared responsibility payments (SRP) from those who are not appropriately reporting SRPs on their tax returns.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open
    Priority recommendation

    Comments: IRS disagreed with this recommendation. However, IRS stated that, among other things, it has drafted a new IRM section for examiners who are responsible for reviewing tax returns to determine whether health insurance is reflected for the taxpayer for the entire year, and for identifying and assessing SRP on taxpayers who are not appropriately reporting SRP on their tax returns. IRS stated that the IRM section is pending approval by Exam Policy. Although IRS stated that it disagreed with our recommendation, we believe that the actions that IRS described in its response to our draft report would sufficiently address our recommendation if implemented effectively.
    Recommendation: To comply with improper payments reporting requirements and improve procedures related to processing PTC information on tax returns, the Commissioner of Internal Revenue should direct the appropriate officials to design and implement procedures in the IRM to regularly notify nonfilers of the requirement to file tax returns in order to continue to receive advance PTC in the future.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open
    Priority recommendation

    Comments: The IRS partially agreed with this recommendation. IRS stated that using a research-based approach to evaluate the 2015 tax filing season, it developed a post-compliance process for sending notices to individuals who received advance PTC paid on their behalf in the previous calendar year but failed to file a tax return and also to those who requested an extension to file. IRS stated that being flexible in its approach has allowed IRS to refine the process to improve efficiency and effectiveness. IRS further stated that based on the 2017 research analysis, IRS will determine whether the information should be included in an existing IRM. We agree that IRS should review its process to improve the efficiency and effectiveness of its operations. However, we continue to believe that designing and implementing procedures to regularly notify non-filers of the need to file to continue receiving advance PTC decreases the risk that the ad hoc notification process will not be followed consistently in each filing season.
    Director: Dawn B. Simpson
    Phone: (202) 512-3406

    3 open recommendations
    including 3 priority recommendations
    Recommendation: The Secretary of the Treasury should direct the Fiscal Assistant Secretary to develop and implement procedures and metrics for monitoring the federal government's year-to-year progress in resolving intragovernmental differences for significant federal entities at the reciprocal category and trading partner levels.

    Agency: Department of the Treasury
    Status: Open
    Priority recommendation

    Comments: As of the completion of our fiscal year 2016 consolidated financial statements (CFS) audit, we identified this control deficiency related to monitoring intragovernmental differences. Treasury stated that it will continue to evolve its processes as deemed necessary to ensure that appropriate and effective metrics are deployed to measure and monitor agency performance. We will follow-up on progress made by Treasury and OMB as part of our fiscal year 2017 CFS audit, which is ongoing as of September 2017.
    Recommendation: The Secretary of the Treasury should direct the Fiscal Assistant Secretary to develop and implement a sufficient process for working with federal entities to reduce or resolve the need for significant adjustments to federal entity data submitted for the CFS.

    Agency: Department of the Treasury
    Status: Open
    Priority recommendation

    Comments: As of the completion of our fiscal year 2016 consolidated financial statements (CFS) audit, we identified this control deficiency related to significant adjustments to federal entity data submitted for the CFS. Treasury stated that it will continue to work with agencies to facilitate improvement of processes, minimizing the need for Treasury adjustments to agency reporting. We will follow-up on progress made by Treasury and OMB as part of our fiscal year 2017 CFS audit, which is ongoing as of September 2017.
    Recommendation: The Secretary of the Treasury should direct the Fiscal Assistant Secretary, working in coordination with the Controller of OMB, to improve corrective action plans for (1) treaties and international agreements, (2) additional audit procedures for intragovernmental activity and balances, and (3) the Reconciliation Statements so that they include sufficient information to address the control deficiencies in these areas effectively.

    Agency: Department of the Treasury
    Status: Open
    Priority recommendation

    Comments: As of the completion of our fiscal year 2016 consolidated financial statements (CFS) audit, we identified improvements needed to corrective action plans in three areas. Treasury stated that its current remediation plan, including its various corrective action plans, is comprehensive, appropriate, and effective, with robust ongoing monitoring processes in place. However, we continue to believe that the corrective action plans in these three areas do not include sufficient information to effectively address related control deficiencies involving processes used to prepare the CFS. We will follow-up on progress made by Treasury and OMB as part of our fiscal year 2017 CFS audit, which is ongoing as of September 2017.
    Director: Asif A. Khan
    Phone: (202) 512-9869

    1 open recommendations
    Recommendation: The Secretary of Defense should direct the Office of the Under Secretary of Defense (Comptroller) to provide guidance in the DOD Financial Management Regulation on the timing of when DOD managers should use available tools to help ensure that monthly cash balances are within the upper and lower cash requirements.

    Agency: Department of Defense
    Status: Open

    Comments: DOD concurred with this recommendation and stated that it plans to update the DOD Financial Management Regulation as we recommended to provide additional guidance on the timing of when DOD managers should use available tools to help ensure that monthly cash balances are within the upper and lower cash requirements. DOD also stated that this change will be incorporated for the fiscal year 2019 President's Budget submission and subsequent budgets.
    Director: Malenich, J Lawrence
    Phone: (202) 512-3406

    9 open recommendations
    Recommendation: The Director of the Federal Housing Finance Agency should direct the Chief Financial Officer to develop a mechanism that captures all of the key factors to be considered, such as materiality and risk, when designing the evaluation of internal control over financial reporting and collaborate, as appropriate, with the Inspector General to develop a similar mechanism for use by FHFA-OIG.

    Agency: Federal Housing Finance Agency
    Status: Open

    Comments: FHFA agreed with this recommendation. FHFA is in the process of developing a mechanism that captures key factors, including risk and materiality, when designing the evaluation of internal control over financial reporting. This mechanism will be documented for the FY 2017 evaluation of internal control over financial reporting. FHFA and FHFA OIG are collaborating in these efforts.
    Recommendation: The Director of the Federal Housing Finance Agency should direct the Chief Financial Officer to coordinate with the Inspector General, as appropriate, when calculating materiality thresholds to reasonably assure that materiality determinations are appropriate for the agency as a whole and rationale is adequately documented.

    Agency: Federal Housing Finance Agency
    Status: Open

    Comments: FHFA agreed with this recommendation. During the FY 2017 evaluation of internal control over financial reporting, FHFA will coordinate with the FHFA OIG when calculating materiality thresholds to reasonably assure that materiality determinations are appropriate for the Agency as a whole and the rationale is adequately documented.
    Recommendation: The Director of the Federal Housing Finance Agency should direct the Chief Financial Officer to coordinate with the Inspector General, as appropriate, to assess and document the aggregate effect of all deficiencies identified at the agency-wide level during the evaluation of internal control over financial reporting.

    Agency: Federal Housing Finance Agency
    Status: Open

    Comments: FHFA agreed with this recommendation. FHFA will coordinate with the FHFA OIG during the FY 2017 evaluation of internal control over financial reporting to assess and document the aggregate effect of all deficiencies identified at the Agency-wide level.
    Recommendation: The Director of the Federal Housing Finance Agency should direct the Chief Financial Officer to (1) summarize in sufficient detail by internal control principle those activities from the program offices that have an effect on internal control over financial reporting to reasonably assure the consideration of all internal control components and related principles; (2) collaborate, as appropriate, with the Inspector General to implement corresponding actions at FHFA-OIG; and (3) document how that information is used to conclude on the internal control components and related principles for financial reporting.

    Agency: Federal Housing Finance Agency
    Status: Open

    Comments: FHFA agreed with this recommendation. During the FY 2017 evaluation of internal control over financial reporting, FHFA will summarize by internal control principle those activities from the program offices that have an effect on internal control over financial reporting to reasonably assure the consideration of all internal control components and related principles. FHFA will also document how information is used to conclude on the internal control components and related principles for financial reporting activities that are evaluated. FHFA will collaborate with FHFA OIG in these efforts.
    Recommendation: The Director of the Federal Housing Finance Agency should direct the Chief Financial Officer to enhance the evaluation of internal control over financial reporting by identifying and testing all key control activities, including those related to the preparation of the financial statements.

    Agency: Federal Housing Finance Agency
    Status: Open

    Comments: FHFA agreed with this recommendation. FHFA will enhance the FY 2017 evaluation of internal control over financial reporting by identifying and testing all key control activities, including those related to the preparation of the financial statements.
    Recommendation: The Director of the Federal Housing Finance Agency should direct the Chief Financial Officer to (1) thoroughly document FHFA's review of SSAE No. 16 reports issued for the period under evaluation by reasonably assuring that all applicable control objectives and related control activities are clearly identified and described and the evaluation of user entity controls is adequately explained and (2) collaborate, as appropriate, with the Inspector General to implement corresponding actions at FHFA-OIG.

    Agency: Federal Housing Finance Agency
    Status: Open

    Comments: FHFA agreed with this recommendation. During the FY 2017 evaluation of internal control over financial reporting, FHFA will thoroughly document FHFA's review of SSAE No. 16 reports issued for the period under evaluation by reasonably assuring that all applicable control objectives and related control activities are clearly identified and described and the evaluation of user entity controls is adequately explained. FHFA will collaborate with the FHFA OIG during these efforts.
    Recommendation: The Director of the Federal Housing Finance Agency should direct the Chief Financial Officer to (1) clearly define and document an approach that identifies the information systems that are key to financial reporting, the process areas these information systems support, the key control activities for each information system, and how the key control activities are evaluated and (2) collaborate, as appropriate, with the Inspector General to implement corresponding actions at FHFA-OIG.

    Agency: Federal Housing Finance Agency
    Status: Open

    Comments: FHFA agreed with this recommendation. During the FY 2017 evaluation of internal control over financial reporting, FHFA will clearly define and document an approach that identifies the information systems that are key to financial reporting, the process areas these information systems support, the key control activities for each information system, and how the key control activities are evaluated. FHFA will collaborate with the FHFA OIG in these efforts.
    Recommendation: The Director of the Federal Housing Finance Agency should direct the Chief Financial Officer to collaborate, as appropriate, with the Inspector General to (1) develop a complete list of the specific provisions of laws and regulations that may have an effect on material amounts and related disclosures in the financial statements that are applicable to FHFA-OIG and (2) prepare documentation that clearly links each applicable provision of law or regulation to the key control activities tested.

    Agency: Federal Housing Finance Agency
    Status: Open

    Comments: FHFA agreed with this recommendation. FHFA will collaborate with the FHFA OIG to develop a complete list of the specific provisions of laws and regulations that may have an effect on material amounts and related disclosures in the financial statements that are applicable to the FHFA OIG and prepare documentation that clearly links each applicable provision of law or regulation to the key control activities tested.
    Recommendation: The Director of the Federal Housing Finance Agency should direct the Chief Financial Officer to design an evaluation process that reasonably assures assignment of independent roles between the implementation and monitoring of control activities that are significant to the evaluation of internal control over financial reporting.

    Agency: Federal Housing Finance Agency
    Status: Open

    Comments: FHFA agreed with this recommendation. FHFA is designing an evaluation process that reasonably assures assignment of independent roles between implementation and monitoring of control activities that are significant to the evaluation of internal control over financial reporting. To this end, FHFA has hired an independent contractor to aid in the evaluation process for FY 2017, and has involved staff from FHFA's Office of Quality Assurance in the FY 2017 evaluation process to reasonably assure independent roles between monitoring and implementation going forward.
    Director: Beryl H. Davis
    Phone: (202) 512-2623

    2 open recommendations
    Recommendation: To help ensure that government-wide compliance under IPERA is consistently determined and reported, the Director of OMB should coordinate with CIGIE to develop and issue guidance, either jointly or independently, to specify what procedures should be conducted as part of the IGs' IPERA compliance determinations.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: OMB had no comments on the report or the recommendation to coordinate with CIGIE to develop guidance. Although this recommendation was not directed to CIGIE, the CIGIE Chairperson stated that CIGIE would coordinate with OMB as needed and provide feedback on any draft OMB guidance.
    Recommendation: To help fulfill USDA's requirements under IPERA and OMB guidance--that agencies submit proposals to Congress when a program reaches 3 or more consecutive years of noncompliance with IPERA criteria--the Secretary of Agriculture should submit a letter to Congress detailing proposals for reauthorization or statutory changes in response to 3 consecutive years of noncompliance as of fiscal year 2015 for its Farm Security and Rural Investment Act Program. To the extent that reauthorization or statutory changes are not considered necessary to bring a program into compliance, the Secretary or designee should state so in the letter.

    Agency: Department of Agriculture
    Status: Open

    Comments: USDA's Acting Deputy Secretary concurred with this recommendation.
    Director: Clark, Cheryl E
    Phone: (202)512-9377

    10 open recommendations
    Recommendation: The IRS Commissioner should direct the appropriate IRS officials to develop and implement a process to reasonably assure that IRS operating divisions and the information technology (IT) organization effectively coordinate with the Chief Financial Officer (CFO) organization when making programming changes to information systems affecting financial reporting.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: IRS agreed with this recommendation. IRS stated that by December 2017, the Information Technology (IT) organization, in collaboration with the Chief Financial Officer (CFO) organization, will develop and implement a process to reasonably assure that IRS operating divisions and the IT organization effectively coordinate with the CFO organization when making programming changes to information systems affecting financial reporting. We will follow-up during our audit of IRS's FY 2017 financial statements to determine the status of this recommendation.
    Recommendation: The IRS Commissioner should direct the appropriate IRS officials to research and determine the reason the IT organization did not follow IRS policy to thoroughly test programming changes related to the automation of specific penalty abatement procedures to reasonably assure that they worked as intended before implementation. Based on this determination, the IRS Commissioner should direct the appropriate IRS officials to establish a process to better ensure compliance with existing policies for testing programming changes, including the use and review of the Applications Development transmittal checklist when developing program changes and retention of test results.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: IRS agreed with this recommendation. IRS stated that by June 2018, the IT organization will research IRS policies and practices for testing programming changes to determine what modifications may be needed to reasonably assure programming changes work as intended before implementation. Based on this research, the IT organization will update the affected policies and implement any related process changes, as needed. We will follow-up during our audit of IRS's FY 2017 financial statements to determine the status of this recommendation.
    Recommendation: The IRS Commissioner should direct the appropriate IRS officials to strengthen the process for reasonably assuring that the Internal Revenue Manual (IRM) is reviewed annually to align with the current control procedures and guidance being implemented by agency personnel. This should include a mechanism for reasonably assuring that program owner directors (1) review their respective program control activities and related guidance annually and timely update the IRM as needed, (2) document their reviews, and (3) utilize interim guidance and supplemental guidance correctly for their intended purposes.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: IRS agreed with this recommendation. IRS stated that by March 2018, the Research, Applied Analytics and Statistics organization will strengthen the process to reasonably assure that all IRMs are reviewed annually to align with the current control procedures and guidance being implemented by IRS personnel. This will include a mechanism to reasonably assure that program owner directors (1) review their respective program control activities and related guidance annually, and update the IRM timely, if needed; (2) document their reviews; and (3) use interim guidance and supplemental guidance correctly for their intended purposes. We will follow-up during our audit of IRS's FY 2017 financial statements to determine the status of this recommendation.
    Recommendation: The IRS Commissioner should direct the appropriate IRS officials to ensure that the respective Agency-Wide Shared Services IRM and supplemental guidance related to the frequency of performing (1) emergency/alarm contact-list validation, (2) duress alarm inventory validation, and (3) federal security risk assessments are consistent.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: IRS agreed with this recommendation and considers it closed. IRS stated that in February 2017, the Agency-Wide Shared Services (AWSS) organization updated SOP-17-0002, Alarm Notification, Testing and Maintenance, to synchronize the frequency of performing (1) emergency/alarm contact-list validation; (2) duress alarm inventory validation; and (3) federal security risk assessments, with revised IRM 10.2.14.9, Methods of Providing Protection, Detection Equipment, and IRM 10.2.11.2.5 (3), Facility Security Risk Management. We will assess IRS's actions during our fiscal year 2017 financial statement audit.
    Recommendation: The IRS Commissioner should direct the appropriate IRS officials to update the respective (1) Privacy, Governmental Liaison and Disclosure and (2) CFO IRM sections related to the definition of the tax gap to align with the current understanding followed by IRS personnel.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: IRS agreed with this recommendation. IRS stated that in April 2017, the CFO organization updated IRM 1.34.1.2 (124) Revenue Accounting, Definitions and Acronyms, to align the tax gap definition with the current understanding followed by IRS personnel. Further, by February 2018, the Privacy, Governmental Liaison and Disclosure organization will remove the tax gap definition from IRM 11.4.1.3.1.2, Tax Gap Initiatives. We will follow-up during our audit of IRS's FY 2017 financial statements to determine the status of this recommendation.
    Recommendation: The IRS Commissioner should direct the appropriate IRS officials to revise the applicable IRM sections pertaining to manual refunds to require employees to verify the validity of the digital signatures on the manual refund request forms and the manual refund signature authorization forms.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: IRS agreed with this recommendation. IRS stated that by March 2018, the Wage and Investment (W&I) organization will revise the applicable IRM manual refund sections to require that employees validate the digital signatures on the manual refund request forms and the manual refund signature authorization forms. We will follow-up during our audit of IRS's FY 2017 financial statements to determine the status of this recommendation.
    Recommendation: The IRS Commissioner should direct the appropriate IRS officials to revise system access rights in Human Resources (HR) Connect to prevent HR assistants within the Employment Operations office from approving and releasing pay-related personnel actions to the National Finance Center (NFC).

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: IRS agreed with this recommendation and considers it closed. IRS stated that in February 2017, the Human Capital Office (HCO) revised system access rights in HR Connect to prevent the Employment Operations Office HR assistants from approving and releasing pay-related personnel actions to the National Finance Center (NFC). We will assess IRS's actions during our fiscal year 2017 financial statement audit.
    Recommendation: The IRS Commissioner should direct the appropriate IRS officials to revise the HR Connect HR User Profiles Desk Guide to clearly indicate that HR assistants within the Employment Operations office should not be granted access to approve and release pay-related personnel actions to NFC.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: IRS agreed with this recommendation and considers it closed. IRS stated that in February 2017, HCO revised the HR Connect HR User Profiles Desk Guide to clearly indicate that the Employment Operations Office HR assistants should not be granted access to approve and release pay-related personnel actions to NFC. We will assess IRS's actions during our fiscal year 2017 financial statement audit.
    Recommendation: The IRS Commissioner should direct the appropriate IRS officials to establish and implement procedures to periodically review the process for determining the intragovernmental costs and costs with the public for each major program reported in the notes to the financial statements to provide reasonable assurance that these amounts are reliable and fairly presented.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: IRS agreed with this recommendation. IRS stated that by February 2018, the CFO organization will establish and implement procedures to review periodically the process for determining intragovernmental and public costs for each major program reported in the notes to the financial statements, providing reasonable assurance that these amounts are reliable and presented fairly. We will follow-up during our audit of IRS's FY 2017 financial statements to determine the status of this recommendation.
    Recommendation: The IRS Commissioner should direct the appropriate IRS officials to provide clear guidelines as to what events constitute removal from IRS premises and the disposal date that should be recorded in its inventory system, either through an update of the IRM or other property and equipment-related desk guides.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: IRS agreed with this recommendation. IRS stated that by December 2017, the AWSS organization will provide clear guidelines on events that constitute removal of trackable property and equipment assets from IRS premises, and the disposal date that should be recorded in its inventory system, either by updating the IRM or the property and equipment-related desk guides. We will follow-up during our audit of IRS's FY 2017 financial statements to determine the status of this recommendation.
    Director: J. Christopher Mihm
    Phone: (202) 512-6806

    1 open recommendations
    Recommendation: To promote transparency in the development and management of data standards for reporting federal spending, the Director of the Office of Management and Budget should ensure that the Data Standards Committee makes information about the topics of the committee's proceedings and any resulting outcomes available to the public.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: Paula M. Rascona
    Phone: (202) 512-9816

    2 open recommendations
    including 2 priority recommendations
    Recommendation: The Director of OMB and the Secretary of the Treasury should establish mechanisms to assess the results of independent audits and reviews of agencies' compliance with the DATA Act requirements, including those of agency OIGs, to help inform full implementation of the act's requirements across government.

    Agency: Department of the Treasury
    Status: Open
    Priority recommendation

    Comments: Treasury stated it will establish mechanisms to assess the results of independent audits and reviews of agencies' compliance with the DATA Act requirements, including those of agency OIGs. Treasury also stated these mechanisms will inform Treasury's efforts on whether and how to tailor its future outreach efforts to help agencies meet their DATA Act requirements. We will continue to assess Treasury's efforts to address this recommendation as IGs plan to issue their required reports in November 2017.
    Recommendation: The Director of OMB and the Secretary of the Treasury should establish mechanisms to assess the results of independent audits and reviews of agencies' compliance with the DATA Act requirements, including those of agency OIGs, to help inform full implementation of the act's requirements across government.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open
    Priority recommendation

    Comments: OMB stated that it reviewed available IG readiness review reports in its assessment of agency implementation efforts, and it also relied on other, more up-to-date sources of information from agencies including data obtained from one-on-one meetings and agency self-assessments. We will continue to assess OMB's efforts to address this recommendation as IGs plan to issue their required reports in November 2017.
    Director: John Neumann
    Phone: (202) 512-3841

    8 open recommendations
    Recommendation: To help improve agencies' implementation of the fraud, waste, and abuse prevention requirements in the policy directives, the Administrator of SBA should confirm that each SBIR and STTR agency is implementing the minimum fraud, waste, and abuse prevention requirements in the policy directives, by, for example, requesting documentation from agencies.

    Agency: Small Business Administration
    Status: Open

    Comments: In its comments on the draft report, SBA concurred with this recommendation. In its June 2017 letter on plans for implementing the recommendation, SBA stated that it will request that each participating agency confirm their implementation of its minimum fraud, waste, and Abuse prevention requirements by forwarding an email to each agency requesting confirmation of their compliance. We will review SBA's actions to address this recommendation once those actions are complete.
    Recommendation: To help improve agencies' implementation of the fraud, waste, and abuse prevention requirements in the policy directives, the Administrator of SBA should request input from the participating agencies regarding the clarity of the requirements; review all of the SBIR and STTR minimum fraud, waste, and abuse prevention requirements, including the agency requirement to post information about successful SBIR or STTR fraud prosecutions; determine whether any additional guidance is needed; and revise the policy directives accordingly.

    Agency: Small Business Administration
    Status: Open

    Comments: In its comments on the draft report, SBA concurred with this recommendation. In its June 2017 letter on plans for implementing the recommendation, SBA stated that it plans to discuss the issue with program managers at an upcoming meeting and will also contact all agencies in writing to inquire if additional clarity is needed regarding any of the FWA requirements. SBA said that additional guidance will be provided, if necessary. We will review SBA's actions to address this recommendation once those actions are complete.
    Recommendation: To help improve agencies' implementation of the fraud, waste, and abuse prevention requirements in the policy directives, the Administrator of SBA should revise the fraud, waste, and abuse provisions in the policy directives to reflect the definition of essentially equivalent work used elsewhere in the policy directives and require participating agencies to check for essentially equivalent work that they fund as well as such work funded by other agencies.

    Agency: Small Business Administration
    Status: Open

    Comments: In its comments on the draft report, SBA concurred with this recommendation. In its June 2017 letter on plans for implementing the recommendation, SBA stated that it will revise the SBIR and STTR Policy Directives to reflect the definition of essentially equivalent work as noted in section 3 of the policy directives. SBA also stated that it will work with all parties to determine how to best address the issue of duplication, noting that this is an important issue and a high priority for all parties involved. We will review SBA's actions to address this recommendation once those actions are complete.
    Recommendation: To help improve agencies' implementation of the fraud, waste, and abuse prevention requirements in the policy directives, the Administrator of SBA should evaluate SBIR and STTR agencies' fraud, waste, and abuse outcomes to ensure the fraud, waste, and abuse prevention requirements are appropriate and meet their intended purpose for the SBIR and STTR programs.

    Agency: Small Business Administration
    Status: Open

    Comments: In its comments on the draft report, SBA concurred with this recommendation. In its June 2017 letter on plans for implementing the recommendation, SBA stated that it will survey the participating agencies regarding whether the requirements are necessary and meeting their intended purposes, are placing undue burdens on the agencies, or need to be revised, updated, or eliminated. We will review SBA's actions to address this recommendation once those actions are complete.
    Recommendation: To help improve the implementation of the fraud, waste, and abuse prevention requirements, the Secretary of Health and Human Services (HHS) should direct the HHS SBIR and STTR program offices to collect copies of the self-certification forms from its SBIR and STTR awardees.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: In its comments on a draft of the report, HHS did not concur with our recommendation. In its June 2017 letter on plans for implementing the recommendation, HHS stated that the National Institutes of Health will collect life cycle certifications from SBIR and STTR program recipients through its electronic reporting system, which will allow other HHS components that use that system to also collect the forms. The National Institutes of Health plans to begin collecting the life cycle certification forms in fiscal year 2018. We will review the actions to address this recommendation once they are complete.
    Recommendation: To help ensure that DOD is implementing the fraud, waste, and abuse prevention requirements to the OIGs, the Inspectors General of the Army, Navy, and Air Force should implement the requirements themselves or delegate the implementation of the requirements to the investigative services.

    Agency: Department of Defense: Department of the Air Force: Office of the Inspector General
    Status: Open

    Comments: DOD concurred with the recommendation in its comments on the draft report and confirmed its concurrence in its May 2017 letter on the final report.
    Recommendation: To help ensure that DOD is implementing the fraud, waste, and abuse prevention requirements to the OIGs, the Inspectors General of the Army, Navy, and Air Force should implement the requirements themselves or delegate the implementation of the requirements to the investigative services.

    Agency: Department of Defense: Department of the Navy: Naval Inspector General
    Status: Open

    Comments: DOD concurred with the recommendation in its comments on the draft report and confirmed its concurrence in its May 2017 letter on the final report.
    Recommendation: To help ensure that DOD is implementing the fraud, waste, and abuse prevention requirements to the OIGs, the Inspectors General of the Army, Navy, and Air Force should implement the requirements themselves or delegate the implementation of the requirements to the investigative services.

    Agency: Department of Defense: Department of the Army: Office of the Inspector General
    Status: Open

    Comments: DOD concurred with the recommendation in its comments on the draft report and confirmed its concurrence in its May 2017 letter on the final report.
    Director: David C. Trimble
    Phone: (202) 512-3841

    6 open recommendations
    Recommendation: To allow DOE management to effectively monitor invoice reviews and have assurance that this control activity is operating as intended, the Secretary of Energy should establish a DOE-wide invoice review policy that includes requirements for sites to establish well-documented invoice review operating procedures.

    Agency: Department of Energy
    Status: Open

    Comments: DOE stated that it already has an established, detailed DOE-wide invoice review policy provided in DOE's Financial Management Handbook and in the DOE Acquisition Guide, and that they are updating the Financial Management Handbook to include additional procedures to address intra-governmental payment and collection transactions that they believe will allow the recommendation to be closed by September 30, 2017. However, DOE officials with the office of the CFO at DOE headquarters previously told us that they do not have department-wide invoice review policies and procedures, and that CFOs and contracting officials in DOE field offices are responsible to develop their own invoice review policies and procedures. In addition, we reviewed the Financial Management Handbook and the Acquisition Guide and found that these documents do not contain the detail necessary to serve as an invoice review policy. We will continue to review DOE's implementation of this recommendation to determine whether its actions meet the intent of the recommendation.
    Recommendation: To help DOE take a more strategic approach to managing improper payments and risk, including fraud risk, the Secretary of Energy should implement leading practices for managing the department's risk of fraud, including creating a structure with a dedicated entity within DOE to design and oversee fraud risk management activities.

    Agency: Department of Energy
    Status: Open

    Comments: DOE considers this recommendation to be closed without corrective action. Instead of establishing a dedicated entity within DOE to design and oversee fraud risk management activities, DOE will rely on the existing Office of Financial Policy and Internal Controls and on the DOE Office of Inspector General (OIG)to design and oversee financial fraud risk management activities. We disagree that reliance on these offices meets best practices because neither office is solely dedicated to designing or overseeing fraud risk management activities. Furthermore, according the best practices in GAO's Fraud Risk Framework, the dedicated entity should not be the OIG.
    Recommendation: To help DOE take a more strategic approach to managing improper payments and risk, including fraud risk, the Secretary of Energy should implement leading practices for managing the department's risk of fraud, including conducting fraud risk assessments that are tailored to each program and use the assessments to develop a fraud risk profile

    Agency: Department of Energy
    Status: Open

    Comments: DOE concurred with the substance of the recommendation; however they consider the recommendation to be closed without corrective action because its risk assessments meet the requirements of the Improper Payments Elimination and Recovery Improvement Act of 2012, as reported by the Office of Inspector General (OIG), and because it has implemented updates to OMB Circular A-123 that added requirements related to managing fraud risk and adherence to GAO's Fraud Risk Framework. However, we found that DOE has not conducted fraud risk assessments that are tailored to its programs and therefore do not allow the department to create a fraud risk profile. We also found that, although DOE updated its internal control assessment tools with a list of fraud risks as required by OMB Circular A-123, the list of risks were the same for all DOE sites and were not tailored to the sites' different programs.
    Recommendation: To help DOE take a more strategic approach to managing improper payments and risk, including fraud risk, the Secretary of Energy should implement leading practices for managing the department's risk of fraud, including developing and documenting an antifraud strategy that describes the programs' approaches for addressing the prioritized fraud risks identified during the fraud risk assessment.

    Agency: Department of Energy
    Status: Open

    Comments: DOE concurred with this recommendation but considers the recommendation closed without corrective action because DOE has implemented the updated OMB Circular A-123 and because DOE's anti-fraud strategy is imbedded in the DOE internal control program. However, DOE officials told us that they have not developed or documented a DOE-wide antifraud strategy or directed individual programs to develop program-specific strategies. Furthermore, DOE's implementation of OMB Circular A-123 included adding a list of potential risks to their internal control assessment tool that were the same for all DOE sites and were not tailored to the sites' different programs.
    Recommendation: To help DOE take a more strategic approach to managing improper payments and risk, including fraud risk, the Secretary of Energy should implement leading practices for managing the department's risk of fraud, including designing and implementing specific control activities, including fraud awareness training and data analytics, to prevent and detect fraud and other improper payments.

    Agency: Department of Energy
    Status: Open

    Comments: DOE believes that they are either implementing or have already implemented this recommendation and considers the recommendation closed without additional action. Specifically, DOE stated that the Office of Inspector General (OIG) already provides fraud awareness training and that the OIG provided expanded fraud risk training on June 12, 2017 through a CFO-hosted webinar. However, of the 10 field offices responsible for overseeing contractor costs, none required employees responsible for overseeing contractor costs to attend fraud awareness training.
    Recommendation: To help ensure that necessary data are available to employ data analytics as a tool to perform contractor cost-surveillance activities, the Secretary of Energy should require contractors to maintain sufficiently detailed transaction-level cost data that are reconcilable with amounts charged to the government, including (1) cost data that, at a minimum, represent a full data population and (2) the details necessary to determine the nature of each cost transaction, with such identifiers as transaction date, dollar amount, item or service description, and transaction codes to indicate the type of cost represented (e.g., construction materials, property lease, and office supplies).

    Agency: Department of Energy
    Status: Open

    Comments: DOE did not agree to implement this recommendation because they believe that the recommendation establishes agency-specific requirements for DOE contractors that are more prescriptive than current federal requirements. DOE states that they plan to evaluate the merits of government-wide guidance for applying data-analytics to contract costs only if an OMB working group--established as a requirement of the Fraud Reduction and Data Analytics Act of 2015 to promote interagency coordination on fraud reduction and data analytics--requires them to do so. However, the purpose of the working group is to share fraud management best practices. It is not an implementing body and agencies do not need its permission before proceeding with fraud risk reduction efforts.
    Director: Beryl H. Davis
    Phone: (202) 512-2623

    20 open recommendations
    including 12 priority recommendations
    Recommendation: The Secretary of Agriculture should direct the Under Secretary for Food, Nutrition, and Consumer Services to design policies and procedures to reasonably assure that all award recipients required to submit single audit reports do so in accordance with OMB guidance.

    Agency: Department of Agriculture
    Status: Open
    Priority recommendation

    Comments: The Department of Agriculture's (Agriculture) Under Secretary for Food, Nutrition, and Consumer Services did not comment on the recommendation directed to it. GAO believes the recommendation is valid as discussed in our report. In addition, Agriculture has not provided the 60 day letter in response to our recommendations. On July 27, 2017, the agency informed us that the delay is due to their response still needing to clear several approving offices. We have received no further status updates from Agriculture as to when we can expect to receive its 60 day letter. 31 U.S.C. 720 requires that the agency head submit a written statement of the actions taken by the agency on GAO's recommendations to selected congressional committees and GAO not later than 60 days after the date of our report.
    Recommendation: The Secretary of Agriculture should direct the Under Secretary for Food, Nutrition, and Consumer Services to revise policies and procedures to reasonably assure that management decisions contain the required elements and are issued timely in accordance with OMB guidance.

    Agency: Department of Agriculture
    Status: Open
    Priority recommendation

    Comments: The Department of Agriculture's (Agriculture) Under Secretary for Food, Nutrition, and Consumer Services did not comment on the recommendation directed to it. GAO believes the recommendation is valid as discussed in our report. In addition, Agriculture has not provided the 60 day letter in response to our recommendations. On July 27, 2017, the agency informed us that the delay is due to their response still needing to clear several approving offices. We have received no further status updates from Agriculture as to when we can expect to receive its 60 day letter. 31 U.S.C. 720 requires that the agency head submit a written statement of the actions taken by the agency on GAO's recommendations to selected congressional committees and GAO not later than 60 days after the date of our report.
    Recommendation: The Secretary of Agriculture should direct the Under Secretary for Food, Nutrition, and Consumer Services to design and implement policies and procedures for identifying and managing high-risk and recurring single audit findings using a risk-based approach.

    Agency: Department of Agriculture
    Status: Open

    Comments: The Department of Agriculture's (Agriculture) Under Secretary for Food, Nutrition, and Consumer Services did not comment on the recommendation directed to it. GAO believes the recommendation is valid as discussed in our report. In addition, Agriculture has not provided the 60 day letter in response to our recommendations. On July 27, 2017, the agency informed us that the delay is due to their response still needing to clear several approving offices. We have received no further status updates from Agriculture as to when we can expect to receive its 60 day letter. 31 U.S.C. 720 requires that the agency head submit a written statement of the actions taken by the agency on GAO's recommendations to selected congressional committees and GAO not later than 60 days after the date of our report.
    Recommendation: The Secretary of Agriculture should direct the Under Secretary for Rural Development to design policies and procedures to reasonably assure that all award recipients required to submit single audit reports do so in accordance with OMB guidance.

    Agency: Department of Agriculture
    Status: Open
    Priority recommendation

    Comments: The Department of Agriculture's (Agriculture) Under Secretary for Rural Development (RD) concurred with this recommendation. An RD official stated that it will work with Agriculture's Office of the Chief Financial Officer and the program areas to develop policies and procedures to ensure that its award recipients are in compliance with Office of Management and Budget (OMB) guidance. RD stated that it will meet with each program area and discuss how single audits are processed and resolved. RD plans to develop policies and procedures for identifying all award recipients that should file single audit reports; determining if all required single audit reports are filed, received, and processed each year; and assuring that transmittal letters and management decisions contain the required elements and are issued timely in accordance with current OMB guidance. RD also stated that it will develop new policies and procedures for identifying and managing high-risk and recurring single audit findings using a risk-based approach. We will assess these efforts once completed.
    Recommendation: The Secretary of Agriculture should direct the Under Secretary for Rural Development to revise policies and procedures to reasonably assure that management decisions contain the required elements and are issued timely in accordance with OMB guidance.

    Agency: Department of Agriculture
    Status: Open
    Priority recommendation

    Comments: The Department of Agriculture's (Agriculture) Under Secretary for Rural Development (RD) concurred with this recommendation. An RD official stated that it will work with Agriculture's Office of the Chief Financial Officer and the program areas to develop policies and procedures to ensure that its award recipients are in compliance with Office of Management and Budget (OMB) guidance. RD stated that it will meet with each program area and discuss how single audits are processed and resolved. RD plans to develop policies and procedures for identifying all award recipients that should file single audit reports; determining if all required single audit reports are filed, received, and processed each year; and assuring that transmittal letters and management decisions contain the required elements and are issued timely in accordance with current OMB guidance. RD also stated that it will develop new policies and procedures for identifying and managing high-risk and recurring single audit findings using a risk-based approach. We will assess these efforts once completed.
    Recommendation: The Secretary of Agriculture should direct the Under Secretary for Rural Development to design and implement policies and procedures for identifying and managing high-risk and recurring single audit findings using a risk-based approach.

    Agency: Department of Agriculture
    Status: Open

    Comments: The Department of Agriculture's (Agriculture) Under Secretary for Rural Development (RD) concurred with this recommendation. An RD official stated that it will work with Agriculture's Office of Chief Financial Officer and the program areas to develop policies and procedures to ensure that its award recipients are in compliance with Office of Management and Budget (OMB) guidance. RD stated that it will meet with each program area and discuss how single audits are processed and resolved. RD plans to develop policies and procedures for identifying all award recipients that should file single audit reports; determining if all required single audit reports are filed, received, and processed each year; and assuring that transmittal letters and management decisions contain the required elements and are issued timely in accordance with current OMB guidance. RD also stated that it will develop new policies and procedures for identifying and managing high-risk and recurring single audit findings using a risk-based approach. We will assess these efforts once completed.
    Recommendation: The Secretary of Health and Human Services should direct the Assistant Secretary for Financial Resources to revise policies and procedures to reasonably assure that management decisions contain the required elements and are issued timely in accordance with OMB guidance.

    Agency: Department of Health and Human Services
    Status: Open
    Priority recommendation

    Comments: The Department of Health and Human Services (HHS) concurred with this recommendation to the Assistant Secretary for Financial Resources (ASFR). HHS stated that it will enhance the Grants Policy Administration Manual (issued on December 31, 2015) to provide additional details regarding the elements to be included in the management decisions letters. ASFR stated that it will use its established Single Audit Resolution Workgroup, comprised of representatives from the HHS agencies who are responsible for single audit resolution activities, to continually evaluate and strengthen its relevant policies and procedures. We will assess these efforts once completed.
    Recommendation: The Secretary of Health and Human Services should direct the Assistant Secretary for Financial Resources to design and implement policies and procedures for identifying and managing high-risk and recurring single audit findings using a risk-based approach.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: The Department of Health and Human Services (HHS) concurred with this recommendations to the Assistant Secretary for Financial Resources (ASFR). HHS stated that it is committed to ensuring that grantees submit single audits in a timely and complete manner and that its subagencies utilize the findings to ensure proper management of its grantees. HHS stated that ASFR is taking over the single audit assignment and tracking function from the OIG and that this realignment will allow HHS to better meet the requirements of the Uniform Guidance. HHS stated that it would continue to evaluate its policies and procedures to ensure compliance with regulations, particularly as ASFR takes over the single audit findings assignment and tracking function from the OIG. In addition, HHS stated that ASFR will work to develop policies and procedures that utilize a risk-based approach for high-risk and recurring single audit findings. We will assess these efforts once completed.
    Recommendation: The Secretary of Health and Human Services should direct the Administrator of the Centers for Medicare and Medicaid Services to revise its policies and procedures to take action to obtain single audit reports when award recipients did not submit reports within the required time frames.

    Agency: Department of Health and Human Services
    Status: Open
    Priority recommendation

    Comments: The Department of Health and Human Services (HHS) concurred with this recommendation to the Centers for Medicare and Medicaid Services (CMS). HHS stated that CMS has developed a Standard Operating Procedure (SOP) based on the Grants Policy Administration Manual (GPAM) issued December 31, 2015. The SOP is currently under review and will be implemented after approval and signature by CMS leadership. The SOP includes provisions for following up with entities that have delinquent audits. We will assess these efforts once completed.
    Recommendation: The Secretary of Health and Human Services should direct the Administrator of the Centers for Medicare and Medicaid Services to revise its policies and procedures to reasonably assure that management decisions contain the required elements and are issued timely in accordance with OMB guidance.

    Agency: Department of Health and Human Services
    Status: Open
    Priority recommendation

    Comments: The Department of Health and Human Services (HHS) concurred with this recommendation to the Centers for Medicare and Medicaid Services (CMS). HHS stated that it has developed a Standard Operating Procedure (SOP) based on the Grants Policy Administration Manual (GPAM) issued on December 31, 2015, and the draft Management Decision Letter (MDL) HHS guidelines document. In April 2017, HHS informed us that the SOP is under review and will be implemented after approval and signature by CMS leadership. The SOP includes management decision letter elements and the timely issuance of MDLs. We will assess these efforts once completed.
    Recommendation: The Secretary of Health and Human Services should direct the Administrator of the Centers for Medicare and Medicaid Services to design and implement policies and procedures for identifying and managing high-risk and recurring single audit findings using a risk-based approach.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: The Department of Health and Human Services (HHS) concurred with this recommendation to CMS. HHS stated that CMS plans to update the 1982 Health Care Financing Administration Audit Resolution Manual and will work collaboratively with HHS to develop policies and procedures that utilize a risk-based approach for high-risk and recurring single audit findings. We will assess these efforts once completed.
    Recommendation: The Secretary of Housing and Urban Development should direct the Principal Deputy Assistant Secretary for the Office of Community Planning and Development to revise policies and procedures to reasonably assure that management decisions contain the required elements and are issued timely in accordance with OMB guidance.

    Agency: Department of Housing and Urban Development
    Status: Open
    Priority recommendation

    Comments: The Department of Housing and Urban Development's (HUD) Office of Community Planning and Development (CPD) disagreed with this recommendation, but we maintain that revisions to CPD's policies and procedures are warranted to help CPD comply with the Office of Management and Budget (OMB) guidance. CPD officials stated that it provided training on writing management decisions to all CPD field offices in March 2017 and plans to issue a reminder memorandum on management decisions to field offices. We will assess these efforts once completed.
    Recommendation: The Secretary of Housing and Urban Development should direct the Principal Deputy Assistant Secretary for the Office of Community Planning and Development to design and implement policies and procedures for identifying and managing high-risk and recurring single audit findings using a risk-based approach.

    Agency: Department of Housing and Urban Development
    Status: Open

    Comments: In April 2017, the Department of Housing and Urban Development's (HUD) Office of Community Planning and Development (CPD) stated that it planned to produce appropriate policies and procedures for risk rating single audit findings by the end of fiscal year 2017. We will assess these efforts once completed.
    Recommendation: The Secretary of Housing and Urban Development should direct the Principal Deputy Assistant Secretary for the Office of Public and Indian Housing to revise policies to reasonably assure that management decisions contain the required elements and are issued timely in accordance with OMB guidance.

    Agency: Department of Housing and Urban Development
    Status: Open
    Priority recommendation

    Comments: The Department of Housing and Urban Development's (HUD) Office of Public and Indian Housing developed policies and procedures and conducted training for field offices relating to management decisions. We reviewed these policies and procedures and noted that they did not contain all of the required elements in accordance with the Office of Management and Budget guidance relating to management decisions. HUD officials stated that they will review the policies and procures and revise, if needed, to address our concerns. We will assess these efforts once completed.
    Recommendation: The Secretary of Housing and Urban Development should direct the Principal Deputy Assistant Secretary for the Office of Public and Indian Housing to design and implement policies and procedures for identifying and managing high-risk and recurring single audit findings using a risk-based approach.

    Agency: Department of Housing and Urban Development
    Status: Open

    Comments: The Department of Housing and Urban Development's (HUD) Office of Public and Indian Housing met with GAO on July 10, 2017, to discuss the status of this recommendation. The HUD officials at this meeting said the current language in their Independent Public Accountant (IPA) auditing standards addresses the GAO recommendation. However, we explained to the HUD officials at the meeting that the current language is insufficient to close the recommendation as it does not show evidence that HUD has designed or implemented policies and procedures for how HUD is identifying and managing high-risks. The HUD officials stated that they will give this recommendation more consideration and revise the standards and provide GAO with additional support to show what HUD has done to address this recommendation. We will assess these efforts once completed.
    Recommendation: The Secretary of Transportation should direct the Administrator of the Federal Highway Administration to revise policies and procedures to reasonably assure that management decisions contain the required elements and are issued timely in accordance with OMB guidance.

    Agency: Department of Transportation
    Status: Open
    Priority recommendation

    Comments: The Department of Transportation (DOT) agreed with this recommendation. DOT stated that it will, no later than December 31, 2017, instruct the Federal Highway Administration to design, revise, and implement procedures to comply with federal grant and financial management requirements by September 30, 2019. We will assess these efforts once completed.
    Recommendation: The Secretary of Transportation should direct the Administrator of the Federal Highway Administration to design and implement policies and procedures for identifying and managing recurring single audit findings using a risk-based approach.

    Agency: Department of Transportation
    Status: Open

    Comments: The Department of Transportation (DOT) agreed with this recommendation. DOT stated that it will, no later than December 31, 2017, instruct the Federal Highway Administration to design, revise, and implement procedures to comply with federal grant and financial management requirements by September 30, 2019. We will assess these efforts once completed.
    Recommendation: The Secretary of Transportation should direct the Administrator of the Federal Transit Administration to design policies and procedures to reasonably assure that all award recipients required to submit single audit reports do so in accordance with OMB guidance.

    Agency: Department of Transportation
    Status: Open
    Priority recommendation

    Comments: The Department of Transportation (DOT) agreed with this recommendation. DOT stated that it will, no later than December 31, 2017, instruct the Federal Transit Administration to design, revise, and implement procedures to comply with federal grant and financial management requirements by September 30, 2019. We will assess these efforts once completed. We will assess these efforts once completed.
    Recommendation: The Secretary of Transportation should direct the Administrator of the Federal Transit Administration to revise policies and procedures to reasonably assure that management decisions contain the required elements and are issued timely in accordance with OMB guidance.

    Agency: Department of Transportation
    Status: Open
    Priority recommendation

    Comments: The Department of Transportation (DOT) agreed with our recommendations. DOT stated that it will, no later than December 31, 2017, instruct the Federal Transit Administration to design, revise, and implement procedures to comply with federal grant and financial management requirements by September 30, 2019. We will assess these efforts once completed.
    Recommendation: The Secretary of Transportation should direct the Administrator of the Federal Transit Administration to design and implement policies and procedures for identifying and managing recurring single audit findings using a risk-based approach.

    Agency: Department of Transportation
    Status: Open

    Comments: The Department of Transportation (DOT) agreed with this recommendation. DOT stated that it will, no later than December 31, 2017, instruct the Federal Transit Administration to design, revise, and implement procedures to comply with federal grant and financial management requirements by September 30, 2019. We will assess these efforts once completed.
    Director: Asif A. Khan
    Phone: (202) 512-9869

    8 open recommendations
    Recommendation: The Secretary of the Army should direct the Internal Review Directorate under the Assistant Secretary of the Army, Financial Management and Comptroller, to develop written policies and procedures for all financial management-related audit findings and recommendations under its purview that include the following: (1) how the status of the recommendations will be tracked; (2) the process and criteria to be followed for prioritizing the findings and recommendations; (3) the process for developing CAPs to remediate the findings and recommendations, including the detailed CAP elements recommended by the Implementation Guide for OMB Circular A-123; and (4) the process for monitoring the status and progress of the CAPs, including the documentation to be maintained for monitoring CAP status and any actions to be taken if a lack of progress is found.

    Agency: Department of Defense: Department of the Army
    Status: Open

    Comments: The Army concurred with this recommendation. The Army stated that the Internal Review Directorate has completed updating its written standard operating procedures to include monitoring financial management-related external audit findings and recommendations. The Army stated that this new guidance includes an explanation of how recommendations will be tracked; how findings and recommendations will be prioritized; how status and progress of corrective action plans (CAPs) will be developed; and how the status and progress of CAPs will be monitored.
    Recommendation: The Secretary of the Army should direct the Accountability and Audit Readiness Directorate under the Assistant Secretary of the Army, Financial Management and Comptroller, to enhance the directorate's policies and procedures for (1) tracking and prioritizing all financial management-related audit findings and recommendations under its purview and (2) developing and monitoring CAPs for all such recommendations so that they include sufficient details, such as the criteria used to prioritize the CAPs, the recommended CAP elements, and the process for monitoring and documenting the progress and status of CAPs.

    Agency: Department of Defense: Department of the Army
    Status: Open

    Comments: The Army concurred with this recommendation. The Army stated that the Accountability and Audit Readiness Directorate has completed actions to enhance its current standard operating procedures to include (1) updating its corrective action plan (CAP) database and reporting tool, (2) documenting its reporting procedures, and (3) updating its CAP template to include additional elements recommended by the Implementation Guide for OMB Circular A-123. In addition, the Army stated that its policies and procedures include steps to incorporate external financial management-related audit findings assigned to the Accountability and Audit Readiness Directorate by the Internal Review Directorate and that the existing process the Army uses to prioritize findings and the related CAPs and to monitor the progress and status of CAPs has been documented.
    Recommendation: The Secretary of the Navy should, when finalizing the Navy's policies and procedures for identifying and tracking its CAPs to remediate financial management-related audit findings and recommendations, enhance this guidance so it includes detailed steps and specific procedures for confirming and validating the completeness and accuracy of the status of these audit findings and recommendations.

    Agency: Department of Defense: Department of the Navy
    Status: Open

    Comments: The Navy concurred with this recommendation. The Navy stated that it is (1) recording new findings and recommendations on a weekly basis in its deficiency database, (2) reviewing historical audits to ensure that previous findings and recommendations are recorded, and (3) collaborating with audit agencies to establish a process to reconcile the status of recommendations to ensure that its deficiency database accurately reports open and closed recommendations. The Navy also stated that these processes would be documented and implemented by January 31, 2017.
    Recommendation: The Secretary of the Air Force should design and document a comprehensive process to ensure that the complete universe of all financial management-related findings and recommendations from all audit sources is identified and tracked.

    Agency: Department of Defense: Department of the Air Force
    Status: Open

    Comments: The Air Force concurred with this recommendation. The Air Force stated that it will revise its existing process for identifying and tracking all financial management-related findings and recommendations from all audit sources. The Air Force stated that the process will include the procedures for summarizing the status of findings on a bi-monthly basis and providing a summary for the FIAR Governance Board meetings. The Air Force stated that it plans to implement this recommendation by January 31, 2018.
    Recommendation: The Secretary of the Air Force should update the Air Force's written policies and procedures for prioritizing financial management-related audit findings and recommendations from all audit sources and for developing and monitoring CAPs so that they include sufficient details. These procedures should include the following details: (1) The process to be followed for prioritizing the financial management-related findings and recommendations from audit sources. (2) The guidance for developing CAPs for all financial management-related audit findings and recommendations from all audit sources to include complete details, including the elements recommended by the Implementation Guide for OMB Circular A-123. (3) The process for monitoring the status of the CAPs for all financial management-related audit findings and recommendations from all audit sources, including the documentation to support any corrective actions taken, as recommended by the Implementation Guide for OMB Circular A-123.

    Agency: Department of Defense: Department of the Air Force
    Status: Open

    Comments: The Air Force concurred with this recommendation. The Air Force stated that it will revise its existing written policies and procedures for tracking and monitoring all financial management-related audit findings and recommendations. Specifically, the Air Force stated the these revised policies and procedures will (1) articulate prioritizing findings and recommendations; (2) provide guidance for developing detailed and actionable corrective action plans (CAPs), which address the condition and root cause of the findings and include elements recommended by OMB Circular A-123; and (3) provide clear guidance for monitoring the status and progress towards implementing and closing the CAPs. The Air Force plans to implement this recommendation by January 31, 2019.
    Recommendation: To improve DOD management's process for monitoring the military services' audit remediation efforts and to provide timely and useful information to stakeholders as needed, the Secretary of Defense should direct the Secretary of the Army, the Secretary of the Navy, and the Secretary of the Air Force to prepare and submit to the Under Secretary of Defense (Comptroller), on at least a bimonthly basis for availability at the FIAR Governance Board meetings, a summary of key information included in the CAPs that at a minimum contains the data elements recommended by the Implementation Guide for OMB Circular A-123 for each CAP related to critical capabilities for achieving audit readiness.

    Agency: Department of Defense
    Status: Open

    Comments: DOD concurred with this recommendation. DOD stated that it solicits input on a bi-monthly basis, on critical capability corrective action plans (CAPs) at a summary level. This information is provided routinely at regularly scheduled FIAR Governance Board meetings. DOD also stated that an updated notice of finding and recommendation (NFR) form template is being developed and will be provided to the military services to use for reporting this information so that it will include the recommended standard data elements outlined in OMB Circular A-123 to provide greater transparency into the nature of remediation plans. DOD also stated that FIAR Guidance will be updated to explicitly state that military services should include the OMB recommended standard data elements in CAPs.
    Recommendation: To reasonably assure that DOD management and external stakeholders have a comprehensive picture of the status of corrective actions needed for audit readiness throughout the department, the Secretary of Defense should direct the Under Secretary of Defense (Comptroller) to prepare a consolidated CAP management summary on a bimonthly basis that includes the data elements referred to above on the status of all CAPs related to critical capabilities for the military services and for the service providers and other defense organizations.

    Agency: Department of Defense
    Status: Open

    Comments: DOD partially concurred with this recommendation. According to DOD, the military services already provide summary-level updates on their critical capability corrective action plans (CAPs) at FIAR Governance Board meetings. It also stated that the template that is used to present CAPs to the FIAR Governance Board meetings at the summary level has been updated to align CAPs to critical capabilities. DOD still needs to address how all of the data elements from the Implementation Guide for OMB Circular A-123 will be summarized or otherwise reported for all CAPs pertaining to critical capabilities across the Department. In addition, DOD stated that because the DOD Comptroller takes responsibility for maintaining, monitoring, and reporting on the status of CAPs for the service providers and other defense organizations and of DOD-wide issues, the Comptroller will also summarize this information. However, DOD has not clarified what information from the military services will be summarized.
    Recommendation: To facilitate the development of a consolidated CAP management summary and the ability to efficiently respond to stakeholder requests, the Under Secretary of Defense (Comptroller) should develop and implement a centralized monitoring and reporting process that at a minimum (1) captures department-wide information on the military services' and other defense organizations' CAPs related to critical capabilities, including the standard data elements recommended in the Implementation Guide for OMB Circular A-123, and (2) maintains up-to-date information on the status of these CAPs.

    Agency: Department of Defense: Under Secretary of Defense (Comptroller)
    Status: Open

    Comments: DOD partially concurred with this recommendation. DOD stated that as outlined in the military services' responses to our recommendations directed to them, the Army, Navy, and Air Force have agreed to take the responsibility for developing, maintaining, and monitoring all CAPs at the level recommended by the Implementation Guide for OMB Circular A-123. Further, DOD stated that based on the Comptroller actively participating in monthly meetings with military services to gain an understanding of their CAPs and the information reported in bi-monthly FIAR Governance Board meetings, this provides the Department the ability to efficiently respond to stakeholder requests related to critical capabilities CAPs. However, DOD did not describe a centralized reporting process to ensure consistent standard data elements are provided in CAPs and that the information on the status of the CAPs is up to date.
    Director: Susan Irving
    Phone: (202) 512-6806

    6 open recommendations
    Recommendation: To ensure efficient use of resources and plan for realistic risks, the Secretary of Agriculture should direct APHIS to review and document its operating reserve targets including an analysis of individual program needs, risks, and probable contingencies, for Veterinary Services Import Export fees.

    Agency: Department of Agriculture
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To ensure efficient use of resources and plan for realistic risks, the Secretary of Agriculture should direct APHIS to review and document its operating reserve targets including an analysis of individual program needs, risks, and probable contingencies, for Veterinary Diagnostic fees.

    Agency: Department of Agriculture
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To ensure efficient use of resources and plan for realistic risks, the Secretary of Agriculture should direct APHIS to review and document its operating reserve targets including an analysis of individual program needs, risks, and probable contingencies, for Phytosanitary Export Certification fees.

    Agency: Department of Agriculture
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: Similarly, to ensure efficient use of resources and plan for realistic risks, the Director of CFPB should review and document its operating reserve targets for the Bureau Fund, including an analysis of program needs, risks, and probable contingencies.

    Agency: Consumer Financial Protection Bureau
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To ensure that the reserve target SEC set for PCAOB safeguards against realistic risks and probable contingencies, including potential unforeseen funding delays, the SEC Chair, in exercising the commission's authority to oversee PCAOB, should analyze--and document the analysis of--program needs and probable contingencies, in consultation with PCAOB as appropriate.

    Agency: United States Securities and Exchange Commission
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To ensure that timely information is available to facilitate congressional oversight, promote transparency, and foster public accountability, the SEC Chair, in exercising the commission's authority to oversee PCAOB, should establish a deadline for PCAOB's required annual report, including its audited financial statements.

    Agency: United States Securities and Exchange Commission
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: Beryl H. Davis
    Phone: (202) 512-2623

    2 open recommendations
    Recommendation: To provide increased oversight of AOC and to keep the Architect and the Congress fully and currently informed, the AOC OIG should revise and implement policies and procedures to provide audit reports that are based on planning that includes an assessment of risk and the assignment of priorities, consistent with requirements in CIGIE's Quality Standards for Federal Offices of Inspector General.

    Agency: Architect of the Capitol
    Status: Open

    Comments: The AOC OIG has met the intent of GAO recommendation related to "revising" policies and procedures. We have verified that AOC OIG's policies (dated February 2017) have been revised and now require an assessment of risk and the assignment of priorities, consistent with requirements in CIGIE's Quality Standards for Federal Offices of Inspector General. However, we do not believe AOC OIG has met the intent of GAO recommendation related to "implementing" policies and procedures. In June 2017, the AOC OIG informed us that it plans to complete a risk assessment in August 2017 and use the results from the risk assessment to aid in developing the AOC OIG fiscal year 2018 audit plan, which AOC OIG plans to complete by October 1, 2017. To fully implement the recommendation, we believe AOC OIG still needs to (1) complete the risk assessment and (2) show how it used the results of the risk assessment to improve the scope of what needs to be audited. We will continue to monitor AOC OIG's actions to address this recommendation.
    Recommendation: To reduce the risk that fraud, waste, and abuse and criminal activities are not detected or fully addressed, the AOC OIG should (1) work with CIGIE to obtain a peer review from another federal OIG of the AOC OIG's overall investigative operations, including consideration of the OIG's reliance on investigations performed by other entities, and (2) make any needed changes in its operating procedures based on the results of the review to help ensure that investigations of AOC are conducted in accordance with CIGIE standards for investigations and AOC Inspector General Act of 1978 (IG Act) requirements.

    Agency: Architect of the Capitol
    Status: Open

    Comments: On April 27, 2017, the OIG informed us that it has scheduled with CIGIE an external peer review of AOC investigative operations. The Federal Housing Finance Agency OIG is scheduled to perform this review in August 2017. This external review will also include assessing the AOC OIG's reliance on other OIGs and the U.S. Capitol Police to complete certain investigations. Further, AOC OIG indicated that after they receive the results of this peer review, they will make needed changes in operating procedures consistent with the GAO recommendation. We will continue to monitor AOC OIG's actions to address this recommendation.
    Director: J. Lawrence Malenich
    Phone: (202) 512-3406

    1 open recommendations
    Recommendation: CCI's Chief Financial Officer should update its existing Procurement and Accounts Payable Policy to fully document CCI's management approval controls over payments made by check, including exemptions to regular procedures. This should include approval procedures to be followed during periods when only one authorized manager is available to sign checks for payment.

    Agency: Capital Concerts, Inc.
    Status: Open

    Comments: We provided a draft of this report to Capital Concerts, Inc. (CCI) for comment. In its written comments, CCI stated that its Board of Directors will take appropriate action to address this recommendation.
    Director: Beryl H. Davis
    Phone: (202) 512-2623

    9 open recommendations
    including 4 priority recommendations
    Recommendation: To provide agencies access to SSA's more complete set of death data, Congress should consider amending the Social Security Act to explicitly allow SSA to share its full death file with Treasury for use through the DNP working system.

    Agency: Congress
    Status: Open

    Comments: When we confirm what actions have been taken we will update. As of August 3, 2017, no updated information has been provided.
    Recommendation: To reasonably assure that additional relevant databases are identified and evaluated for inclusion in the DNP working system, the Director of OMB should develop, document, and communicate a formal process that user agencies can use to identify, suggest, and receive feedback on additional databases to be evaluated for inclusion in the DNP working system.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: We provided a draft of this report to OMB and Treasury and other agencies we reviewed for comment. In its written comments, OMB agreed with this recommendation and cited plans to implement it. As of August 3, 2017, no updated information has been provided by the OMB. We will continue to monitor the status of this recommendation.
    Recommendation: To reasonably assure that the DNP working system is used effectively and consistently, the Director of OMB should develop guidance that clarifies whether the use of DNP's payment integration functionality is required and--if required--the circumstances and process in which agencies may obtain an exemption from this requirement.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open
    Priority recommendation

    Comments: We provided a draft of this report to OMB and Treasury and other agencies we reviewed for comment. In its written comments, OMB agreed with this recommendation and cited plans to implement it. As of August 3, 2017, no updated information has been provided by the OMB. We will continue to monitor the status of this recommendation.
    Recommendation: To reasonably assure that agencies use the DNP working system effectively, the Director of OMB should develop a strategy--and communicate its strategy through guidance--for how agencies should use the DNP working system to complement existing data matching processes and whether and how agencies should consider using the DNP working system to streamline existing data matching. Such guidance may cover how agencies should demonstrate that their data matching processes meet the requirements in the Improper Payments Elimination and Recovery Improvement Act of 2012, whether agencies can decide on their own which specific databases to use, and how agencies should use the functionalities available through the DNP working system.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open
    Priority recommendation

    Comments: We provided a draft of this report to OMB and Treasury and other agencies we reviewed for comment. In its written comments, OMB stated that it generally agreed with the concept of developing a strategy for how agencies should use the Do Not Pay (DNP) working system to complement existing data matching processes and would explore the concept further. As of August 3, 2017, no updated information has been provided by the OMB. We will continue to monitor the status of this recommendation.
    Recommendation: To reasonably assure that agencies develop consistent policies and procedures to verify DNP matches, the Director of OMB should provide additional guidance that outlines when and how agencies should verify DNP matches against a secondary source and provide individuals an opportunity to contest before taking adverse actions as a result of DNP matches.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open
    Priority recommendation

    Comments: We provided a draft of this report to OMB and Treasury and other agencies we reviewed for comment. In its written comments, OMB stated that it agreed with the of consistent policies and procedures and will work with agencies so that their policies and procedures for verifying Do Not Pay (DNP) matches are developed consistently. As of August 3, 2017, no updated information has been provided by the OMB. We will continue to monitor the status of this recommendation.
    Recommendation: To better monitor agency use of the DNP working system once a strategy has been developed, the Director of OMB should develop and implement monitoring mechanisms--such as goals, benchmarks, and performance measures--to evaluate agency use of the DNP working system.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open
    Priority recommendation

    Comments: We provided a draft of this report to OMB and Treasury and other agencies we reviewed for comment. In its written comments, OMB stated that it agreed with the concept of monitoring mechanisms and will continue to work with agencies to reduce improper payments and encourage agencies to establish goals to improve payment accuracy that will be monitored and evaluated by OMB. As of August 3, 2017, no updated information has been provided by the OMB. We will continue to monitor the status of this recommendation.
    Recommendation: To reasonably assure that agency-reported information on use of the DNP working system is reliable, the Director of OMB should develop a process for comparing agency reporting on the use of the DNP working system to available sources, such as OMB guidance and DNP working system adjudication reports.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: We provided a draft of this report to OMB and Treasury and other agencies we reviewed for comment. In its written comments, OMB stated that it agreed with the concept of ensuring that data are reliable and will consider the feasibility of a process to compare agency submissions to available sources to reasonably assure that agency-reported information on use of the Do Not Pay (DNP) working system is reliable. As of August 3, 2017, no updated information has been provided by the OMB. We will continue to monitor the status of this recommendation.
    Recommendation: To reasonably assure that agency-reported information on use of the DNP working system is complete, the Director of OMB should revise its guidance to clarify whether agencies should report on their uses of all of the functionalities of the DNP working system in their agency financial reports.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: We provided a draft of this report to OMB and Treasury and other agencies we reviewed for comment. In its written comments, OMB stated that it agreed with ensuring the completeness of data and will continue to work with agencies and the Chief Financial Officer community to ensure that agency-reported information on the use of the Do Not Pay (DNP) working system is complete. As of August 3, 2017, no updated information has been provided by the OMB. We will continue to monitor the status of this recommendation.
    Recommendation: The Secretary of the Treasury should modify the DNP working system to track adjudication of matches obtained through all functionalities.

    Agency: Department of the Treasury
    Status: Open

    Comments: In a memo dated April 13, 2017, the Department of Treasury (Treasury) stated that it is in the process of evaluating potential solutions to capture information on the impact of Portal functionalities (online single search, continuous monitoring, and batch matching), and has developed a plan with timeframes to assess the technical feasibility as well as user willingness to provide information. However, Treasury stated that it cannot be certain that this evaluation will identify viable solutions, and therefore cannot commit to making any modifications to the working system. Treasury explained, for instance, it may not be possible to design an effective and user-friendly strategy to capture agency decisions to remove an excluded party identified in a continuous monitoring file from a list of approved vendors. Further, Treasury explained that even if it can capture those decisions, it may be even more difficult to assign a dollar value to that decision as there would be no payment pending in this example. Nevertheless, Treasury stated that it is committed to thoroughly evaluating whether a solution is possible, and--if a solution proves feasibly--its goal is to complete a development plan for the implementation of any identified solutions by September 30, 2018.
    Director: Beryl H. Davis
    Phone: (202) 512-2623

    11 open recommendations
    Recommendation: To improve the design of internal controls over the indirect cost rate-setting process, the Director of CAS should develop a standardized checklist and document procedures in its internal guidance instructing negotiators to use the checklist during negotiation.

    Agency: Department of Health and Human Services: Division of Cost Allocation
    Status: Open

    Comments: HHS concurred with this recommendation. In response, HHS stated that its Cost Allocation Services (CAS) will update and complete standardized checklists and that staff will be instructed to use these checklists by December 31, 2016. We are currently reviewing support received from HHS to determine if we can close the recommendation.
    Recommendation: To improve the design of internal controls over the indirect cost rate-setting process, the Director of CAS should develop detailed internal guidance for the completion and documentation of supervisory review of the indirect cost rate negotiation process to provide reasonable assurance that key control activities have been performed by the negotiators.

    Agency: Department of Health and Human Services: Division of Cost Allocation
    Status: Open

    Comments: HHS concurred with this recommendation. In response, HHS stated that by December 31, 2016, its Cost Allocation Services (CAS) will establish a document outlining standardized review procedures for supervisory review of workpapers and rate agreements. We are currently reviewing support received from HHS to determine if we can close the recommendation.
    Recommendation: To improve the design of internal controls over the indirect cost rate-setting process, the Director of CAS should develop internal guidance for negotiating indirect cost rates with all types of research organizations, including hospitals, as well as universities using the simplified method.

    Agency: Department of Health and Human Services: Division of Cost Allocation
    Status: Open

    Comments: HHS concurred with this recommendation. In response, HHS stated that its Cost Allocation Services (CAS) will update internal guidance for negotiating indirect cost rates with universities using the simplified method by December 31, 2016. This guidance will include an example under the two types of direct cost bases, a salary and wage base and a modified total direct cost base. CAS will develop internal guidance for negotiating with hospitals as soon as possible. We are currently reviewing support received from HHS to determine if we can close the recommendation.
    Recommendation: As NIH-DFAS begins formalizing its internal guidance, the Director of NIH-DFAS should update internal guidance to include key characteristics, such as policy number, purpose of the policy, effective date, and approving official, that are normally included in formal policy and procedures.

    Agency: Department of Health and Human Services: Public Health Service: National Institutes of Health: Office of Management: Office of Acquisition and Logistics Management: Office of Acquisition Management and Policy: Division of Financial Advisory Services
    Status: Open

    Comments: HHS concurred with this recommendation. In response, HHS stated that by December 31, 2016, National Institute of Health's Division of Financial Advisory Services (DFAS) will update internal guidance to include key characteristics that are normally included in formal policy and procedures. NIH-DFAS has finalized three of the five polices, which are effective as of July 1, 2017. The remaining two policies will be finalized by August 31st, 2017. We will continue to monitor the status of this recommendation.
    Recommendation: As NIH-DFAS begins formalizing its internal guidance, the Director of NIH-DFAS should develop detailed procedures for the completion and documentation of supervisory review of the indirect cost rate negotiation process to provide reasonable assurance that key control activities have been performed by the negotiator.

    Agency: Department of Health and Human Services: Public Health Service: National Institutes of Health: Office of Management: Office of Acquisition and Logistics Management: Office of Acquisition Management and Policy: Division of Financial Advisory Services
    Status: Open

    Comments: HHS concurred with this recommendation. In response, HHS stated that the National Institute of Health's Division of Financial Advisory Services (DFAS), will develop detailed procedures for the completion and documentation of supervisory review of the indirect cost rate negotiations process. NIH-DFAS has developed draft internal guidance to address the supervisory review of the indirect cost negotiation process. NIH-DFAS plans to finalize these procedures by August 31, 2017. We will continue to monitor the status of this recommendation.
    Recommendation: As NIH-DFAS begins formalizing its internal guidance, the Director of NIH-DFAS should establish a mechanism for tracking key milestones in the indirect cost rate-setting process, such as when indirect cost rate proposals are due.

    Agency: Department of Health and Human Services: Public Health Service: National Institutes of Health: Office of Management: Office of Acquisition and Logistics Management: Office of Acquisition Management and Policy: Division of Financial Advisory Services
    Status: Open

    Comments: HHS concurred with this recommendations. In response, HHS stated that National Institute of Health's Division of Financial Advisory Services (DFAS) will establish a mechanism for tracking key milestones in the indirect cost rate-setting process. NIH-DFAS has initiatives underway that include moving from paper to electronic submissions of indirect cost proposals and developing a replacement to its Commercial Rate Agreement Distribution Services website. DFAS is looking into the feasibility of incorporating key milestones into these two major initiatives. NIH-DFAS is currently working with a contractor to develop a web based system that will establish a tracking system to account for when indirect cost proposal are due from organizations. The original initiative to enable the electronic submission of indirect cost proposals was modified to incorporate this new requirement. NIH-DFAS anticipates the planned date for implementation of this system to be October 1, 2017. We will continue to monitor the status of this recommendation.
    Recommendation: To improve the design of internal controls over the indirect cost rate-setting process, the Director of ONR should implement the May 2014 policy requiring an annual review of guidance so that internal guidance is updated when changes are made to applicable regulations and procedures to reasonably assure that the guidance reflects current requirements.

    Agency: Department of Defense: Department of the Navy: Office of Naval Research
    Status: Open

    Comments: DOD concurred with this recommendation. In response, DOD stated that the Office of Naval Research (ONR) will comply with its requirement for an annual review of its internal policy on negotiating indirect costs. As of June 15, 2017, no updated information has been provided by the Department of Defense. We will continue to monitor the status of this recommendation.
    Recommendation: To improve the design of internal controls over the indirect cost rate-setting process, the Director of ONR should include in its internal guidance acceptable Defense Contract Audit Agency (DCAA) audit completion time frames and identify supplemental procedures to be performed by negotiators if DCAA cannot perform its audits timely or if DCAA issues a qualified opinion or rescinds one of its previously issued audit opinions, to reasonably assure that the indirect cost rate proposal has been adequately reviewed and the negotiated rate complies with applicable regulations.

    Agency: Department of Defense: Department of the Navy: Office of Naval Research
    Status: Open

    Comments: DOD concurred with this recommendation. In response, DOD stated that the Office of Naval Research's (ONR) internal guidance will be updated to provide more realistic audit report due dates and will include general procedures to be performed by negotiators in the case of untimely audits, qualified opinions, or rescinded opinions. As of June 15, 2017, no updated information has been provided by the Department of Defense. We will continue to monitor the status of this recommendation.
    Recommendation: To improve the design of internal controls over the indirect cost rate-setting process, the Director of ONR should develop detailed procedures for the completion and documentation of supervisory review of the indirect cost rate negotiation process to provide reasonable assurance that required certifications and assurances are obtained and follow-up with the research organization is documented.

    Agency: Department of Defense: Department of the Navy: Office of Naval Research
    Status: Open

    Comments: DOD partially concurred with this recommendation. DOD did not agree that the Office of Naval Research (ONR) lacks procedures to ensure supervisors confirm that negotiators adequately performed and documented key controls. DOD noted that both the primary and secondary supervisors are required to review and approve the Business Clearance Memorandum, which records steps performed by the negotiator. While we agree that the Business Clearance Memorandum documents steps performed by the negotiator, these steps are documented at a high level and do not include detailed procedures for supervisors to follow to reasonably assure that the negotiator has performed and documented all key control activities, such as obtaining all required certifications and assurances. DOD agreed in its response that ONR's Business Clearance Memorandum can be improved and stated that ONR will update it to require the negotiator to cross-reference the review steps to the proposal to facilitate the supervisor's review process. However, it is not clear whether the planned Business Clearance Memorandum revisions will include providing detailed procedures for supervisory review as we recommended. As of June 15, 2017, no updated information has been provided by the Department of Defense. We will continue to monitor the status of this recommendation.
    Recommendation: To improve the design of internal controls over the indirect cost rate-setting process, the Director of ONR should finalize and issue internal guidance for negotiating indirect cost rates with universities and nonprofit organizations, including establishing a time frame for issuance of the internal guidance, to help ensure that the procedures are implemented in a timely manner.

    Agency: Department of Defense: Department of the Navy: Office of Naval Research
    Status: Open

    Comments: DOD concurred with this recommendation. In response, DOD stated that the Office of Naval Research (ONR) is currently updating its internal guidance and currently plans to issue this guidance by December 31, 2016. As of June 15, 2017, no updated information has been provided by the Department of Defense. We will continue to monitor the status of this recommendation.
    Recommendation: To improve the design of internal controls over the indirect cost rate-setting process, the Director of ONR should update ONR's existing process for tracking key milestones in the indirect cost rate-setting process to include information such as when indirect cost rate proposals are overdue and when DCAA's audit reports are due.

    Agency: Department of Defense: Department of the Navy: Office of Naval Research
    Status: Open

    Comments: DOD concurred with this recommendation. In response, DOD stated that the Office of Naval Research will update its existing processes for tracking key milestones to include information such as due dates for rate proposals and DCAA audit reports. As of June 15, 2017, no updated information has been provided by the Department of Defense. We will continue to monitor the status of this recommendation.
    Director: Asif A. Khan
    Phone: (202) 512-9869

    7 open recommendations
    Recommendation: To improve the Navy's implementation of the FIAR Guidance for its General Fund FBWT FIP and facilitate efforts to achieve SBR auditability, the Secretary of the Navy should direct the Assistant Secretary of the Navy, Financial Management and Comptroller, to prepare a level I quantitative drilldown in accordance with the FIAR Guidance.

    Agency: Department of Defense: Department of the Navy
    Status: Open

    Comments: The Navy concurred with this recommendation and stated that it has actions planned, taken, or under way to prepare a quantitative drilldown. In August 2017 we contacted the Navy POC and requested an update on the status of this recommendation.
    Recommendation: To improve the Navy's implementation of the FIAR Guidance for its General Fund FBWT FIP and facilitate efforts to achieve SBR auditability, the Secretary of the Navy should direct the Assistant Secretary of the Navy, Financial Management and Comptroller, to prioritize audit readiness efforts for the key FBWT systems, prepare an audit strategy that identifies for each system (1) the Navy's plan for assessing the system to gain assurance that the system can be relied on; (2) the assessment types, including prioritizing the assessments based on qualitative and quantitative factors for each system; and (3) planned start and completion dates of these assessments for each system.

    Agency: Department of Defense: Department of the Navy
    Status: Open

    Comments: The Navy concurred with this recommendation and stated that it has actions planned, taken, or under way to prioritize audit readiness efforts for key FBWT systems. In August 2017 we contacted the Navy POC and requested an update on the status of this recommendation.
    Recommendation: To improve the Navy's implementation of the FIAR Guidance for its General Fund FBWT FIP and facilitate efforts to achieve SBR auditability, the Secretary of the Navy should direct the Assistant Secretary of the Navy, Financial Management and Comptroller, to prepare, in accordance with FIAR Guidance, the documentation of control activities and information technology general computer controls for significant systems; system certifications or accreditations; system, end user, and systems documentation locations; and hardware, software, and interfaces.

    Agency: Department of Defense: Department of the Navy
    Status: Open

    Comments: The Navy concurred with this recommendation and stated that it has actions planned, taken, or under way to document control activities, information technology general computer controls for significant systems, systems documentation locations, and hardware, software, and interfaces. In August 2017 we contacted the Navy POC and requested an update on the status of this recommendation.
    Recommendation: To improve the Navy's implementation of the FIAR Guidance for its General Fund FBWT FIP and facilitate efforts to achieve SBR auditability, the Secretary of the Navy should direct the Assistant Secretary of the Navy, Financial Management and Comptroller, to prepare an internal control assessment document for each assessable unit, summarizing control activities that are appropriately designed and in place.

    Agency: Department of Defense: Department of the Navy
    Status: Open

    Comments: The Navy concurred with this recommendation and stated that it has actions planned, taken, or under way to prepare an internal control assessment document. In August 2017 we contacted the Navy POC and requested an update on the status of this recommendation.
    Recommendation: To improve the Navy's implementation of the FIAR Guidance for its General Fund FBWT FIP and facilitate efforts to achieve SBR auditability, the Secretary of the Navy should direct the Assistant Secretary of the Navy, Financial Management and Comptroller, to perform sufficient testing for supporting documentation to reasonably determine whether such documentation, including that for key reconciliations, is available in a sustainable manner for future audit efforts.

    Agency: Department of Defense: Department of the Navy
    Status: Open

    Comments: The Navy concurred with this recommendation and stated that it has actions planned, taken, or under way to test the effectiveness of Fund Balance with Treasury controls, which includes assessing the availability of supporting documentation. In August 2017 we contacted the Navy POC and requested an update on the status of this recommendation.
    Recommendation: To improve the Navy's implementation of the FIAR Guidance for its General Fund FBWT FIP and facilitate efforts to achieve SBR auditability, the Secretary of the Navy should direct the Assistant Secretary of the Navy, Financial Management and Comptroller, to, for each fiscal year expected to be under audit, identify and address unusual and invalid transactions, abnormal balances, and missing data fields in the universe of collection and disbursement transactions.

    Agency: Department of Defense: Department of the Navy
    Status: Open

    Comments: The Navy concurred with this recommendation and stated that it has actions planned, taken, or under way to obtain monthly data from Defense Finance and Accounting Service on invalid Fund Balance with Treasury transactions. In August 2017 we contacted the Navy POC and requested an update on the status of this recommendation.
    Recommendation: To improve the Navy's implementation of the FIAR Guidance for its General Fund FBWT FIP and facilitate efforts to achieve SBR auditability, the Secretary of the Navy should direct the Assistant Secretary of the Navy, Financial Management and Comptroller, to update FBWT data flowcharts and narratives to fully describe the flow of data from the Navy's receipt of collection and disbursement transaction information through the financial statement line items, including the reversal of general ledger trial balance data generated by the automated system and other entries made within Defense Departmental Reporting System - Budgetary.

    Agency: Department of Defense: Department of the Navy
    Status: Open

    Comments: The Navy concurred with this recommendations and stated that it has actions planned, taken, or under way to develop procedures and documentation that describe the processes associated with the flow of data. In August 2017 we contacted the Navy POC and requested an update on the status of this recommendation.
    Director: Paula M. Rascona
    Phone: (202) 512-9816

    3 open recommendations
    including 3 priority recommendations
    Recommendation: To help ensure effective government-wide implementation and that complete and consistent spending data will be reported as required by the DATA Act, the Director of OMB, in collaboration with the Secretary of the Treasury, should establish or leverage existing processes and controls to determine the complete population of agencies that are required to report spending data under the DATA Act and make the results of those determinations publicly available.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open
    Priority recommendation

    Comments: OMB stated that each agency is responsible for determining whether it is subject to the DATA Act. To help agencies make that determination, OMB published guidance in the form of frequently asked questions and stated that the agencies may consult with OMB for additional counsel. In response to our recommendation, OMB staff told us they have reached out to federal agencies to identify which agencies have determined that they are exempt from reporting under the DATA Act and prepared a list of such agencies. However, OMB has not provided us the list or the procedures for reviewing agency determinations and compiling the results. In addition, OMB has not established procedures for ensuring non-exempt agencies are reporting spending data as required. Finally, OMB has not stated whether it will make the results of the determinations publicly available. Further, additional clarification would improve the usefulness of the frequently asked questions. For example, they state "Any Federal agency submitting data that OMB posts on its SF 133 Report on Budget Execution and Budgetary Resources is required to comply with DATA Act reporting." However, the SF 133 Report for the third quarter of 2016 includes entities such as the Postal Service which are not required by the DATA Act to report financial and payment information. In explaining the frequently asked questions to us, OMB officials clarified that they meant that an entity is required to report if its data appears on the SF 133 and it meets the applicable statutory definition of agency. The frequently asked questions document does not clearly communicate this two-prong approach. Additionally, OMB's verbal clarification when meeting with us does not account for those entities that meet the statutory definition of agency and are required by the DATA Act to report financial and payment information but do not appear on the SF 133. We will continue to assess OMB's efforts to address this recommendation.
    Recommendation: To help ensure effective government-wide implementation and that complete and consistent spending data will be reported as required by the DATA Act, the Director of OMB, in collaboration with the Secretary of the Treasury, should reassess, on a periodic basis, which agencies are required to report spending data under the DATA Act and make appropriate notifications to affected agencies.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open
    Priority recommendation

    Comments: OMB does not have plans to reassess, on a periodic basis, which agencies are required to report spending data under the DATA Act. We continue to believe action on this recommendation is important to effectively implement the DATA Act. We will continue to assess OMB's efforts to address this recommendation.
    Recommendation: To help ensure effective implementation of the DATA Act by the agencies and facilitate the further establishment of overall government-wide governance, the Director of OMB, in collaboration with the Secretary of the Treasury, should request that non-CFO Act agencies required to report federal spending data under the DATA Act submit updated implementation plans, including updated timelines and milestones, cost estimates, and risks, to address new technical requirements.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open
    Priority recommendation

    Comments: On June 15, 2016, OMB directed CFO Act agencies to update key components of their implementation plans by August 12, 2016. The requirement did not extend to non-CFO Act agencies. OMB stated that it is monitoring non-CFO Act agencies by providing feedback to non-CFO Act agencies through workshops instead of requesting updated implementation plan information. According to OMB officials, OMB has not followed-up with non-CFO Act agencies or requested updated implementation plan information because they are working with the CFO Act agencies which comprise approximately 90 percent of federal spending. In addition to these outreach efforts, OMB has worked with Treasury to engage with small and independent agencies through weekly phone calls and other forms of communication. However, the DATA Act applies to most federal agencies, and we believe that it is important to monitor smaller agencies' implementation plans as well as large agencies. We will continue to assess OMB's efforts to address this recommendation.
    Director: Valerie Melvin
    Phone: (202) 512-6304

    4 open recommendations
    Recommendation: To address weaknesses in the department's financial management systems modernization efforts, the Secretary of HUD should direct the Chief Financial Officer to work with the Chief Information Officer in managing subsequent initiatives to define a high-level depiction of the IT systems anticipated in the future state, a description of the operations that must be performed and who must perform them, and an explanation of where and how the operations are to be carried out.

    Agency: Department of Housing and Urban Development
    Status: Open

    Comments: In its comments on our draft report, HUD neither agreed nor disagreed with our recommendations, but noted that it planned to improve management practices and IT governance for future modernization efforts. In May 2017, HUD's Deputy Chief Information Officer reported that that the office was managing multiple enterprise-level initiatives no longer classified as financial management modernization efforts, but which are intended to address certain previously reported financial systems modernization needs. The department provided early high-level requirements and a solution architecture for one such initiative, including a future requirement to support data required for HUD's financial reporting needs from Treasury. However, HUD does not yet have a plan to develop a high-level concept of operations for IT systems anticipated in the future state. We intend to follow up on HUD's actions.
    Recommendation: To address weaknesses in the department's financial management systems modernization efforts, the Secretary of HUD should direct the Chief Financial Officer to work with the Chief Information Officer in managing subsequent initiatives to develop comprehensive plans for scope, schedule and cost.

    Agency: Department of Housing and Urban Development
    Status: Open

    Comments: In its comments on our draft report, HUD neither agreed nor disagreed with our recommendations, but noted that it planned to improve management practices and IT governance for future modernization efforts. In May 2017, the department provided an early project oversight plan and critical task schedule for one initiative related to enterprise data management, but these plans are not comprehensive and do not include, among other things, detailed cost estimates. We intend to follow up on HUD's actions.
    Recommendation: To address weaknesses in the department's financial management systems modernization efforts, the Secretary of HUD should direct the Chief Financial Officer to work with the Chief Information Officer in managing subsequent initiatives to ensure requirements are fully documented and traceable.

    Agency: Department of Housing and Urban Development
    Status: Open

    Comments: In its comments on our draft report, HUD neither agreed nor disagreed with our recommendations, but noted that it planned to improve management practices and IT governance for future modernization efforts. In March 2017, the department reported that the Chief Financial Officer and the Chief Information Officer intend to partner on future departmental financial management systems modernization efforts to fully document requirements and trace requirements to the functionality in the modernized system. In May 2017, department officials reported that the subsequent initiatives underway were following an Agile process yielding product-release backlogs as documentation of requirements for ongoing initiatives. They provided the initial backlog for an enterprise data management initiative. However, HUD could not demonstrate that these requirements were complete and traceable to mission needs. We intend to follow up on HUD's actions.
    Recommendation: The Secretary of HUD should also direct the Deputy Secretary to ensure that the Chief Information Officer takes action to improve IT governance control activities used for monitoring programs and identifying needed corrective actions, and strengthen investment oversight by improving coordination with stakeholders and alignment among IT modernization efforts.

    Agency: Department of Housing and Urban Development
    Status: Open

    Comments: In its comments on our draft report, HUD neither agreed nor disagreed with our recommendations, but noted that it planned to improve management practices and IT governance for future modernization efforts. In March 2017, the department reported on its fiscal year 2016 updates to charters of its IT governance boards, which provide oversight of all its IT investments, including financial management initiatives, and noted that business cases for proposed development and modernization initiatives had been discussed at governance meetings. HUD also reported that it had set up steering committees to supplement board governance and monitoring two enterprise-level modernization efforts and planned to apply mechanisms, such as project health assessments, intended to establish effective investment oversight. However, HUD has not yet demonstrated that the updated governance control activities have improved program monitoring and identified any needed corrective actions or that planned oversight mechanisms have improved coordination with stakeholders or alignment of modernization efforts. We intend to follow up on HUD's actions to ensure that planned improvements to governance and oversight mechanisms are effectively implemented and institutionalized.
    Director: Andrew Von Ah
    Phone: (213) 830-1011

    4 open recommendations
    Recommendation: To ensure effective management and oversight of DHS programs receiving fees and other collections, and to ensure that component management take the following actions for each fee and other collections program that they administer, the Secretary of Homeland Security should direct the DHS Chief Financial Officer to use some means, such as the DHS Fee Governance Council, to document the processes and analyses for assessing and, as appropriate, for managing the difference between program costs and collections and document resulting decisions.

    Agency: Department of Homeland Security
    Status: Open

    Comments: DHS's Fee Governance Council, led by the Deputy CFO plans to draft and publish a revised section of the Financial Management Policy Manual devoted to documenting the processes and analyses for assessing and managing the difference between program costs and collections and document resulting decisions. The Council is currently working to establish interim milestones associated with this objective.
    Recommendation: To ensure effective management and oversight of DHS programs receiving fees and other collections, and to ensure that component management take the following actions for each fee and other collections program that they administer, the Secretary of Homeland Security should direct the DHS Chief Financial Officer to use some means, such as the DHS Fee Governance Council, to establish processes for managing unobligated carryover balances, to include targets for minimum and maximum balances for programs that lack such processes and targets.

    Agency: Department of Homeland Security
    Status: Open

    Comments: The Fee Governance Council will draft and publish a revised section of the Financial Management Policy Manual devoted to managing unobligated carryover balances. The Council is currently working to develop specific milestones associated with this objective.
    Recommendation: To ensure effective management and oversight of DHS programs receiving fees and other collections, and to ensure that component management take the following actions for each fee and other collections program that they administer, the Secretary of Homeland Security should direct the DHS Chief Financial Officer to use some means, such as the DHS Fee Governance Council, to conduct reviews to identify any management and operational deficiencies.

    Agency: Department of Homeland Security
    Status: Open

    Comments: The DHS Fee Governance Council plans to publish a revised section of the Financial Management Policy Manual devoted to how components conduct studies of fee programs to identify any management or operational deficiencies. The Council is currently working to establish specific milestones associated with this objective.
    Recommendation: To ensure effective management and oversight of DHS programs receiving fees and other collections, and to ensure that component management take the following actions for each fee and other collections program that they administer, the Secretary of Homeland Security should direct the DHS Chief Financial Officer to use some means, such as the DHS Fee Governance Council, to take action to track and report on management and operational deficiencies--including reasons supporting any decisions to not pursue recommended actions--identified in fee reviews or through other means.

    Agency: Department of Homeland Security
    Status: Open

    Comments: The DHS Fee Governance Council will publish a revised section of the Financial Management Policy Manual devoted to how regular biennial reviews are conducted at DHS and how any findings and recommendations on management and operational deficiencies identified in these fee studies are tracked and reported.
    Director: Dawn B. Simpson
    Phone: (202) 512-3406

    1 open recommendations
    including 1 priority recommendation
    Recommendation: The Secretary of the Treasury should direct the Fiscal Assistant Secretary to develop and implement procedures to determine whether user accounts already exist before establishing or recertifying user accounts in the Governmentwide Treasury Account Symbol Adjusted Trial Balance System or Governmentwide Financial Report System.

    Agency: Department of the Treasury
    Status: Open
    Priority recommendation

    Comments: As of the completion of our fiscal year 2016 consolidated financial statements (CFS) audit, Treasury agreed that this recommendation remained open. Treasury plans to implement processes to validate new users who do not already have an existing account in the Governmentwide Treasury Account Symbol Adjusted Trial Balance System (GTAS) or the Governmentwide Financial Report System (GFRS); and to ensure that users do not have conflicting roles or privileges. We will follow-up on progress made by Treasury as part of our fiscal year 2017 CFS audit, which is ongoing as of March 2017.
    Director: Cheryl E. Clark
    Phone: (202) 512-9377

    4 open recommendations
    Recommendation: To help ensure that subsidy cost estimates for the Mutual Mortgage Insurance Fund are supported, reliable, and reasonable, the Secretary of Housing and Urban Development should direct the Principal Deputy Assistant Secretary for the Office of Housing to develop detailed policies and procedures over the subsidy cost estimation process that address, at a minimum, the documentation that should be prepared and maintained to support subsidy cost estimates and the process to document management review and approval of subsidy costs estimates.

    Agency: Department of Housing and Urban Development
    Status: Open

    Comments: In response to our recommendation, HUD said that a new contract was issued that will address documentation of the MMI cash flow model and the subsidy cost estimation process. HUD also said that it was in the process of developing a solicitation for a contractor to perform an independent verification and validation of the MMI cash flow model. HUD stated that completing this documentation of the subsidy cost estimation process will help management oversee the program as required by internal control standards and help support its subsidy cost estimates. We are awaiting supporting documentation for actions taken by HUD to address this recommendation.
    Recommendation: To help ensure that subsidy cost estimates for the Direct Student Loan Program are supported, reliable, and reasonable, the Secretary of Education should direct the Assistant Secretary for the Office of Planning, Evaluation and Policy Development to develop detailed policies and procedures over the subsidy cost estimation process that address, at a minimum, the documentation that should be prepared and maintained to support subsidy cost estimates and the process to document management review and approval of subsidy cost estimates.

    Agency: Department of Education
    Status: Open

    Comments: The Department of Education (Education) agreed with this recommendation. Education stated that has detailed procedures for developing and validating subsidy cost estimates. These procedures include, but are not limited to, establishing a baseline scenario, documenting each assumption individually, comparing estimates to actual data, and management review and sign-off. Education has begun drafting a more detailed document that will describe policies and procedures.
    Recommendation: To help ensure that subsidy cost estimates for the Direct Student Loan Program are supported, reliable, and reasonable, the Secretary of Education should direct the Assistant Secretary for the Office of Planning, Evaluation and Policy Development to develop detailed documentation of the cash flow model used to estimate subsidy costs, including the rationale for model calculations, all formulas and assumptions used in the model, data sources, the process to update and document changes to the model, and the process to document management review and approval of the model, which may be based on an independent verification and validation of the model to ensure that calculations are accurate and consistent with the model documentation.

    Agency: Department of Education
    Status: Open

    Comments: The Department of Education (Education) agreed with this recommendation. Education stated that it is committed to continuous improvements in its cash flow model and how it is documented. The cash flow model includes inputs of modeled data, referred to as assumptions, together with program-determined static values, such as interest rates and fees. Education stated that it will update its detailed documentation of its cash flow model. In addition, Education is investing staff and resources into developing a new cash flow model to estimate subsidy costs. Detailed documentation of this new cash flow model will be prepared before the model becomes operational. We will review Education's new cash flow model documentation once it is completed.
    Recommendation: To help ensure that subsidy cost estimates for the Direct Student Loan Program are supported, reliable, and reasonable, the Secretary of Education should direct the Assistant Secretary for the Office of Planning, Evaluation and Policy Development to document the procedures and results of such procedures used to develop or support key elements of the subsidy cost estimation process, addressing at a minimum (1) the reliability of historical data, (2) the rationale for informed opinion when applicable, (3) the methods used to calculate cash flow assumptions, (4) the process to ensure that subsidy cost estimates are consistent with the terms and conditions of the program, (5) the process to assess estimated cash flows for reasonableness, and (6) the process used to perform sensitivity analysis.

    Agency: Department of Education
    Status: Open

    Comments: The Department of Education (Education) agreed with this recommendation. Education stated that it will work on developing more detailed policies and procedures which will address the key elements referenced in this recommendation.
    Director: Beryl Davis
    Phone: (202) 512-2623

    2 open recommendations
    Recommendation: To help fulfill the IPERA and OMB requirements to submit proposals to Congress when agencies reach 3 or more consecutive years of noncompliance with IPERA criteria, the Secretary of Agriculture or a designee should submit a letter to Congress detailing proposals for reauthorization or statutory changes in response to 3 consecutive years of noncompliance as of fiscal year 2014 for its (1) Child and Adult Care Food Program; (2) School Breakfast Program; (3) National School Lunch Program; and (4) Special Supplemental Nutrition Program for Women, Infants, and Children. To the extent that reauthorization or statutory changes are not considered necessary to bring a program into compliance, the Secretary or designee should state so in the letter.

    Agency: Department of Agriculture
    Status: Open

    Comments: We provided a draft of this report to OMB, the IG offices of the 24 CFO Act agencies, and the CFO offices of those agencies with programs that were determined to be noncompliant with IPERA criteria for 3 consecutive years as of fiscal year 2014. In their e-mailed response, officials from the CFO office at USDA neither concurred nor disagreed with our recommendations. We will continue to monitor the status of this recommendation.
    Recommendation: To help fulfill the IPERA and OMB requirements to submit proposals to Congress when agencies reach 3 or more consecutive years of noncompliance with IPERA criteria, the Secretary of Defense or a designee should submit a letter to Congress detailing proposals for reauthorization or statutory changes in response to 3 consecutive years of noncompliance as of fiscal year 2014 for its Department of Defense Travel Pay program. To the extent that reauthorization or statutory changes are not considered necessary to bring the program into compliance, the Secretary or designee should state so in the letter.

    Agency: Department of Defense
    Status: Open

    Comments: We provided a draft of this report to OMB, the IG offices of the 24 CFO Act agencies, and the CFO offices of those agencies with programs that were determined to be noncompliant with IPERA criteria for 3 consecutive years as of fiscal year 2014. In their written comments, the offices of the DOD CFO and DOD IG concurred with our recommendations. The DOD CFO office noted that it does not consider reauthorization or statutory change necessary for its Travel Pay program, but will submit a letter to Congress containing planned actions for improvement by August 30, 2016. As of June 2, 2017, no updated information has been provided by the Department of Defense. We will continue to monitor the status of this recommendation.
    Director: Asif A. Khan
    Phone: (202) 512-9869

    1 open recommendations
    Recommendation: To improve budgeting and management of carryover, the Secretary of Defense should direct the Secretary of the Army to direct the Army Materiel Command to incorporate in its regulation provisions for a repair process that includes upfront communication and coordination among AMC and non-AMC stakeholders that will result in the development of a well-defined scope of work and parts needed by the Industrial Operations activities to perform the repair work that will help reduce carryover.

    Agency: Department of Defense
    Status: Open

    Comments: DOD stated that the Army will enforce policy and business rules that require Organic Industrial Base facilities to communicate with their customers early to verify the scope of work and ensure that the Army has the required capability, capacity, equipment, and parts needed to meet delivery schedules and avoid excessive carryover. DOD also stated that it will update its policy and publish its draft regulation during fiscal year 2017.
    Director: Malenich, J Lawrence
    Phone: (202) 512-3406

    5 open recommendations
    Recommendation: To provide reasonable assurance that the property, equipment, and software transactions are properly tracked and capitalized or expensed as appropriate, the Director of CFPB should direct the program offices to require vendors to provide detailed invoices with costs broken out by project.

    Agency: Consumer Financial Protection Bureau
    Status: Open

    Comments: During our fiscal year 2016 audit, we continued to find control deficiencies over CFPB's accounting for its property, equipment, and software. CFPB was still in the process of working with its Office of Procurement and program offices to require more detailed invoices with costs broken out by project. We will continue to evaluate CFPB's actions to address this recommendation during our fiscal year 2017 financial statement audit.
    Recommendation: To provide reasonable assurance that the property, equipment, and software transactions are properly tracked and capitalized or expensed as appropriate, the Director of CFPB should direct the Chief Financial Officer to update OCFO's financial records to include costs by project.

    Agency: Consumer Financial Protection Bureau
    Status: Open

    Comments: Although CFPB took actions to attempt to address this recommendation, as of September 30, 2016, there were still some unidentified costs in the OCFO's financial records. In addition, our fiscal year 2016 audit continued to identify deficiencies over the recording of property, equipment, and software costs. We will continue to evaluate CFPB's actions to address this recommendation during our fiscal year 2017 financial statement audit.
    Recommendation: The Director of CFPB should direct the Office of Technology and Innovation's Chief Information Officer to develop and document training materials that are consistent with CFPB's policies and procedures and provide training to employees, on a recurring basis, on how to conduct inventory of electronic equipment and how to update and maintain accurate inventory records.

    Agency: Consumer Financial Protection Bureau
    Status: Open

    Comments: During our fiscal year 2016 audit, we continued to find incomplete and inaccurate information in CFPB's inventory records. We will continue to evaluate CFPB's actions to address this recommendation during our fiscal year 2017 financial statement audit.
    Recommendation: The Director of CFPB should direct the Chief Financial Officer and Chief Information Officer to develop and implement procedures that require coordination between the OCFO and the Office of Technology and Innovation to provide reasonable assurance that the records maintained by both divisions are accurate, consistent, complete, and comparable for inventory and accounting purposes.

    Agency: Consumer Financial Protection Bureau
    Status: Open

    Comments: During our fiscal year 2016 audit, we continued to find incomplete and inaccurate information in CFPB's inventory records. We will continue to evaluate CFPB's actions to address this recommendation during our fiscal year 2017 financial statement audit.
    Recommendation: The Director of CFPB should direct the Chief Financial Officer to design and implement effective procedures over the preparation of CFPB financial statements and note disclosures, including procedures such as completing the FAM 2010 and 2020 checklists at fiscal year-end, to provide reasonable assurance that the financial statements as of fiscal year-end are prepared in accordance with GAAP and note disclosures are adequate.

    Agency: Consumer Financial Protection Bureau
    Status: Open

    Comments: During our fiscal year 2016 audit, we continued to find errors and inconsistent disclosures in CFPB's financial statements, some of which resulted in post-closing adjusting entries. We will continue to evaluate CFPB's actions to address this recommendation during our fiscal year 2017 financial statement audit.
    Director: William J. Cordrey
    Phone: (404) 679-1873

    2 open recommendations
    Recommendation: To help provide better visibility of DOD's financial management status for decision makers and to improve oversight of DOD's audit readiness efforts to strengthen internal controls and improve financial practices and processes, the Under Secretary of Defense (Comptroller) should, while developing other formatting changes to be made in future reports, expand the semiannual FIAR Plan Status Report to include the extent to which assertions of audit readiness have been made without assurance that related controls are effective and the details of remediation activities taken and planned to correct the known internal control deficiencies.

    Agency: Department of Defense: Under Secretary of Defense (Comptroller)
    Status: Open

    Comments: DOD concurred with this recommendation and stated that its future FIAR Plan Status Reports will provide an increased level of detail regarding critical aspects of achieving audit readiness. DOD further stated that it would use the recommendation to develop and, where appropriate, enhance future semiannual Status Reports to include greater visibility into the progress and impediments related to PP&E audit readiness. Specifically, DOD stated that the Office of the Under Secretary of Defense (Comptroller) will work with the military departments to ensure that their audit readiness plans include specific milestones for addressing internal control deficiencies. The Comptroller expects completion by the November 2017 FIAR report. We will continue to evaluate DOD's actions to address this recommendation.
    Recommendation: To help provide better visibility of DOD's financial management status for decision makers and to improve oversight of DOD's audit readiness efforts to strengthen internal controls and improve financial practices and processes, the Under Secretary of Defense (Comptroller) should, while developing other formatting changes to be made in future reports, expand the semiannual FIAR Plan Status Report to include the details of military services' actions taken and progress made toward correcting the control deficiencies underlying the reported dealbreakers.

    Agency: Department of Defense: Under Secretary of Defense (Comptroller)
    Status: Open

    Comments: DOD concurred with this recommendation and stated that its future FIAR Plan Status Reports will provide an increased level of detail regarding critical aspects of achieving audit readiness. DOD further stated that it would use the recommendation to develop and, where appropriate, enhance future semiannual Status Reports to include greater visibility into the progress and impediments related to PP&E audit readiness. Specifically, DOD stated that the Office of the Under Secretary of Defense (Comptroller) will work with the military departments to ensure that their audit readiness plans include specific milestones for addressing internal control deficiencies. The Comptroller expects completion by the November 2017 FIAR report. We will continue to evaluate DOD's actions to address this recommendation.
    Director: Clark, Cheryl E
    Phone: (202) 512-9377

    12 open recommendations
    Recommendation: The IRS Commissioner should direct the appropriate IRS officials to establish a process to prevent Employment Operations staff from allowing potential employees to enter on duty without favorable determinations of suitability by Personnel Security adjudicators.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: In December 2015, the HCO developed a process and revised procedures in an attempt to improve the monitoring of Employment Operations office decisions to reasonably assure that new employees do not enter on duty before prescreening adjudications are completed and approved by Personnel Security adjudicators. However, during our fiscal year 2016 audit, we identified IRS employees who entered on duty without completed or approved suitability adjudication determinations. We will continue to evaluate IRS's actions to address this recommendation during our fiscal year 2017 audit.
    Recommendation: The IRS Commissioner should direct the appropriate IRS officials to establish a policy and procedures requiring IRS officials to review and address situations in which it is later discovered that an employee deemed unsuitable for employment during the prescreening process was erroneously allowed to enter on duty.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: While IRS responded that it established a policy and procedures, it did not provide documentation to sufficiently demonstrate that the policy and procedures were implemented. During our fiscal year 2016 audit, we identified an instance where an employee was allowed to enter on duty and it was subsequently discovered that this employee was deemed unsuitable for employment during the prescreening process. IRS did not provide additional documentation to demonstrate that its procedures had been carried out for this employee. We will continue to evaluate IRS's actions to address this recommendation during our fiscal year 2017 audit.
    Recommendation: The IRS Commissioner should direct the appropriate IRS officials to develop and provide training, on a recurring basis, to all Facilities Management and Security Services specialists and managers involved in the duress alarm validation and testing process to reinforce the related policies and procedures.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: According to IRS, in February 2016, AWSS developed and provided training on duress alarm validation and testing to FMSS specialists and managers. However, during our June 2016 field office audit testing, we found that the FMSS specialists responsible for the physical security at the sites we visited had not received training on duress alarm validation and testing. Further, our testing identified instances where (1) duress alarm testing did not include all duress alarms, (2) documented validations of the duress alarm inventory were not completed timely or available to individuals (FMSS and non-FMSS staff) before each test was conducted, and (3) descriptions of the duress alarm inventory used by the security specialist to conduct testing were labeled incorrectly. During follow up discussions with IRS officials, we were informed that FMSS specialists were not fully evaluating alarm test results and adhering to established procedures for monitoring those tests. We will continue to evaluate IRS's efforts to address this recommendation during our fiscal year 2017 audit.
    Recommendation: The IRS Commissioner should direct the appropriate IRS officials to establish and implement a policy requiring recurring training for TAC group and territory managers on their TSRRD responsibilities, including detailed instructions for completing responses to questions in TSRRD and for reviewing TSRRD submissions for accuracy and completeness. This training should be updated for changes in TSRRD questions over time and be provided to new TAC group and territory managers soon after they are hired or appointed.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: IRS efforts to address this recommendation are ongoing. IRS stated that during fiscal year 2017, the Wage and Investment organization will incorporate into the IRM its new training policy requiring training for TAC group and territory managers on their TSRRD responsibilities, including specific instructions for completing questions in TSRRD and for reviewing TSRRD submissions. According to IRS, this training will be provided on a recurring basis to account for changes in TSRRD questions and newly hired or appointed TAC group and territory managers. As these actions occurred after the end of fiscal year 2016, we will evaluate IRS's actions to address this recommendation during our fiscal year 2017 audit.
    Recommendation: The IRS Commissioner should direct the appropriate IRS officials to determine the reason(s) why staff did not always comply with IRS's established policies and procedures related to initiating, monitoring, and reviewing the monitoring of manual refunds and, based on this determination, establish a process to better enforce compliance with these requirements.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: IRS efforts to address this recommendation are ongoing. IRS stated that by September 2017, it will determine the reasons for staff noncompliance with established policies and procedures related to initiating, monitoring, and reviewing the monitoring of manual refunds, and based on this determination, establish a process to better enforce compliance with these requirements. We will continue to evaluate IRS's actions to address this recommendation during our fiscal year 2017 audit.
    Recommendation: The IRS Commissioner should direct the appropriate IRS officials to enhance the training program provided to COs to address all the job responsibilities related to certifying manual refunds for payment, including the required review of supporting documentation for manual refunds.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: IRS stated that in February 2016, it provided a refresher course to COs as part of their annual training to address their responsibilities related to certifying manual refunds. However, based on our review of the refresher course materials, the course did not address our recommendation to enhance the training program. For example, the materials did not provide guidelines on how to perform the required reviews related to certifying manual refunds. As a result, during our fiscal year 2016 audit, we continued to find instances where the COs did not comply with the review requirements. We will continue to evaluate IRS's actions to address this recommendation during our fiscal year 2017 audit.
    Recommendation: The IRS Commissioner should direct the appropriate IRS officials to identify the cause of and implement a solution for dealing with the periodic backlogs of ICO inventory that is hampering the performance of quality reviews.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: IRS efforts to address this recommendation are ongoing. IRS stated that by September 2017, it will identify a cause of and implement a solution for dealing with the periodic backlogs of ICO inventory. We will continue to evaluate IRS's actions to address this recommendation during our fiscal year 2017 audit.
    Recommendation: The IRS Commissioner should direct the appropriate IRS officials to establish policies for (1) how long an asset can remain in missing status before it is removed from P&E reported on the financial statements and (2) how long assets can go unverified during the annual inventory process before they are identified as missing in the property management system.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: IRS's IT organization issued AM064, Asset Management Policy Directive to Identify Uncertified Class A and Class B Assets as Missing in KISAM, effective October 1, 2016. The directive states that in accordance with the annual Hardware Asset Management Inventory Certification Plan, assets that are not verified or certified for more than two inventory cycles should be identified as missing in IRS's property management system. It further states that the property management system should be updated by the end of the first quarter of the fiscal year after an asset meets the "missing" criterion. In November 2016, IRS's CFO organization developed the Missing Assets Financial Reporting Assessment procedure, which states that assets in missing status for 1 year or more should be removed from the P&E reported on IRS's financial statements. As these actions occurred after the end of fiscal year 2016, we will evaluate IRS's actions to address this recommendation during our fiscal year 2017 audit.
    Recommendation: The IRS Commissioner should direct the appropriate IRS officials to establish and implement procedures to reasonably assure that missing assets are timely removed from the financial statements when applicable.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: In November 2016, IRS's CFO organization established the Missing Assets Financial Reporting Assessment procedure, which included procedures for identifying assets that have been in missing status in the property management system for 1 year or more and removing them from the P&E reported on the financial statements. As this procedure was established after the end of fiscal year 2016, we will evaluate IRS's implementation of this procedure during our fiscal year 2017 audit.
    Recommendation: The IRS Commissioner should direct the appropriate officials to establish and implement monitoring procedures designed to reasonably assure that the key detailed information for tangible capitalized P&E is properly recorded and updated in the KISAM system.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: IRS's IT organization established SOP FY17-01, Asset Management Program Monitoring and Review, effective October 1, 2016. The SOP details the IRS Asset Management Group's procedures for conducting a quarterly review on a sample of asset records and transactions in KISAM to verify the accuracy and completeness of key KISAM data elements and correct any discrepancies found. In September 2016, IRS issued AWSS-01-0916-0001, Interim Guidance for IRM 1.14.4, Personal Property Management, to require the FMSS territory manager or section chief to perform quarterly sample reviews of non-IT assets in KISAM to verify that key data elements are complete and updated. As these procedures were established after we conducted our internal control testing in fiscal year 2016, we will evaluate IRS's implementation of these procedures during our fiscal year 2017 audit.
    Recommendation: The IRS Commissioner should direct the appropriate officials to design a process to reasonably assure the adequacy of detailed supporting information for tangible P&E amounts recorded in the general ledger.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: IRS's actions to address this recommendation are ongoing. According to IRS, by September 2017, its CFO organization will implement a P&E subsidiary ledger, and will design and implement processes based on the subsidiary ledger that will reasonably assure the adequacy of detailed supporting information for tangible P&E amounts recorded in the general ledger. We will assess IRS's actions to address this recommendation during our fiscal year 2017 audit.
    Recommendation: The IRS Commissioner should direct the appropriate IRS officials to establish and implement detailed written procedures for calculating future lease payments for noncancelable operating leases that are reported in the notes to the financial statements. The procedures should (1) include steps for considering any ad hoc clauses that may have specific termination dates and (2) include a requirement for supervisory review to provide reasonable assurance of the accuracy of future lease payment amounts for noncancelable operating leases.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: In October 2016, IRS established procedures for calculating future lease payments for noncancelable operating leases that are reported in the notes to its financial statements. The procedures included (1) steps for considering any ad hoc clauses that may have specific termination dates and (2) a requirement for supervisor review to provide reasonable assurance of the accuracy of future lease payment amounts for noncancelable operating leases. As these actions occurred after the end of fiscal year 2016, we will evaluate IRS's actions to address this recommendation during our fiscal year 2017 audit.
    Director: Cary Russell
    Phone: (202) 512-5431

    2 open recommendations
    Recommendation: To ensure that risks associated with ALIS are addressed expediently and holistically, the Secretary of Defense should direct the F-35 Program Executive Officer to improve the reliability of its cost estimates, conduct uncertainty and sensitivity analyses consistent with cost-estimating best practices identified in GAO's Cost Estimating and Assessment Guide.

    Agency: Department of Defense
    Status: Open

    Comments: According to DOD officials, the F-35 Program regularly performs sensitivity analysis in its cost estimates. The F-35 Cost Team runs drills throughout the year on varying ground rules and assumptions for all elements of the sustainment Annual Cost Estimate (ACE), including ALIS cost elements. These drills are used to assess cost impacts of various proposed requirements changes from the F-35 Program Office and the Services. The cost models capture the sensitivity of those technical baseline changes and the F-35 Program Office and Services use those results to inform the final technical baseline definition that becomes the basis of the annual estimate update. Although these measures are regularly performed, they do not constitute a direct uncertainty or sensitivity analysis on ALIS itself. For that reason, as of September 2017, this recommendation remains open.
    Recommendation: To ensure that risks associated with ALIS are addressed expediently and holistically, the Secretary of Defense should direct the F-35 Program Executive Officer to improve the reliability of its cost estimates, ensure that future estimates of ALIS costs use historical data as available and reflect significant program changes consistent with cost-estimating best practices identified in GAO's Cost Estimating and Assessment Guide.

    Agency: Department of Defense
    Status: Open

    Comments: According to DOD officials, as part of the cost estimating processes in the F-35 Program Office, the sustainment Annual Cost Estimate does incorporate the latest available historical cost data and reflects the latest approved technical baseline. For example, the latest hardware procurement costs from the most recent annual contracts for the F-35 were incorporated into the 2016 Annual Cost Estimate update as were the manpower assembly installation costs based on final delivered item prices. Although these are positive measures for the program and the cost estimate, the program has not incorporated a range of potential future costs that may better reflect actual ALIS costs. Until this step is taken, the recommendation will remain open.
    Director: Lawrance Evans, Jr.
    Phone: (202) 512-8678

    6 open recommendations
    Recommendation: Congress should consider whether additional changes to the financial regulatory structure are needed to reduce or better manage fragmentation and overlap in the oversight of financial institutions and activities to improve (1) the efficiency and effectiveness of oversight; (2) the consistency of consumer and investor protections; and (3) the consistency of financial oversight for similar institutions, products, risks, and services. For example, Congress could consider consolidating the number of federal agencies involved in overseeing the safety and soundness of depository institutions, combining the entities involved in overseeing the securities and derivatives markets, transferring the remaining prudential regulators' consumer protection authorities over large depository institutions to the Consumer Financial Protection Bureau, and the optimal role for the federal government in insurance regulation, among other considerations.

    Agency: Congress
    Status: Open

    Comments: One bill has been introduced in the 115th Congress that would change the financial regulatory structure to address fragmented and overlapping regulatory authorities among agencies, as GAO suggested in February 2016. H.R. 594 was introduced on January 20, 2017, and calls for the functions of the Commodity Futures Trading Commission and the Securities and Exchange Commission to be combined in a single independent regulatory commission. Such an action could help to address fragmentation and overlap between the two agencies, and reduce opportunities for inefficiencies in the regulatory process and inconsistencies in how regulators conduct oversight activities over similar types of institutions, products, and risks.
    Recommendation: Congress should consider whether legislative changes are necessary to align FSOC's authorities with its mission to respond to systemic risks. Congress could do so by making changes to FSOC's mission, its authorities, or both, or to the missions and authorities of one or more of the FSOC member agencies to support a stronger link between the responsibility and capacity to respond to systemic risks. In doing so, Congress could solicit information from FSOC on the effective scope of its collective designation authorities, including any gaps.

    Agency: Congress
    Status: Open

    Comments: No legislative action identified. As of March 1, 2017, no legislation had been introduced that would align FSOC's authorities with its mission to respond to systemic risks, as GAO suggested in February 2016. Without such legislative changes, FSOC may lack the tools it needs to comprehensively address systemic risks that may emerge, and a gap will continue to exist in the post Dodd-Frank Wall Street Reform and Consumer Protection Act mechanisms for the mitigation of systemic risks.
    Recommendation: To help regulators address regulatory fragmentation and improve FSOC's ability to identify emerging systemic risks, as OFR develops and refines its financial stability monitoring tools, it should work with FSOC to determine ways in which to fully and regularly incorporate current and future monitors and assessments into Systemic Risk Committee deliberations, including, where relevant, those that present disaggregated or otherwise confidential supervisory information.

    Agency: Department of the Treasury: Financial Stability Oversight Council: Office of Financial Research
    Status: Open

    Comments: At the FSOC Systemic Risk Committee meeting held in December 2016, Treasury indicated that Office of Financial Research staff presented on the agency's Financial Stability Report. Officials indicated that they provided an assessment on potential financial stability risks, including macroeconomic, market, credit, funding and liquidity, and contagion risks. Systemic Risk Committee meeting attendees were able to compare and contrast these with the results from the Federal Reserve's systemic risk monitoring activities, which were also presented at the meeting. Office of Financial Research officials stated that there was general consensus at the meeting that these discussions were useful and that they should continue. GAO does not believe that this action is consistent with the intent of if February 2016 recommendation to fully and regularly incorporate current and future monitors and assessments into FSOC's Systemic Risk Committee deliberations. While GAO encourages sharing this type of information, the Office of Financial Research's Financial Stability Report is a publicly-available report. The intent of GAO's recommendation was to encourage the agency to fully incorporate all of its monitors into Systemic Risk Committee discussions, including its Financial Stability Monitor--its benchmark tool for assessing risks across the financial system. In addition, in its February 2016 report, GAO encouraged the agency to seek ways in which monitors that present disaggregated or otherwise confidential supervisory information can be incorporated in committee discussions. Without sharing such monitors and information, the Systemic Risk Committee may identify and advance the analysis of only a subset of systemic risks in a timely manner and may identify others too late or miss others altogether. The Financial CHOICE Act of 2016 was introduced in the 114th Congress. The act called for the Office of Financial Research to be eliminated. It was not passed before the end of the 114th Congress.
    Recommendation: To help regulators address regulatory fragmentation and improve FSOC's ability to identify emerging systemic risks, the Federal Reserve should work with FSOC to regularly incorporate the comprehensive results of its systemic risk monitoring activities into Systemic Risk Committee deliberations.

    Agency: Federal Reserve System
    Status: Open

    Comments: As of March 1, 2017, Federal Reserve officials indicated that they provided a presentation to FSOC's Systemic Risk Committee in December 2016, which included comprehensive results from its systemic risk monitoring activities. This action appears to be consistent with GAO's February 2016 recommendation, but the documentation provided by the Federal Reserve did not provide sufficient evidence that the agency has regularly incorporated these results into Systemic Risk Committee meetings. GAO will continue to monitor the Federal Reserve's participation in Systemic Risk Committee meetings to ensure that the agency continues to provide both regular and comprehensive results to the committee. Without better access to systemic risk monitoring tools and other outputs, the Systemic Risk Committee may identify and advance the analysis of only a subset of systemic risks in a timely manner and may identify others too late or miss others altogether.
    Recommendation: To more efficiently and effectively monitor the financial system for systemic risks and reduce the risk of unnecessary duplication, OFR and the Federal Reserve should jointly articulate individual and common goals for their systemic risk monitoring activities, including a plan to monitor progress toward articulated goals, and formalize regular strategic and technical discussions around their activities and outputs to support those goals.

    Agency: Department of the Treasury: Financial Stability Oversight Council: Office of Financial Research
    Status: Open

    Comments: As of March 1, 2017, the Federal Reserve and the Office of Financial Research had coordinated to organize semi-annual meetings to jointly discuss views from their respective monitoring of the financial system for risks; but these meetings had not yet taken place. The first of these meetings is to be held in May 2017 following the agencies' respective systemic risk exercises. Initiating these discussions addresses part of GAO's February 2016 recommendation. GAO plans to review documentation from these meetings in 2017 to further assess if the agencies will use these meetings to jointly articulate individual and common goals, including developing a plan to monitor progress toward the goals. Fully addressing GAO's recommendation could help to ensure comprehensiveness in systemic risk surveillance and reduced risk of duplication. On September 9, 2016, the Financial CHOICE Act of 2016 was introduced. It called for the Office of Financial Research to be eliminated. The legislation did not pass before the 114th Congress ended.
    Recommendation: To more efficiently and effectively monitor the financial system for systemic risks and reduce the risk of unnecessary duplication, OFR and the Federal Reserve should jointly articulate individual and common goals for their systemic risk monitoring activities, including a plan to monitor progress toward articulated goals, and formalize regular strategic and technical discussions around their activities and outputs to support those goals.

    Agency: Federal Reserve System
    Status: Open

    Comments: As of March 1, 2017, the Federal Reserve and the Office of Financial Research had coordinated to organize semi-annual meetings to jointly discuss views from their respective monitoring of the financial system for risks; but these meetings had not yet taken place. The first of these meetings is to be held in May 2017 following the agencies' respective systemic risk exercises. Initiating these discussions addresses part of GAO's February 2016 recommendation. GAO plans to review documentation from these meetings in 2017 to further assess if the agencies will use these meetings to jointly articulate individual and common goals, including developing a plan to monitor progress toward the goals. Fully addressing GAO's recommendation could help to ensure comprehensiveness in systemic risk surveillance and reduced risk of duplication. On September 9, 2016, the Financial CHOICE Act of 2016 was introduced. It called for the Office of Financial Research to be eliminated. The legislation did not pass before the 114th Congress ended.
    Director: J. Lawrence Malenich
    Phone: (202) 512-9399

    1 open recommendations
    Recommendation: The Foundation's Executive Director should update the Foundation's draft written policies and procedures over its contracting practices to include all key internal control activities, issue them in final form, and establish a date by which these actions will be completed.

    Agency: Morris K. Udall and Stewart L. Udall Foundation
    Status: Open

    Comments: The Foundation concurred with our recommendation and stated that it will implement the recommended actions. In addition, the Foundation stated that our recommendations will be incorporated in the Foundation's risk assessment documentation, established as a priority, and included in the Foundation's fiscal year 2016 Corrective Action Plan. As of July 2017, the Foundation has not implemented corrective actions to address this recommendation.
    Director: Asif A. Khan
    Phone: (202) 512-9869

    1 open recommendations
    including 1 priority recommendation
    Recommendation: To help meet its financial management improvement and audit readiness goals, the Secretary of Defense should direct the Under Secretary of Defense (Comptroller) to reconsider the status of the three panel recommendations that DOD classified as met that we determined were partially met and take the necessary actions to reasonably assure that these recommendations have been met.

    Agency: Department of Defense
    Status: Open
    Priority recommendation

    Comments: In September 2015, we reported that DOD had completed action on 6 of the Committee Panel's 29 recommendations. However, we disagreed with DOD's reported status of met for 3 other recommendations related to (1) attestations on audit readiness to be included in each of the Financial Improvement and Audit Readiness (FIAR) Plan Status Reports; (2) inclusion of FIAR-related goals in Senior Executive Service performance plans, and rewarding and evaluating performances over time based on those goals; and (3) the review of audit readiness assertions by component senior executive committees. In response to our recommendation, in its November 2015 FIAR Plan Status Report, DOD revised the implementation status for these three recommendations from met to partially met and gave further consideration to actions needed to reasonably assure whether the recommendations had been met. In its May 2016 FIAR Plan Status Report DOD stated that it had completed corrective action on one of these three Committee Panel recommendations and reported actions on the other two recommendations as partially met. As of May 2017, DOD reported that its actions for all three Congressional Panel recommendations met those recommendations. However, DOD had not yet identified a method to reward executives based on evaluated performance on FIAR-related goals. In addition, DOD needs to continue to state in each FIAR Plan Status Report whether DOD is on track to be audit ready as of September 30, 2017. Therefore, as of August 30, 2017, this recommendation was still open.
    Director: Beryl H. Davis
    Phone: (202) 512-2623

    1 open recommendations
    Recommendation: Congress should consider the options for sustaining the Oil Spill Liability Trust Fund as well as the optimal level of funding to be maintained in the Fund, in light of the expiration of the Fund's per-barrel tax funding source in 2017.

    Agency: Congress
    Status: Open

    Comments: We will continue to monitor the funding status.
    Director: Seto Bagdoyan
    Phone: (202) 512-6722

    1 open recommendations
    Recommendation: To help preserve a proven resource supporting the oversight community's analytic capabilities, Congress may wish to consider directing CIGIE to develop a legislative proposal to reconstitute the essential capabilities of the ROC to help ensure federal spending accountability. The proposal should identify a range of options at varying scales for the cost of analytic tools, personnel, and necessary funding, as well as any additional authority CIGIE may need to ensure such enduring, robust analytical and investigative capability for the oversight community.

    Agency: Congress
    Status: Open

    Comments: When we determine what steps Congress has taken, we will provide updated information.
    Director: Asif A. Khan
    Phone: (202) 512-9869

    1 open recommendations
    Recommendation: To improve the quality of DOD's financial statement audits and ensure that corrective actions to address audit recommendations are fully and effectively implemented prior to their closure, the Department of Defense Inspector General should ensure that Marine Corps corrective actions fully address audit recommendations and document auditor review of the actions taken before closing the related recommendations.

    Agency: Department of Defense: Office of the Inspector General
    Status: Open

    Comments: Our follow up in fiscal year 2015 was limited to a request for a documented process the DOD-IG may have developed and implemented to ensure all control issues detailed in the NFRs have been fully resolved; related corrective action plans were relevant and reviewed consistently and adequately; and the IPA/DOD-IG reviews were documented as part of the NFR review process. DOD-IG was not able to provide such documentation to support the statement provided in its response to our recommendation at the time the report was issued. Consequently, there was no documentation for us to review. In August 2017, we contacted the DOD-IG and requested an update on the status of efforts to address this recommendation. Also, per the contract with an IPA for the USMC's fiscal year 2017 financial statement audit, the IPA is to follow up on status of efforts to address prior year recommendations.
    Director: Beryl H. Davis
    Phone: (202) 512-2623

    3 open recommendations
    Recommendation: To strengthen BLM's controls and reasonably assure accountability over mining law program expenditures, both payroll and nonpayroll, the Secretary of the Interior should direct the Director of the Bureau of Land Management to establish procedures for regular and timely communication to all BLM employees on policy and procedural changes affecting the mining law program's expenditure-related processes.

    Agency: Department of the Interior
    Status: Open

    Comments: In support of closing this recommendation, officials from the Department of Interior's (DOI) Bureau of Land Management (BLM) provided us with an example of its timely communication (dated September 20, 2016) to BLM employees to announce the issuance of its revised Fund Code Handbook (dated August 12, 2016). They also re-iterated their policy about sending updates regarding guidance changes, which is included in its directives handbook. We reviewed the directives handbook and verified that it contains guidance for communicating policy and procedural changes affecting the mining law program's expenditure-related processes. However, we were unable to determine what procedures were established to ensure the regular and timely communication to all employees of policy and procedural changes take place. While we see the directives handbook is a good start towards meeting the intent of our recommendation, we did not see evidence within the directives handbook that requires these communications to be sent to employees within a specific timeframe (e.g., within 30 days of issuance of policy and procedural changes). We will continue to monitor the agency's actions to address this recommendation.
    Recommendation: To strengthen BLM's controls and reasonably assure accountability over mining law program expenditures, both payroll and nonpayroll, the Secretary of the Interior should direct the Director of the Bureau of Land Management to develop and implement a training program that provides all BLM employees with an understanding of the use of the mining law program funds to reasonably assure uniform application and effective execution of BLM policies and procedures. This training, to be successful, should be provided to all BLM employees who charge the program and communicate clear instructions on how employees should charge, document, and review transactions related to mining law program expenditures.

    Agency: Department of the Interior
    Status: Open

    Comments: The Department of Interior's (DOI) Bureau of Land Management (BLM) agreed with our recommendation. On September 22, 2016, DOI's BLM informed us that the training material that will address this recommendation has been developed and reviewed by the BLM's Mining Law Administration Program and Budget leads. The BLM's National Training Center is currently preparing the training to be posted to "DOI Learn", the Department of the Interior's training portal. Once the training is ready for use, BLM anticipates issuing an Information Memorandum that directs targeted staff to complete the training. At the present time, the training is expected to be ready by end of fiscal year 2017. We will continue to monitor the agency's actions to address this recommendation.
    Recommendation: To strengthen BLM's controls and reasonably assure accountability over mining law program expenditures, both payroll and nonpayroll, the Secretary of the Interior should direct the Director of the Bureau of Land Management to develop and implement internal control activities for regularly monitoring compliance with expenditure-related policies and procedures in the mining law program. These activities should, at a minimum, (1) determine whether transactions were recorded to the correct subactivity and verified by an approving official and (2) assure that documentary evidence of review is maintained, as required in BLM's policies and procedures.

    Agency: Department of the Interior
    Status: Open

    Comments: The Department of Interior's (DOI) Bureau of Land Management (BLM) agreed with our recommendation. On September 22, 2016, DOI's BLM informed us that DOI's BLM is developing a repeatable standardized annual internal control process which will include validation of Mining Law Administration Program (MLAP) expenditure transactions utilizing a "canned" report that is generated from the Financial Business Management System (FBMS), which is DOI's BLM's financial accounting system. This process will be incorporated into an existing DOI's BLM-wide budgetary review cycle requirement, such as the formal mid-year or 3rd quarter fiscal year reviews. The MLAP expenditures report will be distributed to DOI?s BLM state offices with instructions to obtain an adequate sample size from which to test MLAP fund transactions for compliance with Bureau policy. State budget officials will be required to identify their findings, corrective actions and certify the results from this exercise. It is anticipated that this requirement will be disseminated to the DOI's BLM state offices by Instruction Memorandum. The source report to be used for these reviews is still in the development stage and it is expected to be completed by end of fiscal year 2017. We will continue to monitor the agency's actions to address this recommendation.
    Director: Goldstein, Mark L
    Phone: (202) 512-2834

    2 open recommendations
    Recommendation: To strengthen the Washington Metropolitan Area Transit Authority's (WMATA) risk assessment and monitoring components of internal control, WMATA's board of directors, working with the General Manager and Chief Executive Officer of WMATA, should direct the appropriate WMATA officials to develop and implement a policy and related procedures for assessing WMATA's financial management-related risks.

    Agency: Washington Metropolitan Area Transit Authority
    Status: Open

    Comments: In July and August 2016, WMATA officials described to GAO the steps they have taken to address this recommendation. However, WMATA did not provide sufficient supporting documentation for GAO to verify that the recommendation was implemented. GAO continues to work with WMATA to understand the steps it has taken to address this recommendation.
    Recommendation: To strengthen the WMATA's risk assessment and monitoring components of internal control, WMATA's board of directors, working with the General Manager and Chief Executive Officer of WMATA, should direct the appropriate WMATA officials to develop and implement a policy and related written procedures for the Office of Internal Compliance to monitor the design and operating effectiveness of the five components of internal control related to financial management.

    Agency: Washington Metropolitan Area Transit Authority
    Status: Open

    Comments: In July and August 2016, WMATA officials described to GAO the steps they have taken to address this recommendation. However, WMATA did not provide sufficient supporting documentation for GAO to verify that the recommendation was implemented. GAO continues to work with WMATA to understand the steps it has taken to address this recommendation.
    Director: Beryl H. Davis
    Phone: (202) 512-2623

    2 open recommendations
    Recommendation: To provide increased performance audit coverage of Commerce's bureaus and offices, the Commerce IG should augment the OIG's risk-based audit planning process to consider (1) a rotation of performance audit coverage among the smaller bureaus and offices to help ensure that the economy, efficiency, and effectiveness of their programs are periodically reviewed and (2) all applicable high-risk areas identified by GAO.

    Agency: Department of Commerce: Office of the Inspector General
    Status: Open

    Comments: The Department of Commerce's Office of Inspector General (OIG) has taken actions to augment its annual risk assessment to consider (I) a rotation of performance audit coverage among the smaller bureaus and offices and (2) all applicable high-risk areas identified by GAO. For example, OIG's fiscal year (FY) 2016 audit plan included performance audits of Bureau of Industry and Security, Economic Development Administration, and Economic Development Administration, which are three of Commerce's smaller bureaus. It also included a performance audit of federal real property, a high-risk area identified by GAO. Further, OIG indicated completion of its FY 2017 risk assessment in June, and will be completing its FY 2017 audit plan in September - which will include performance audits of several of the Commerce's smaller bureaus, as well as consider the following high-risk areas identified by GAO in its 2015 report that could be applicable to Commerce. We believe OIG met the intent of GAO recommendation with regards to augmenting its annual risk assessment to consider (1) a rotation of performance audit coverage among the smaller bureaus and offices and (2) all applicable high-risk areas identified by GAO. We base our conclusion given that OIG has either conducted or scheduled to conduct performance audits to cover smaller bureaus and high-risk areas identified by GAO, which we verified on the OIG's website. However, we believe the intent of GAO's recommendation is for these audits to be performed in subsequent years going forward and not just in FY 2017. OIG was not able to provide us support to show it has formal procedures or policies in place to ensure these performance audits will be performed in future years on a rotational and periodic basis. As a result, we don't believe DOC OIG has fully met the intent of the recommendation. We will continue to monitor the agency's actions to address this recommendation.
    Recommendation: To provide reasonable assurance that written hotline policies and procedures are consistently followed and complaints are handled effectively, the Commerce IG should enhance the existing internal control activities for the OIG's hotline operations through monitoring, including self-assessment evaluations conducted by the hotline unit of itself, periodic reviews of control design, and direct testing of internal controls.

    Agency: Department of Commerce: Office of the Inspector General
    Status: Open

    Comments: The Department of Commerce's Office of Inspector General (OIG) stated that it conducted a self-assessment of its hotline operations in fiscal year 2016, updated its complaint management policy, and is securing independent quality control reviews. We have reviewed OIG quality assessment memorandum dated 11/3/15 and verified it shows that OIG performed a self-assessment of its hotline operations, which included (1) evaluating proper handling of complaints; (2) assignment of disposition codes; and (3) time frames for processing complaints. In addition, we have reviewed OIG's updated complaint management policy and verified it contains detailed policies and procedures over its hotline operations. Therefore, we believe OIG met the intent of the recommendation with regards to conducting a self-assessment evaluation. However, we did not see where OIG met the intent of GAO recommendation with regards to having in place control activities for conducting periodic reviews of control design and direct testing of internal controls. We will continue to monitor the agency's actions to address this recommendation.
    Director: Clark, Cheryl E
    Phone: (202) 512-9377

    6 open recommendations
    Recommendation: The Commissioner of IRS should direct the appropriate IRS officials to develop and implement agency-wide procedures to routinely monitor the accuracy of penalties recorded in taxpayer accounts to timely detect and correct errors.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: During fiscal year 2015, IRS conducted a trial quality review to evaluate the accuracy of penalty assessments recorded in a sample of taxpayer accounts and took action to address the errors it identified. Based on its trial review, IRS developed procedures for performing this type of review in June 2016 and informed us that it would formalize procedures in the IRM to include routine monitoring and testing of the accuracy of penalty assessments in taxpayer accounts. However, as of September 30, 2016, IRS had not implemented these procedures or documented them in the IRM. We will continue to evaluate IRS's actions to address this recommendation during our fiscal year 2017 audit.
    Recommendation: The Commissioner of IRS should direct the appropriate IRS officials to determine the reason(s) why taxpayer assistance centers (TAC) managers and personnel did not consistently comply with existing Internal Revenue Manual (IRM) requirements that TAC managers and personnel (1) perform and document reviews of the Follow-Up Review Log by the last day of the following month, (2) maintain control copies of transmittal forms, and (3) ship taxpayer receipts and information via traceable overnight mail and, based on this determination, establish a process to better enforce compliance with these requirements.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: IRS's efforts to address this recommendation are ongoing. IRS stated that it has performed a study of the causes of noncompliance with the IRM requirements and will complete all related corrective actions by May 2017. We will continue to evaluate IRS's actions to address this recommendation during our fiscal year 2017 audit.
    Recommendation: The Commissioner of IRS should update the IRM to require managers to reconcile transmittal forms with the Follow-Up Review Log to reasonably assure that personnel are properly entering transmittal forms into the log and are appropriately documenting follow-up on unacknowledged transmittals of taxpayer receipts and information.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: While IRS updated the IRM in April 2016 to require TAC managers to (1) perform a semiannual reconciliation of document transmittal forms to the associated Follow-Up Review Log to monitor employee compliance with IRM requirements and (2) document this reconciliation on Form 14698, Field Assistance Taxpayer Assistance Centers Remittance and Non-Remittance Log Reconciliation, our fiscal year 2016 audit testing identified instances where the use of the form was not fully implemented at the TACs we visited. Further, we continued to identify instances where TAC employees did not always (1) track document transmittals on the Follow-up Review Log and (2) follow up on late acknowledgments timely. In one instance, we found that TAC personnel did not document on the log the actions that were taken for a package that was lost; however, the manager had completed a review of the Follow-up Review Log. We will continue to evaluate the results of IRS's corrective actions during our fiscal year 2017 audit.
    Recommendation: The Commissioner of IRS should direct the appropriate IRS officials to establish a process to ensure that the requirement for unauthorized access awareness training is explicitly communicated to non-IRS contractors who have unescorted access to IRS facilities.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: IRS's efforts to address this recommendation are ongoing. IRS stated that by July 2017, it will partner with FPS and GSA to establish a process to help ensure that all contractors who require unescorted access are first approved for interim or final staff-like access and complete mandatory information protection and security awareness training within 10 business days of approved staff-like access. We will continue to evaluate IRS's actions to address this recommendation during our fiscal year 2017 audit.
    Recommendation: The Commissioner of IRS should direct the appropriate IRS officials to establish procedures to monitor whether non-IRS contractors with unescorted physical access to IRS facilities are receiving unauthorized access awareness training.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: IRS's efforts to address this recommendation are ongoing. IRS stated that by July 2017, it will send out a communication to its FMSS field offices that will include SOPs for monitoring training and acquiring unauthorized access awareness training documentation for each non-IRS contract employee. We will continue to evaluate IRS's actions to address this recommendation during our fiscal year 2017 audit.
    Recommendation: The Commissioner of IRS should direct the appropriate IRS officials to determine why staff did not consistently comply with IRS's existing requirements for the final candling of receipts at service center campuses and lockbox banks, including logging remittances found during final candling on the final candling log at the time of discovery, safeguarding the remittances at the time of discovery, transferring the remittances to the deposit unit promptly, and passing one envelope at a time over the light source, and based on this determination, establish a process to better enforce compliance with these requirements.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: IRS's efforts to address this recommendation are ongoing. IRS stated that by July 2017, it will identify and analyze the risks associated with candling at the SCCs and lockbox banks, along with any mitigating factors, to determine if further actions are warranted. We will continue to evaluate IRS's actions to address this recommendation during our fiscal year 2017 audit.
    Director: Dalkin, James R
    Phone: (202) 512-3133

    1 open recommendations
    Recommendation: The U.S. Securities and Exchange Commission should direct the COO and CFO to implement controls, such as periodic reviews of asset dispositions, to help reasonably assure that SEC's procedures for the preparation and maintenance of documentation related to the disposition of assets are consistently implemented and that any deviations from established procedures are documented.

    Agency: United States Securities and Exchange Commission
    Status: Open

    Comments: SEC Officials are still working on corrective actions as of the end of fiscal year 2016. We will follow up on this recommendation during our fiscal year 2017 SEC financial statement audit.
    Director: Beryl H. Davis
    Phone: (202) 512-2623

    3 open recommendations
    Recommendation: To help reduce the risk that improper payment estimates related to DRAA funding developed and reported by selected agencies may not be accurate or reliable, and to help ensure that DOT produces reliable estimates of its DRAA improper payments, as applicable to each administration, the Secretary of Transportation should direct the Administrators of the Federal Aviation Administration, Federal Highway Administration, Federal Railroad Administration, and Federal Transit Administration to revise their policies and procedures for estimating improper payments by: (1) clearly identifying roles and responsibilities for estimating improper payments; (2) defining improper payments consistently with IPIA, as amended, and OMB Circular No. A-123, Appendix C; (3) requiring payments to federal employees to be included in populations for testing as required by IPIA, as amended; (4) including steps to assess the completeness of the population of transactions used for selecting the samples to be tested; (5) requiring the agency to maintain sufficient documentation to support improper payment estimates; (6) requiring that the sampling methodologies meet the precision requirements outlined in OMB Circular No. A-123, Appendix C; and (7) requiring a consultation with a statistician to ensure the validity of sample design, sample size, and measurement methodology.

    Agency: Department of Transportation
    Status: Open

    Comments: On April 14, 2017, we were informed that the Office of the Chief Financial Officer has oversight over the Department of Transportation's (DOT) improper payments implementation and is revising DOT's policies for estimating improper payments. DOT plans to complete this action by 10/31/2017. We will continue to monitor the status of this recommendation.
    Recommendation: To help reduce the risk that improper payment estimates related to DRAA funding developed and reported by selected agencies may not be accurate or reliable, and to help ensure that the Department of Housing and Urban Development produces reliable estimates of its DRAA improper payments, the Secretary of Housing and Urban Development should direct appropriate officials to revise its policies and procedures for estimating improper payments by (1) requiring payments to federal employees to be included in populations for testing as required by the Improper Payments Information Act of 2002 (IPIA), as amended, and (2) including steps to assess the completeness of the population of transactions used for selecting the samples to be tested.

    Agency: Department of Housing and Urban Development
    Status: Open

    Comments: Overall, we believe the Department of Housing and Urban Development (HUD) is on track for taking corrective actions that meet the intent of GAO recommendation. For example, we believe HUD has met the intent of this recommendation with regards to HUD revising its policies and procedures for estimating improper payments. Specifically, we have reviewed HUD's updated recapture audit plan dated June 26, 2015, and verified it requires payments to federal employees to be included in populations for testing. However, we do not believe HUD has met the intent of this recommendation with regards to including steps to assess the completeness of the population of transactions used for selecting the samples to be tested. Specifically, we have not seen where HUD's policies and procedures show how HUD ensures that it is selecting from a complete list of grantee files when conducting tests related to estimating improper payments. On July 19, 2017, a HUD official explained that HUD does not have controls in place to ensure that the grantee files are complete. Further, the HUD official indicated that the grantee files come from the grantee, and HUD relies on the grantees to provide a complete list of files. However, HUD does not currently have a way to verify that this list is complete. According to the HUD official, HUD he will explore options HUD can implement for ensuring that grantee files are complete, including possibly having grantees to sign a statement certifying that their grantee files are complete when provided to HUD. We will continue to monitor the agency's actions to address this recommendation.
    Recommendation: To help reduce the risk that improper payment estimates related to DRAA funding developed and reported by selected agencies may not be accurate or reliable, and to help ensure that the U.S. Army Corps of Engineers (USACE) produces reliable estimates of its DRAA improper payments, the Secretary of the Army should direct the Chief of Engineers and Commanding General of USACE to revise policies and procedures for estimating improper payments by: (1) defining improper payments consistently with IPIA, as amended, and OMB Circular No. A-123, Appendix C; (2) requiring payments to federal employees to be included in populations for testing as required by IPIA, as amended; (3) including steps to assess the completeness of the population of transactions used for selecting the samples to be tested; (4) providing sufficient procedures for determining an error and what documentation is necessary to substantiate payment; and (5) requiring the agency to maintain sufficient documentation to support improper payment estimates.

    Agency: Department of Defense: Department of the Army
    Status: Open

    Comments: As of June 5, 2017, no updated information has been provided by the Department of Defense. We will continue to monitor the status of this recommendation.
    Director: Vijay D'Souza
    Phone: (202) 512-7114

    2 open recommendations
    including 2 priority recommendations
    Recommendation: To better assess and address the full extent of improper payments in the TRICARE program, the Secretary of Defense should direct the Assistant Secretary of Defense (Health Affairs) to implement a more comprehensive TRICARE improper payment measurement methodology that includes medical record reviews, as done in other parts of its existing postpayment claims review programs.

    Agency: Department of Defense
    Status: Open
    Priority recommendation

    Comments: The Department of Defense's Defense Health Agency (DHA) has taken some action to incorporate medical record reviews in its improper payment estimate, as GAO recommended in February 2015. In October 2016, DHA released a request for proposals for claim record reviews, including medical record reviews, that the agency plans to use to support the agency's requirement to identify and report on the potential of improper payments to the Office of Management and Budget. This is a good first step. Once DHA incorporates medical record reviews in its improper payment rate calculation methodology, GAO will be able to close this recommendation.
    Recommendation: To better assess and address the full extent of improper payments in the TRICARE program, and once a more comprehensive improper payment methodology is implemented, the Secretary of Defense should direct the Assistant Secretary of Defense (Health Affairs) to develop more robust corrective action plans that address underlying causes of improper payments, as determined by the medical record reviews.

    Agency: Department of Defense
    Status: Open
    Priority recommendation

    Comments: Until the department implements a more comprehensive TRICARE improper payment measurement methodology and identifies the underlying causes of improper payments, the full extent of improper payments in the TRICARE program will likely not be identified and addressed. As of October 2016, the Department of Defense's Defense Health Agency has not yet implemented a more comprehensive TRICARE improper payment measurement methodology, and has, therefore, not developed more robust corrective action plans.
    Director: David C. Trimble
    Phone: (202) 512-3841

    5 open recommendations
    Recommendation: To help improve its ability to assess the risk of improper payments and make more effective use of DOE and contractor resources, the Secretary of Energy should direct the department's Chief Financial Officer to revise the department's IPERA guidance and direct field office sites with responsibility for non-M&O contractor risk assessments to address risk factors as they relate to those sites and take steps to ensure sites implement it.

    Agency: Department of Energy
    Status: Open

    Comments: As of May 2017, DOE had revised its fiscal year 2015 and 2016 improper payments guidance. The revised guidance directs field office sites with responsibility for non-M&O contractor risk assessments to address risk factors as they relate to those sites. The guidance further requires each site Chief Financial Officer to certify to the accuracy of improper payments and risk rating. We will continue to monitor DOE's efforts to ensure sites implement this new guidance.
    Recommendation: To help improve its ability to assess the risk of improper payments and make more effective use of DOE and contractor resources, the Secretary of Energy should direct the department's Chief Financial Officer to revise the department's IPERA guidance and clarify how payment sites are to address risk factors and document the basis for their risk rating determinations and take steps to ensure sites implement it.

    Agency: Department of Energy
    Status: Open

    Comments: As of May 2017, DOE had revised its fiscal years 2015 and 2016 improper payments guidance requiring sites to prepare risk assessments using a new risk assessment format. The guidance states that the new format was developed to improve consistency among the sites and improve documentation supporting the risk ratings. In the new format, each risk factor includes a description of the risk factor, rating criteria and/or questions to consider during the evaluation to assist sites in determining a risk rating by payment type. The guidance also requires all sites to maintain supporting documentation for their risk assessment. We will continue to monitor DOE's efforts to ensure sites implement this new guidance.
    Recommendation: To help improve its ability to assess the risk of improper payments and make more effective use of DOE and contractor resources, the Secretary of Energy should direct the department's Chief Financial Officer to revise the department's IPERA guidance and clarify who is responsible at DOE for reviewing and approving risk assessments for consistency across sites and take steps to ensure those entities implement it.

    Agency: Department of Energy
    Status: Open

    Comments: As of May 2017, DOE had revised its fiscal years 2015 and 2016 improper payments guidance to require site Chief Financial Officers and the Director of Risk Management of the Loan Programs Office to provide a signed certification to DOE's Director of the Office of Finance and Accounting certifying to the accuracy of improper payments and the risk assessment and rating submitted. The guidance provides templates for these certifications. We will continue to monitor DOE's efforts to ensure sites implement this new guidance.
    Recommendation: To help improve its ability to assess the risk of improper payments and make more effective use of DOE and contractor resources, the Secretary of Energy should direct the department's Chief Financial Officer to revise the department's IPERA guidance and provide specific examples of other risk factors that present inherent risks likely to contribute to significant improper payments, in addition to the eight risk factors, direct payment sites to consider those when performing their improper payment risk assessments, and take steps to ensure sites implement it.

    Agency: Department of Energy
    Status: Open

    Comments: As of May 2017, DOE had revised its fiscal year 2015 and 2016 improper payments guidance. In addition to the required OMB risk factors, the guidance added the following additional risk factors to be included in the risk assessments: (1) contractor payment processing oversight and (2) segregation of duties. The guidance states these factors have been added to ensure that inherently high-risk areas that can contribute to a site's susceptibility to significant improper payments are properly evaluated. We will continue to monitor DOE's efforts to ensure sites implement this new guidance.
    Recommendation: To provide better transparency regarding its total known improper payments reported under IPERA, the Secretary of Energy should direct the department's Chief Financial Officer to improve public reporting on the amount of total known improper payments by disclosing additional information regarding this amount and the extent to which improper payments could be occurring.

    Agency: Department of Energy
    Status: Open

    Comments: As of May 2017, DOE had added supplemental information to its fiscal year 2016 Agency Financial Report. We will continue to gather additional information from DOE to determine the extent to which this information addresses the amount of total known improper payments.
    Director: Asif A. Khan
    Phone: (202) 512-9869

    2 open recommendations
    Recommendation: To help improve the implementation of GCSS-Army, the Secretary of the Army should ensure that the Under Secretary of the Army, in his capacity as the Chief Management Officer, directs the GCSS-Army Program Management Office to develop an updated schedule that fully incorporates best practices, including (1) assigning resources to all activities, (2) establishing durations of all activities, (3) confirming that the critical path is valid, and (4) ensuring reasonable total float.

    Agency: Department of Defense: Department of the Army
    Status: Open

    Comments: We are in the process of obtaining an updated integrated master schedule from DOD to determine if Army fully incorporated best practices. As of June 2017,Army officials told us that the integrated master schedule and revised cost estimate will not be available until December 2017. This recommendation remains open.
    Recommendation: To help improve the implementation of GCSS-Army, the Secretary of the Army should ensure that the Under Secretary of the Army, in his capacity as the Chief Management Officer, directs the GCSS-Army Program Management Office to update the cost estimate to fully incorporate best practices by documenting the results of (1) a risk and uncertainty analysis, (2) the cross-checking of major cost elements to see if results are similar, and (3) a sensitivity analysis.

    Agency: Department of Defense: Department of the Army
    Status: Open

    Comments: We are in the process of obtaining an updated cost estimate from DOD to determine if Army fully incorporated best practices. As of June 2017, Army officials told us that the integrated master schedule and revised cost estimate will not be available until December 2017. This recommendation remains open.
    Director: Beryl H. Davis
    Phone: (202) 512-2623

    2 open recommendations
    Recommendation: The Secretary of Health and Human Services should direct the Administrator of the Centers for Medicare and Medicaid Services to develop and implement policies and procedures for responding to nonroutine CCIIO-related financial management information requests, including procedures for documenting the preparation process and the review and approval of the results.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: The Department of Health and Human Services (HHS) disagreed with this recommendation. HHS management indicated that it has up-to-date and clearly documented standard operating procedures (SOP) for its normal day-to-day work processes, and did not believe that non-standard data requests lend themselves to documented, standard SOPs. In May 2016, HHS indicated that its position on this issue has not changed. In June 2017, HHS indicated that its position on this issue has not changed. GAO believes the recommendation is still valid.
    Recommendation: The Secretary of Health and Human Services should direct the Administrator of the Centers for Medicare and Medicaid Services to identify and evaluate options to facilitate more timely and independently verifiable reporting of CCIIO-related financial management information, such as enhancing Healthcare Integrated General Ledger Accounting System's standard reporting or custom reporting capabilities.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: The Department of Health and Human Services (HHS) disagreed with this recommendation. HHS indicated that it tracks appropriations in accordance with all relevant federal laws and regulations, and that the information was complete and verifiable. Federal accounting concepts and standards concerning managerial cost accounting allow flexibility for agency managers to develop costing methods that are best suited to their operational environment. HHS indicated that would continue to evaluate options of enhancing the standard and/or custom reporting capabilities of its core financial system; the Health Integrated General Ledger System (HIGLAS). In May 2016, HHS indicated that its position on this issue has not changed. In June 2017, HHS indicated that its position on this issue has not changed. GAO believes the recommendation is still valid.
    Director: Beryl H. Davis
    Phone: (202) 512-2623

    1 open recommendations
    Recommendation: In order to ensure that the Commission receives effective oversight of its major programs and operations, the Commission IG, or the individual or entity that ultimately assumes IG oversight responsibilities for the Commission under an alternate structure, should conduct inspections that are fully in accordance with CIGIE's Quality Standards for Inspection and Evaluation and the OIG's policies and procedures.

    Agency: Denali Commission
    Status: Open

    Comments: The Denali Commissions' office's directives include policies and procedures to address planning for, conduct of, and reporting on inspections and include a section on annual planning, risk assessments, and internal and external quality control processes and procedures. In March 2017, the Denali Commission's Inspector General (IG) provided us a template, which will be used to ensure that inspections are conducted in accordance with the Council of Inspectors General on Integrity and Efficiency's (CIGIE) Quality Standards for Inspection and Evaluation and the Office of Inspector General's (OIG) policies and procedures. We have reviewed this template and concluded that it meets the intent of our recommendation. However, this template was not available in time for use during the last inspection, which was performed in 2016 and issued in March 2017. We will obtain a copy of the next inspection report once issued to ensure this latest template was used before we consider closing our recommendation. We will continue to monitor the agency's actions to address this recommendation.
    Director: Clark, Cheryl E
    Phone: (202) 512-9377

    2 open recommendations
    Recommendation: The Commissioner of Internal Revenue should direct the appropriate IRS officials to establish and implement policies and procedures requiring a review process to reasonably assure that the accounts related to deceased taxpayers are only reopened for valid refunds.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: In January 2016, IRS automated the process of locking deceased taxpayer accounts during its year-end processing. However, during our fiscal year 2016 audit, we continued to find instances in which IRS employees reopened deceased taxpayer accounts and disbursed invalid refunds. We will continue to evaluate IRS's actions to address this recommendation during our fiscal year 2017 audit.
    Recommendation: The Commissioner of Internal Revenue should direct the appropriate IRS officials to establish and implement policies and procedures that require monitoring to reasonably assure that accounts related to deceased taxpayers that have been reopened are timely closed after processing the refund.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: In January 2016, IRS automated the process of locking accounts related to deceased taxpayers during its year-end processing. However, during our fiscal year 2016 audit, we continued to find instances in which IRS employees reopened deceased taxpayer accounts to process refunds and did not close them timely. We will continue to evaluate IRS's actions to address this recommendation during our fiscal year 2017 audit.
    Director: Asif A. Khan
    Phone: (202) 512-9869

    8 open recommendations
    including 8 priority recommendations
    Recommendation: To ensure that DFAS is able to obtain the necessary assurance that its contract pay end-to-end process can produce, maintain, and sustain accurate, complete, and timely information in support of the components' and DOD-wide financial improvement and audit readiness efforts, the Under Secretary of Defense (Comptroller)/Chief Financial Officer should direct the Director of the Defense Finance and Accounting Service to address deficiencies in its Discovery Phase planning activities for contract pay by documenting its contract pay end-to-end process by developing the necessary flowcharts and narratives for those processes excluded from the FIP.

    Agency: Department of Defense: Office of the Under Secretary of Defense (Comptroller)/Chief Financial Officer
    Status: Open
    Priority recommendation

    Comments: This recommendation remains open. On July 14, 2016, and August 10, 2016, we met with DFAS and Office of the Undersecretary of Defense (Comptroller) officials to discuss the status of the recommendations for this report, clarify the documentation DFAS provided so far and additional documentation needed to address this recommendation. In addition, we spoke with DFAS officials on September 20, 2016, to clarify additional questions they had on our documentation needs. As of October 2016, DFAS officials told us that they were still working on improvements to their process documentation and controls in the contract pay area. DFAS recently provided documentation to support its actions related to this recommendation and we will continue to review relevant documentation and monitor the actions taken by DFAS.
    Recommendation: To ensure that DFAS is able to obtain the necessary assurance that its contract pay end-to-end process can produce, maintain, and sustain accurate, complete, and timely information in support of the components' and DOD-wide financial improvement and audit readiness efforts, the Under Secretary of Defense (Comptroller)/Chief Financial Officer should direct the Director of the Defense Finance and Accounting Service to address deficiencies in its Discovery Phase planning activities for contract pay by assessing the materiality (i.e., dollar activity and risk factors) of its processes, systems, and controls.

    Agency: Department of Defense: Office of the Under Secretary of Defense (Comptroller)/Chief Financial Officer
    Status: Open
    Priority recommendation

    Comments: This recommendation remains open. On July 14, 2016, and August 10, 2016, we met with DFAS and Office of the Undersecretary of Defense (Comptroller) officials to discuss the status of the recommendations for this report, clarify the documentation DFAS provided so far and additional documentation needed to address this recommendation. In addition, we spoke with DFAS officials on September 20, 2016, to clarify additional questions they had on our documentation needs. As of October 2016, DFAS officials told us that they were still working on improvements to their process documentation and controls in the contract pay area. DFAS recently provided documentation to support its actions related to this recommendation and we will continue to review relevant documentation and monitor the actions taken by DFAS.
    Recommendation: To ensure that DFAS is able to obtain the necessary assurance that its contract pay end-to-end process can produce, maintain, and sustain accurate, complete, and timely information in support of the components' and DOD-wide financial improvement and audit readiness efforts, the Under Secretary of Defense (Comptroller)/Chief Financial Officer should direct the Director of the Defense Finance and Accounting Service to address deficiencies in its Discovery Phase planning activities for contract pay by completing a memorandum of understanding with each of the components.

    Agency: Department of Defense: Office of the Under Secretary of Defense (Comptroller)/Chief Financial Officer
    Status: Open
    Priority recommendation

    Comments: This recommendation remains open. On July 14, 2016, and August 10, 2016, we met with DFAS and Office of the Undersecretary of Defense (Comptroller) officials to discuss the status of the recommendations for this report, clarify the documentation DFAS provided so far and additional documentation needed to address this recommendation. In addition, we spoke with DFAS officials on September 20, 2016, to clarify additional questions they had on our documentation needs. As of October 2016, DFAS officials told us that they were still working on improvements to their process documentation and controls in the contract pay area. DFAS recently provided documentation to support its actions related to this recommendation and we will continue to review relevant documentation and monitor the actions taken by DFAS.
    Recommendation: To ensure that DFAS is able to obtain the necessary assurance that its contract pay end-to-end process can produce, maintain, and sustain accurate, complete, and timely information in support of the components' and DOD-wide financial improvement and audit readiness efforts, the Under Secretary of Defense (Comptroller)/Chief Financial Officer should direct the Director of the Defense Finance and Accounting Service to address deficiencies in its Discovery Phase testing activities by validating the completeness and accuracy of the populations of transactions used to perform testing.

    Agency: Department of Defense: Office of the Under Secretary of Defense (Comptroller)/Chief Financial Officer
    Status: Open
    Priority recommendation

    Comments: This recommendation remains open. On July 14, 2016, and August 10, 2016, we met with DFAS and Office of the Undersecretary of Defense (Comptroller) officials to discuss the status of the recommendations for this report, clarify the documentation DFAS provided so far and additional documentation needed to address this recommendation. In addition, we spoke with DFAS officials on September 20, 2016, to clarify additional questions they had on our documentation needs. As of October 2016, DFAS officials told us that they were still working on improvements to their process documentation and controls in the contract pay area. DFAS recently provided documentation to support its actions related to this recommendation and we will continue to review relevant documentation and monitor the actions taken by DFAS.
    Recommendation: To ensure that DFAS is able to obtain the necessary assurance that its contract pay end-to-end process can produce, maintain, and sustain accurate, complete, and timely information in support of the components' and DOD-wide financial improvement and audit readiness efforts, the Under Secretary of Defense (Comptroller)/Chief Financial Officer should direct the Director of the Defense Finance and Accounting Service to address deficiencies in its Discovery Phase testing activities by documenting and executing an audit strategy or plan for application-level testing of system controls.

    Agency: Department of Defense: Office of the Under Secretary of Defense (Comptroller)/Chief Financial Officer
    Status: Open
    Priority recommendation

    Comments: This recommendation remains open. On July 14, 2016, and August 10, 2016, we met with DFAS and Office of the Undersecretary of Defense (Comptroller) officials to discuss the status of the recommendations for this report, clarify the documentation DFAS provided so far and additional documentation needed to address this recommendation. In addition, we spoke with DFAS officials on September 20, 2016, to clarify additional questions they had on our documentation needs. As of October 2016, DFAS officials told us that they were still working on improvements to their process documentation and controls in the contract pay area. DFAS recently provided documentation to support its actions related to this recommendation and we will continue to review relevant documentation and monitor the actions taken by DFAS.
    Recommendation: To ensure that DFAS is able to obtain the necessary assurance that its contract pay end-to-end process can produce, maintain, and sustain accurate, complete, and timely information in support of the components' and DOD-wide financial improvement and audit readiness efforts, the Under Secretary of Defense (Comptroller)/Chief Financial Officer should direct the Director of the Defense Finance and Accounting Service to address deficiencies in its Discovery Phase testing activities by coordinating with the components to classify all identified deficiencies as control deficiencies, significant deficiencies, and material weaknesses.

    Agency: Department of Defense: Office of the Under Secretary of Defense (Comptroller)/Chief Financial Officer
    Status: Open
    Priority recommendation

    Comments: This recommendation remains open. On July 14, 2016, and August 10, 2016, we met with DFAS and Office of the Undersecretary of Defense (Comptroller) officials to discuss the status of the recommendations for this report, clarify the documentation DFAS provided so far and additional documentation needed to address this recommendation. In addition, we spoke with DFAS officials on September 20, 2016, to clarify additional questions they had on our documentation needs. As of October 2016, DFAS officials told us that they were still working on improvements to their process documentation and controls in the contract pay area. DFAS recently provided documentation to support its actions related to this recommendation and we will continue to review relevant documentation and monitor the actions taken by DFAS.
    Recommendation: To ensure that DFAS is able to obtain the necessary assurance that its contract pay end-to-end process can produce, maintain, and sustain accurate, complete, and timely information in support of the components' and DOD-wide financial improvement and audit readiness efforts, the Under Secretary of Defense (Comptroller)/Chief Financial Officer should direct the Director of the Defense Finance and Accounting Service to address deficiencies in its Corrective Action Phase activities by assessing the population of implemented corrective action plans to determine whether the deficiencies we found in our nongeneralizable sample of DFAS's corrective action plans are more wide spread in the population.

    Agency: Department of Defense: Office of the Under Secretary of Defense (Comptroller)/Chief Financial Officer
    Status: Open
    Priority recommendation

    Comments: This recommendation remains open. On July 14, 2016, and August 10, 2016, we met with DFAS and Office of the Undersecretary of Defense (Comptroller) officials to discuss the status of the recommendations for this report, clarify the documentation DFAS provided so far and additional documentation needed to address this recommendation. In addition, we spoke with DFAS officials on September 20, 2016, to clarify additional questions they had on our documentation needs. As of October 2016, DFAS officials told us that they were still working on improvements to their process documentation and controls in the contract pay area. DFAS recently provided documentation to support its actions related to this recommendation and we will continue to review relevant documentation and monitor the actions taken by DFAS.
    Recommendation: To ensure that DFAS is able to obtain the necessary assurance that its contract pay end-to-end process can produce, maintain, and sustain accurate, complete, and timely information in support of the components' and DOD-wide financial improvement and audit readiness efforts, the Under Secretary of Defense (Comptroller)/Chief Financial Officer should direct the Director of the Defense Finance and Accounting Service to address deficiencies in its Corrective Action Phase activities by revising its FIAR status reports to accurately reflect the current status of its audit readiness efforts.

    Agency: Department of Defense: Office of the Under Secretary of Defense (Comptroller)/Chief Financial Officer
    Status: Open
    Priority recommendation

    Comments: This recommendation remains open. On July 14, 2016, and August 10, 2016, we met with DFAS and Office of the Undersecretary of Defense (Comptroller) officials to discuss the status of the recommendations for this report, clarify the documentation DFAS provided so far and additional documentation needed to address this recommendation. In addition, we spoke with DFAS officials on September 20, 2016, to clarify additional questions they had on our documentation needs. As of October 2016, DFAS officials told us that they were still working on improvements to their process documentation and controls in the contract pay area. DFAS recently provided documentation to support its actions related to this recommendation and we will continue to review relevant documentation and monitor the actions taken by DFAS.
    Director: Gary Engel
    Phone: (202) 512-3406

    2 open recommendations
    including 2 priority recommendations
    Recommendation: The Secretary of the Treasury should direct the Fiscal Assistant Secretary, working in coordination with the Controller of OMB, to establish and implement policies and procedures for accounting for and reporting all significant General Fund activity and balances, obtaining assurance on the reliability of the amounts, and reconciling the activity and balances between the General Fund and federal entities.

    Agency: Department of the Treasury
    Status: Open
    Priority recommendation

    Comments: As of the completion of our fiscal year 2016 consolidated financial statements (CFS) audit, Treasury and OMB agreed that this recommendation remained open. Treasury has established the General Fund as a federal reporting entity. In fiscal year 2017, the focus will be on preparing for the first financial audit of the General Fund. We will follow-up on progress made by Treasury and OMB as part of our fiscal year 2017 CFS audit, which is ongoing as of March 2017.
    Recommendation: The Secretary of the Treasury should direct the Fiscal Assistant Secretary, working in coordination with the Controller of OMB, to establish a formalized process to require the performance of additional audit procedures specifically focused on intragovernmental activity and balances between federal entities to provide increased audit assurance over the reliability of such information.

    Agency: Department of the Treasury
    Status: Open
    Priority recommendation

    Comments: As of the completion of our fiscal year 2016 consolidated financial statements (CFS) audit, Treasury and OMB agreed that this recommendation remained open. As a result of multiple initiatives over the past few years, Treasury and OMB have seen a significant decrease in elimination differences of intragovernmental data submitted by federal entities. Therefore, Treasury and OMB have determined at this time there is not a justified need for the additional cost and burden on federal entities to implement additional audit procedures specifically focused on intragovernmental activity and balances. We will follow-up on progress made by Treasury and OMB as part of our fiscal year 2017 CFS audit, which is ongoing as of March 2017.
    Director: Asif A. Khan
    Phone: (202) 512-9869

    6 open recommendations
    Recommendation: To improve the Army's implementation of the FIAR Guidance for its General Fund SBR FIP for budget execution and facilitate remaining efforts to achieve SBR auditability, the Assistant Secretary of the Army, Financial Management and Comptroller should identify activity attributable to assessable units associated with service provider systems and business processes having a significant impact on the Army's SBR.

    Agency: Department of Defense: Department of the Army: Office of the Assistant Secretary for Financial Management and Comptroller
    Status: Open

    Comments: The Army concurred with this recommendation. In March 2015, Army officials indicated that the Army leveraged object class codes in its enterprise resource planning (ERP) systems to stratify business processes that have a significant impact on the Schedule of Budgetary Activity for fiscal year 2015 activity. The Army provided documentation supporting this effort; however, this documentation did not identify all activity attributable to assessable units associated with service provider systems and business processes having a significant impact on the Army's Statement of Budgetary Resources. In August 2016, we requested additional information from the Army. In November 2016, an Army representative indicated that the estimated timing for completing efforts to address this recommendation was the second quarter of 2017. We requested updates on the status of efforts to address this recommendation and as of August 2017, we have not received such an update.
    Recommendation: To improve the Army's implementation of the FIAR Guidance for its General Fund SBR FIP for budget execution and facilitate remaining efforts to achieve SBR auditability, the Assistant Secretary of the Army, Financial Management and Comptroller should coordinate efforts with service providers to obtain and document within memorandum of understanding memorandums of understanding a shared understanding of roles and responsibilities for processing Army data.

    Agency: Department of Defense: Department of the Army: Office of the Assistant Secretary for Financial Management and Comptroller
    Status: Open

    Comments: The Army concurred with this recommendation. The Army established a Mission Work Agreement (MWA) with Defense Finance and Accounting Service (DFAS), its most significant service provider, and documented concept of operations (CONOPS) regarding various business processes, such as civilian pay and Fund Balance with Treasury. However, the MWA and CONOPS did not include sufficient detail required to adequately understand roles and responsibilities for processing and reporting the Army's financial data. In January 2016, the Army indicated that it was developing a corrective action plan to formalize policies, procedures, and processes to assess third party providers that host or manage the Army's financial systems and data and will use this assessment to clarify its understanding of shared roles and responsibilities for processing Army data. According to the Army, this effort is expected to be completed the first quarter of fiscal year 2017. In August 2017 we requested an update on the status of efforts to address this recommendation from the Army point of contact.
    Recommendation: To improve the Army's implementation of the FIAR Guidance for its General Fund SBR FIP for budget execution and facilitate remaining efforts to achieve SBR auditability, the Assistant Secretary of the Army, Financial Management and Comptroller should completely and accurately document the linkage of financial reporting objectives to control activities.

    Agency: Department of Defense: Department of the Army: Office of the Assistant Secretary for Financial Management and Comptroller
    Status: Open

    Comments: The Army concurred with this recommendation. In June 2015, Army officials indicated that the Army's four financial reporting objectives (FROs) have not yet been linked to control activities. Army officials stated that the Army is continuing to analyze collection, disbursement, and Fund Balance with Treasury processes and anticipates linking these FROs to control activities based on these efforts. We requested updates on the status of efforts to address this recommendation and as of August 2017, we have not received such an update.
    Recommendation: To improve the Army's implementation of the FIAR Guidance for its General Fund SBR FIP for budget execution and facilitate remaining efforts to achieve SBR auditability, the Assistant Secretary of the Army, Financial Management and Comptroller should document criteria and processes for identifying key information technology systems that have a significant impact on the Army's SBR audit readiness.

    Agency: Department of Defense: Department of the Army: Office of the Assistant Secretary for Financial Management and Comptroller
    Status: Open

    Comments: The Army concurred with this recommendation. In March 2015, Army officials indicated that the Army was in the process of identifying IT systems with a significant impact on the Army's Statement of Budgetary Resources (SBR) audit readiness. Furthermore, Army officials stated that for the fiscal year 2015 Schedule of Budgetary Activity Audit, the independent public accountant was conducting walkthroughs and assessing information technology systems for significant impact on Army's SBR audit readiness. In August 2016, we requested an update on the status of efforts to address this recommendation. In November 2016, an Army representative indicated that efforts were completed and a list of the criteria and processes would be provided to us. Subsequently, we requested a status update and as of August 2017, we have not received such an update.
    Recommendation: To improve the Army's implementation of the FIAR Guidance for its General Fund SBR FIP for budget execution and facilitate remaining efforts to achieve SBR auditability, the Assistant Secretary of the Army, Financial Management and Comptroller should obtain and assess the results of service provider SSAE No. 16 examinations upon completion to determine the adequacy of internal controls and document complete end-to-end business processes.

    Agency: Department of Defense: Department of the Army: Office of the Assistant Secretary for Financial Management and Comptroller
    Status: Open

    Comments: The Army concurred with this recommendation. As of January 2016, Army officials indicated that the Army continued to assess SSAE 16 reports including complimentary controls and incorporating end-to-end business processes as applicable. According to the Army, the estimated completion date for these efforts was the fourth quarter of fiscal year 2016, which in November 2016, was revised to the second quarter of fiscal year 2017. We requested updates on the status of efforts to address this recommendation and as of August 2017, we have not received such an update.
    Recommendation: To improve the Army's implementation of the FIAR Guidance for its General Fund SBR FIP for budget execution and facilitate remaining efforts to achieve SBR auditability, the Assistant Secretary of the Army, Financial Management and Comptroller should correct significant deficiencies or material weaknesses identified before asserting audit readiness and engaging an IPA to validate the assertion.

    Agency: Department of Defense: Department of the Army: Office of the Assistant Secretary for Financial Management and Comptroller
    Status: Open

    Comments: The Army concurred with this recommendation. In March 2015, Army officials indicated that the Army was still working to resolve identified significant deficiencies and material weaknesses. In January 2016, Army officials indicated that the Army was assessing findings from an Independent Public Accountant in connection with its audit of Army's fiscal year 2015 Schedule of Budgetary Activity to identify deficiencies identified during previous audit readiness efforts. Repeat findings were incorporated into corrective action plans (CAP). According to the Army's January 8, 2016 CAP status report, estimated completion dates for addressing most of the findings identified were not yet determined. Since August 2016, we have requested updates on the status of efforts to address this recommendation and as of August 2017, we have not received such an update.
    Director: Malenich, J Lawrence
    Phone: (202) 512-3406

    2 open recommendations
    Recommendation: The CFPB should direct the Chief Financial Officer to design and implement control procedures that require coordination between the Office of Procurement and other program offices at the time of capitalization to ensure that property and equipment costs, including costs associated with internal-use software, are properly capitalized or expensed as appropriate.

    Agency: Consumer Financial Protection Bureau
    Status: Open

    Comments: Although CFPB took actions to attempt to address this recommendation, as of September 30, 2016, it was still in the process of implementing additional corrective actions. In addition, our fiscal year 2016 audit continued to identify deficiencies over the recording of property, equipment, and software costs. We will continue to evaluate CFPB's actions to address this recommendation during our fiscal year 2017 financial statement audit.
    Recommendation: The CFPB should direct the Chief Financial Officer to strengthen the design and implementation of control procedures to require, as part of the Office of the Chief Financial Officer's quarterly review procedures, review of underlying supporting documents, including tracking schedules, invoices, and obligating documents, to ensure that property and equipment transactions are properly identified and capitalized or expensed as appropriate.

    Agency: Consumer Financial Protection Bureau
    Status: Open

    Comments: As of September 30, 2016, we continued to find that the Office of the Chief Financial Officer's review was not always effective in timely detecting and correcting classification errors between costs that should be capitalized and costs that should be expensed. We will continue to evaluate CFPB's actions to address this recommendation during our fiscal year 2017 financial statement audit.
    Director: Davis, Beryl H
    Phone: (202) 512-2623

    1 open recommendations
    including 1 priority recommendation
    Recommendation: To proactively prepare for oversight of future disaster relief funding, the Director of OMB should develop standard guidance for federal agencies to use in designing internal control plans for disaster relief funding. Such guidance could leverage existing internal control review processes and should include, at a minimum, the following elements: (1) robust criteria for identifying and documenting incremental risks and mitigating controls related to the funding and (2) requirements for documenting the linkage between the incremental risks related to disaster funding and efforts to address known internal control risks.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open
    Priority recommendation

    Comments: To address the recommendation, OMB should issue guidance on internal control for disaster relief funding, including criteria for identifying additional risks and mitigating controls related to the funding and a requirement to link these incremental risks to ongoing efforts to address known internal control risks. On July 15, 2016, OMB issued the revised Circular No. A-123, Management's Responsibility for Enterprise Risk Management and Internal Control. The Circular requires agencies to implement enterprise risk management, which includes the development of a risk profile that analyzes the risks faced in achieving strategic objectives and identifies options for addressing them. In April 2017, OMB staff stated that they believe that the implementation of enterprise risk management through Circular No. A-123 satisfies the intent our recommendation. Because the responsibility for implementing enterprise risk management lies with agency management, Circular No. A-123 does not include specific guidance for identifying risks related to disaster funding. Further discussion and documentation to support OMB's position that the revised Circular addresses our recommendation will be necessary.
    Director: Clark, Cheryl E
    Phone: (202) 512-9377

    3 open recommendations
    Recommendation: The Commission should direct the appropriate officials to establish and implement written policies and procedures requiring timely and continuous supervisory review of all financial transactions.

    Agency: American Battle Monuments Commission
    Status: Open

    Comments: In the Commission's fiscal year 2016 Independent Auditor's Report, the auditor reported that the Commission resolved the material weakness related to not effectively reviewing financial transactions to ensure that they were accurate, valid, complete, and recorded in the appropriate accounting period. We contacted the agency to ask for further information on the policy and process for supervisory review of financial transactions, but no response was received within the established deadline for us to conduct our follow up. Therefore, because we were not able to verify that related policies and procedures were established and implemented, we will follow up on this open recommendation at a later date.
    Recommendation: To improve its monitoring of internal control, the Commission should direct the appropriate officials to establish and implement written policies and procedures for planning and conducting the Commission's annual assessment of internal control over financial reporting as required by OMB A-123. The policies and procedures should include; (1) documenting an understanding of its internal control environment, which entails such elements as the tone at the top, ethical standards, and personnel management, which can have a significant effect on how the organization functions and the integrity of its financial accounting and reporting; (2) documenting its assessment of the risk of material misstatement to its financial statements; (3) establishing and documenting its internal control objectives and related internal control activities in place to meet those objectives; (4) documenting the tests to be performed and the results of each test, clearly identifying exceptions and resulting deficiencies; and (5) establishing a corrective action plan for all identified deficiencies that specifies how and when each deficiency will be corrected, and assigning responsibility for its effective and timely resolution.

    Agency: American Battle Monuments Commission
    Status: Open

    Comments: In the Commission's fiscal year 2016 Independent Auditor's Report, the auditor continued to report that the Commission did not have an adequate process for monitoring the design and operating effectiveness of its internal control to identify, evaluate, and correct internal control deficiencies. For example, the Commission did not document its OMB A-123 approach for assessing its internal control, or provide sufficient, appropriate evidence to support its conclusions on the effectiveness of its internal control activities. The Commission responded that it will continue to implement an enterprise-wide system of controls and monitor and report on those controls in compliance with FMFIA. During fiscal year 2017, the Commission informed us that they issued a related policy, however, their independent auditor continues to identify this area as a material weakness. Therefore, we will follow up on this open recommendation at a later date.
    Recommendation: To improve its monitoring of internal control, the Commission should direct the appropriate officials to establish and implement written policies and procedures for monitoring the activities of the external service organizations that perform significant aspects of the Commission's financial transaction processing and reporting, including implementing relevant complementary user entity controls identified by the service auditors.

    Agency: American Battle Monuments Commission
    Status: Open

    Comments: In the Commission's fiscal year 2015 Independent Auditor's Report, the auditor continued to report that the Commission did not adequately document and monitor the effectiveness of internal controls at the service organizations that performed significant aspects of its financial transaction processing and reporting, including processing its federal employee payroll transactions, reconciling its fund balance with Treasury, and preparing its annual financial statements. Specifically, ABMC did not evaluate the service organizations' service auditor reports that contained information on the service organizations' controls and the effectiveness of those controls, and did not consider the impact of the findings and conclusions contained in the service auditor reports on the effectiveness of its internal control. Further, ABMC did not design and implement appropriate complementary user entity controls that were identified by the service auditors. The Commission stated that it will continue to implement an enterprise-wide system of controls and monitor and report on those controls in compliance with FMFIA during fiscal year 2017. Therefore, we will follow up on this open recommendation at a later date.
    Director: Kohn, Linda T
    Phone: (202) 512-7114

    1 open recommendations
    Recommendation: To help address the uncertainty NIH faces, related to the potential impact of increasing indirect costs on its funding of future research, the Director of NIH should assess the impact of growth in indirect costs on its research mission, including, as necessary, planning for how to deal with potential future increases in indirect costs that could limit the amount of funding available for total research, including the direct costs of research projects.

    Agency: Department of Health and Human Services: Public Health Service: National Institutes of Health
    Status: Open

    Comments: As of July 7, 2015, NIH provided some information indicating that it had taken action to address our recommendation by tracking the size of indirect costs as a proportion of NIH's overall budget as part of the agency's annual budget planning process and risk assessment program. However, we determined that the actions did not fully address the recommendation because they focus on the agency's overall budget and do not assess the potential ongoing impact of indirect costs for universities on its mission. As of August 2017, NIH officials have not informed us of any additional actions taken to implement this recommendation. We will update the status of this recommendation when we receive additional information.
    Director: Gootnick, David B
    Phone: (202) 512-3149

    2 open recommendations
    Recommendation: In order to improve the ability of the U.S. agencies participating in the Joint Economic Management Committee (JEMCO) and Joint Economic Management and Financial Accountability Committee (JEMFAC) to conduct required oversight of compact funds, the Secretary of the Interior should direct the Director of Insular Affairs, as Chairman of JEMCO, to coordinate with other JEMCO-member U.S. agencies to have JEMCO take all necessary steps, or, as the administrator of compact grants, to directly take all necessary steps, to ensure that the FSM (1) completes satisfactory plans to address annual decrements in compact funds, (2) produces reliable indicator data used to track progress in education and health, and (3) addresses all single audit findings in a timely manner.

    Agency: Department of the Interior
    Status: Open

    Comments: JEMCO accepted decrement plans from the FSM which addressed one element of the recommendation. However, as of June 16th, 2017 the other parts of the recommendation have not been addressed.
    Recommendation: In order to improve the ability of the U.S. agencies participating in the JEMCO and JEMFAC committees to conduct required oversight of compact funds, the Secretary of the Interior should direct the Director of Insular Affairs, as Chairman of the JEMFAC, to coordinate with other JEMFAC-member U.S. agencies to have JEMFAC take all necessary steps, or, as the administrator of compact grants, to directly take all necessary steps, to ensure that the RMI (1) completes satisfactory plans to address annual decrements in compact funds, (2) produces reliable indicator data used to track progress in education and health, and (3) addresses all single audit findings in a timely manner.

    Agency: Department of the Interior
    Status: Open

    Comments: JEMFAC accepted decrement plans from the RMI, which addressed one element of the recommendation. However, as of June 16th, 2017 the other parts of the recommendation have not been addressed.
    Director: Pickup, Sharon L
    Phone: (202) 512-9619

    2 open recommendations
    Recommendation: To improve decision makers' abilities to make fully informed decisions concerning whether training requirements can be met with live and simulation-based training and determine optimal mixes of live and simulation-based training, the Secretary of Defense should direct the Secretary of the Army and the Commandant of the Marine Corps to develop outcome-oriented performance metrics that can be used to assess the impact of simulation-based training on improving the performance or proficiency of servicemembers and units.

    Agency: Department of Defense
    Status: Open

    Comments: As of 18 Aug 2014, the Army and Marine Corps actions for this recommendation are currently ongoing and the recommendation status currently remains open. On 14 June 2014, the DOD Inspector General reported in the Defense Audit Management Information System that "the Office of the Deputy Assistant Secretary of Defense(Readiness) developed a decision algorithm to determine which military tasks could be taught virtually and which military tasks should only be taught in classroom or field environments (i.e., live). The algorithm was provided to the Services for peer-review and possible implementation. The Army is reviewing its progressive training models through a process called Training Summit IV (TS IV). These models establish how virtual and constructive based training is integrated with live training to optimize training readiness. The TS IV will include training model review by proponent schools, as well as a cross-section of unit commanders and leaders. This effort will be completed in Fiscal Year (FY) 2014 and presented for validation and G-3/5/7 approval at the Army Training General Officer Steering Committee in November 2014. Also, the Marine Corps initiated a request for an internal servicewide study of existing and potential approaches to this topic (4th Quarter FY 2013). The initial focus is in determining how metrics can be better used to assess the impact of simulation based on meeting Marine Corps Training Standards. Furthermore, a targeted study began in the 1st Quarter FY 2014 and is focused initially on enhancing the methodology for assessing individual based simulators against Training and Readiness (T&R) Standards. In FY 2015, the study results will shape policy on how future T&R manuals will identify the appropriateness of simulators and simulations for training."
    Recommendation: To improve decision makers' abilities to make fully informed decisions concerning whether training requirements can be met with live and simulation-based training and determine optimal mixes of live and simulation-based training, the Secretary of Defense should direct the Secretary of the Army and the Commandant of the Marine Corps to develop a methodology--to include identifying the costs that should be included and how these costs should be captured--for comparing the costs associated with the use of live and simulation-based training.

    Agency: Department of Defense
    Status: Open

    Comments: As of 18 Aug 2014, the Army and Marine Corps actions for this recommendation are currently ongoing and the recommendation status currently remains open. On 14 June 2014, the DOD Inspector General reported in the Defense Audit Management Information System that "the Office of the Deputy Assistant Secretary of Defense (Readiness) has coordinated with the Army and Marine Corps to identify standard approaches to capture costs and cost benefit analysis that could be used DoD-wide. The Army has undertaken a "cost of training" analysis that is an on-going action to determine cost of readiness and/or training. One area of concentration is to look at the "Other Burdened Resources Required for Training Readiness." This area is further broken down into two areas: Investment/Modernization and Installation Services. The Investment/Modernization area will look at Non-System Training Aids, Devices, Simulators and Simulations while Installation Services will look at Post Deployment Software Support. In addition, the Army is gathering data to validate an existing model developed by the Simulations to Mission Command Interoperability Director (Program Executive Office for Simulation, Training, and Instrumentation) for the Value of Simulation Study consisting of five phases: Phase one focused on development of a working methodology to assess both quantitative and qualitative value of simulations used to support collective training (completed). Phase two is currently gathering data for model validation. Phase three will be an expansion to other simulation capabilities. Phase four is data gathering and validation. Phase five is expanded testing/methodology use case study/validation for return on investment use. The Marine Corps established a study, described in response to Recommendation 1, which will evaluate and propose the initial cost factors not currently captured during Programming yet would be relevant in determining the appropriate mix of live and simulated training. The initial results are expected in FY 2015."
    Director: White, James R
    Phone: (202) 512-9110

    1 open recommendations
    Recommendation: To ensure that IRS is meeting the stated goals of CAP, the Principal Deputy Commissioner of Internal Revenue and Deputy Commissioner for Services and Enforcement should track savings from Compliance Maintenance and CAP overall and develop a plan for reinvesting any savings.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: As of March 2017, IRS had taken some steps to implement this recommendation, but is not fully tracking the amount of dollar savings from using CAP nor developing a plan to reinvest any savings, as GAO recommended in August 2013. IRS is tracking savings by analyzing and comparing the workload inventory of account coordinators who handle CAP cases against team coordinators who handle non-CAP cases. This caseload comparison is a part of IRS's annual CAP evaluation and was included in its June 2014 CAP evaluation plan. Based on GAO's review of the evaluation plan and results, IRS's caseload comparison did not show the amount of dollar savings from CAP. The comparison for tax years 2010 through 2012 showed that account coordinators handling CAP cases exclusively or in conjunction with non-CAP cases have a larger caseload than team coordinators handling non-CAP cases. In addition, IRS has not developed a plan for reinvesting any savings, as GAO recommended in August 2013. Such a plan could help IRS increase audit coverage. IRS stated that it cannot measure the CAP's impact on audit coverage because audit coverage is based on staffing and compliance priorities. Also, IRS said that while quantifying monetary savings would be difficult, it has reinvested its savings by expanding account coordinators' caseloads as shown in the average caseload of CAP and non-CAP cases worked. However, without a plan for tracking savings and using them to increase audit coverage, IRS cannot be assured that the savings are effectively invested in either CAP or non-CAP taxpayers with a high compliance risk. IRS is evaluating the CAP program to determine how it fits with IRS's future vision for examinations. It has no timetable for completing this evaluation. IRS did not accept new CAP applications for 2016, deciding that CAP would be limited to taxpayers who are in the program for 2017.
    Director: Khan, Asif A
    Phone: (202) 512-9869

    2 open recommendations
    Recommendation: The Secretary of Defense should direct the Under Secretary of Defense, in his capacity as the Chief Management Officer and in consultation with the Under Secretary of Defense (Comptroller), to design and implement department-level policies and detailed procedures for FIAR Plan risk management that incorporate the five guiding principles for effective risk management. The following are examples of key features of each of the guiding principles that DOD should, at a minimum, address in its policies and procedures. (1) Identify risks. Generate a comprehensive and continuously updated list of risks that includes the root cause of each risk, audit area(s) each risk will affect, and the potential consequences if a risk is not effectively mitigated. (2) Analyze risks. Consult with key stakeholders, including program managers; use analytical techniques, such as risk categorization, risk urgency assessment, or sensitivity analysis; and determine the impact of the identified risks on individual DOD components' abilities to achieve audit readiness. (3) Plan for risk mitigation. Assign responsibility or ownership of the risk mitigation actions, define roles and responsibilities in executing mitigation plans, establish deadlines or milestones for individual mitigation actions, and estimate resource needs. (4) Implement risk mitigation plan. Document the implementation of mitigation actions, develop appropriate metrics that allow for tracking of progress, and validate reported metrics. (5) Monitor risks. Track identified risks and assess the effectiveness of implemented mitigation actions on a continuous basis, including identifying and planning for new risks.

    Agency: Department of Defense
    Status: Open

    Comments: DOD partially concurred with our recommendation. While DOD did concur with our assessment that they did not have a risk management policy and procedures related to implementing the FIAR guidance. They did not concur with our assessment of the overall environment of DOD's risk management of the FIAR initiative. DOD has taken steps to address our recommendation including implementing an NFR tracker and standard operating procedures designed to track DOD component material weaknesses. DOD has also documented a critical path and milestones in Appendix F of their FIAR Guidance; military component tasks and milestones in appendix G of the FIAR Guidance; and audit readiness deal breakers, now referred to as critical capabilities. However, while these are positive actions, they do not address our recommendation for DOD to implement risk management policies and procedures for FIAR implementation. Further, DOD has not provided GAO with evidence of planned actions it summarized in its agency comments. Specifically, DOD has not provided documentation related to (1) improving risk management documentation, (2) reinstating the DOD probability and impact matrix, and (3) re-evaluation of metrics to monitor progress and risk of audit readiness. Lastly, DOD's tracking of military component material weaknesses does not identify risks to audit readiness, or the agencies capabilities to manage risks to audit readiness. According to the May 2017 FIAR Status Update for the HASC Panel Recommendations, DOD has reinforced the importance of internal controls over areas of significant risk by updating the FIAR Guidance with a new chapter dedicated to internal controls. DOD has also changed how they respond to recommendation follow-up by way of the Washington Headquarters Service (WHS). We are currently waiting for a POC to be assigned. We will continue to evaluate the status of actions to address this recommendation.
    Recommendation: The Secretary of Defense should direct the Under Secretary of Defense, in his capacity as the Chief Management Officer and in consultation with the Under Secretary of Defense (Comptroller), to consider and incorporate, as appropriate, the Navy's and DLA's risk management practices in department-level policies and procedures.

    Agency: Department of Defense
    Status: Open

    Comments: DOD has changed how they respond to recommendation follow-up by way of the Washington Headquarters Service (WHS). We are currently waiting for a POC to be assigned. We will continue to evaluate the status of actions to address this recommendation.
    Director: St James, Lorelei
    Phone: (202) 512-2834

    4 open recommendations
    Recommendation: A key matter for Congress to consider is whether or not to move forward with a USPS health plan that would result in an increase in retirees' use of Medicare. If Congress decides to approve this proposal, then Congress should also weigh the impact on other issues, including safeguards for all USPS health plan fund assets by placing appropriate constraints on their asset allocations, such as limiting investments to Treasury securities and inflation-indexed Treasury securities or, if Congress chooses to permit investments in non-Treasury securities, constraints on the discount rate for prefunding purposes so as not to anticipate returns on risk-bearing assets in excess of those on Treasury securities before such returns have actually been achieved.

    Agency: Congress
    Status: Open

    Comments: As of May 2017, Congress had not enacted legislation that would create a U.S. Postal Service health plan that would result in an increase in retirees' use of Medicare. Therefore, Congress had not fully addressed the impact of safeguards for all USPS health plan fund assets by placing appropriate constraints on their asset allocations. In September 2015, S.2051: Improving Postal Operations, Service, and Transparency Act of 2015 was introduced to the to the U.S. Senate Committee on Homeland Security and Governmental Affairs. The bill requires all Medicare-eligible postal annuitants and employees enrolled in a U.S. Postal Service health plan to also enroll in Medicare, including parts A, B and D. This bill, however, has not yet been approved by the Senate Committee on Homeland Security and Governmental Affairs.
    Recommendation: A key matter for Congress to consider is whether or not to move forward with a USPS health plan that would result in an increase in retirees' use of Medicare. If Congress decides to approve this proposal, then Congress should also weigh the impact on other issues, including standards for the disposition of any surplus health plan assets that reduce the risk of a new unfunded liability emerging in the future, standards such as amortizing any surplus to mirror the amortization of any unfunded liability, or using any surplus to offset normal cost payments.

    Agency: Congress
    Status: Open

    Comments: As of May 2017, Congress had not enacted legislation that would create a U.S. Postal Service health plan that would result in an increase in retirees' use of Medicare. Consequently, Congress has not fully addressed the issue of standards for the disposition of any surplus health plan assets that reduce the risk of a new unfunded liability emerging in the future, such as amortizing any surplus to mirror the amortization of any unfunded liability, or using any surplus to offset normal cost payments.
    Recommendation: A key matter for Congress to consider is whether or not to move forward with a USPS health plan that would result in an increase in retirees' use of Medicare. If Congress decides to approve this proposal, then Congress should also weigh the impact on other issues, including designation or creation of an independent entity responsible for the selection of actuarial assumptions used to annually determine the funded status of USPS's health plan for purposes of determining prefunding payments.

    Agency: Congress
    Status: Open

    Comments: As of May 2017, Congress had not enacted legislation that would create a U.S. Postal Service health plan that would result in an increase in retirees' use of Medicare. Consequently, Congress has not fully addressed the designation or creation of an independent entity responsible for the selection of actuarial assumptions used to annually determine the funded status of USPS's health plan for purposes of determining prefunding payments.
    Recommendation: A key matter for Congress to consider is whether or not to move forward with a USPS health plan that would result in an increase in retirees' use of Medicare. If Congress decides to approve this proposal, then Congress should also weigh the impact on other issues, including protections for postal employees and retirees that are comparable to those under FEHBP, including a formula for USPS retirees' contribution to the costs of their health coverage.

    Agency: Congress
    Status: Open

    Comments: As of May 2017, Congress had not enacted legislation that would create a U.S. Postal Service health plan that would result in an increase in retirees' use of Medicare. Consequently, Congress has not fully addressed the issue of protections for postal employees and retirees that are comparable to those under FEHBP, including a formula for USPS retirees' contribution to the costs of their health coverage.
    Director: Trimble, David C
    Phone: (202) 512-3841

    1 open recommendations
    Recommendation: To help improve its ability to oversee M&O contractor costs, including indirect costs, for its laboratories and make more effective use of DOE and contractor resources, the Secretary of Energy should take--or, as appropriate, direct the Administrator of NNSA to incorporate more specific benchmarking requirements into future laboratory contracts--similar to the benchmarking requirements used by DOE to assess and manage pension and post-retirement benefit costs--including which costs should be benchmarked, how frequently benchmarking should occur, and what process should be used to ensure corrective actions are taken, as needed.

    Agency: Department of Energy
    Status: Open

    Comments: In April 2017, the Director of NNSA Office of Policy issued guidance to NNSA Laboratory Field Office Managers to update contracts to include a new clause requiring laboratory contractors to submit a strategic plan every year in accordance with guidance. Part of the annual plan requires contractors to discuss the costs of doing business and cost-increase factors at the sites, including overhead dollars. The annual strategic plan is due to the NNSA Office of Policy by August 15 each year. This plan is expected to allow NNSA to conduct the benchmarking activities recommended by our report, which can then be considered in current and future laboratory contracts.
    Director: Engel, Gary T
    Phone: (202)512-8815

    2 open recommendations
    including 2 priority recommendations
    Recommendation: To improve the reliability of the information presented in the CFS budget statements, the Secretary of the Treasury should direct the Fiscal Assistant Secretary, working in coordination with the Controller of OMB's Office of Federal Financial Management, to establish and implement effective procedures for reporting amounts in the CFS budget statements that are fully consistent with the underlying information in significant federal entities' audited financial statements and other financial data.

    Agency: Department of the Treasury
    Status: Open
    Priority recommendation

    Comments: As of the completion of our fiscal year 2016 consolidated financial statements (CFS) audit, Treasury and OMB agreed that this recommendation remained open. Treasury partnered with the Federal Accounting Standards Advisory Board (FASAB) to develop a Statement of Federal Financial Accounting Standards exposure draft that identifies items needed to reconcile net cost to outlays at the entity level, with a focus on demonstrating consistency with significant entities' audited financial statements. We will follow-up on progress made by Treasury and OMB as part of our fiscal year 2017 CFS audit, which is ongoing as of March 2017.
    Recommendation: To improve the reliability of the information presented in the CFS budget statements, the Secretary of the Treasury should direct the Fiscal Assistant Secretary, working in coordination with the Controller of OMB's Office of Federal Financial Management, to establish and implement effective procedures for identifying and reporting all items needed to prepare the CFS budget statements.

    Agency: Department of the Treasury
    Status: Open
    Priority recommendation

    Comments: As of the completion of our fiscal year 2016 consolidated financial statements (CFS) audit, Treasury and OMB agreed that this recommendation remained open. Treasury has improved its process for preparing the budget statements over the past three years and is continuing to do so. For example, Treasury has developed a reconciliation process to ensure that all cash related amounts reconcile on a monthly basis. We will follow-up on progress made by Treasury and OMB as part of our fiscal year 2017 CFS audit, which is ongoing as of March 2017.
    Director: Czerwinski, Stanley J
    Phone: (202) 512-6806

    3 open recommendations
    including 3 priority recommendations
    Recommendation: The Director of OMB should, in collaboration with the members of COFAR, develop and make publicly available an implementation schedule that includes performance targets, goal leaders who can be held accountable for each goal, and mechanisms to monitor, evaluate, and report on results.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open
    Priority recommendation

    Comments: In January 2017, GAO reported that although COFAR had released its updated priorities for Fiscal Years 2016 through 2017, it had not released to the public an implementation schedule that included key elements such as performance targets, mechanisms to monitor, evaluate, and report on progress made toward its stated priorities. For this reason, this recommendation remains open.
    Recommendation: The Director of OMB should, in collaboration with the members of COFAR, clarify the roles and responsibilities for various streamlining initiatives and steps for decision making, in particular how COFAR will engage with relevant grant-making agency stakeholders and utilize agency resources.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open
    Priority recommendation

    Comments: In January 2017, GAO reported that although COFAR had released its updated priorities for Fiscal Years 2016 through 2017, the document did not provide clarification on roles and responsibilities for its members. For this reason, this recommendation remains open.
    Recommendation: The Director of OMB should, in collaboration with the members of COFAR, improve efforts to develop an effective two-way communication strategy that includes the grant recipient community, smaller grantmaking agencies that are not members of COFAR, and other entities involved with grants management policy.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open
    Priority recommendation

    Comments: In January 2017, GAO reported that although COFAR had released its updated priorities for Fiscal Years 2016 through 2017, the document did not provide a detailed communication strategy for the grant recipient community. For this reason, this recommendation remains open.
    Director: Clark, Cheryl E
    Phone: (202)512-9377

    3 open recommendations
    Recommendation: The Acting Commissioner of Internal Revenue should direct the appropriate IRS officials to perform a risk assessment to determine the appropriate level of Integrated Data Retrieval System (IDRS) access that should be granted to employee groups that handle hard-copy taxpayer receipts and related sensitive taxpayer information as part of their job responsibilities.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: According to IRS, a risk assessment was performed to determine the appropriate level of IDRS access that should be granted to employee groups that handle hard-copy taxpayer receipts and related sensitive taxpayer information as part of their job responsibilities. However, during our fiscal year 2016 audit, we identified a group of employees at an SCC who handle hard-copy taxpayer receipts and related sensitive taxpayer information and can make adjustments to taxpayer accounts. Based on the information obtained, it is unclear whether the risks associated with these employees were considered in a risk assessment. We will continue to evaluate IRS's actions to address this recommendation during our fiscal year 2017 audit.
    Recommendation: The Acting Commissioner of Internal Revenue should direct the appropriate IRS officials to, based on the results of the risk assessment, update the Internal Revenue Manual (IRM) accordingly to specify the appropriate level of IDRS access that should be allowed for (1) remittance perfection technicians and (2) all other employee groups with IDRS access that handle hard-copy taxpayer receipts and related sensitive information as part of their job responsibilities.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: As a result of its risk assessment efforts thus far, IRS updated the IRM to restrict the use of certain IDRS command codes for remittance perfection technicians. In addition, in May 2016, IRS reassessed the risks at its TACs, including the specific risks and mitigating factors associated with allowing TAC employees to process taxpayer remittances and to adjust taxpayer accounts. However, IRS did not update the IRM to reflect the conclusions from the risk assessment related to TAC employees. Further, during our fiscal year 2016 audit, we identified a group of employees at an SCC who handle hard-copy taxpayer receipts and related sensitive taxpayer information and can make adjustments to taxpayer accounts. Based on the information obtained, it is unclear whether the risks associated with these employees were considered in a risk assessment. We will continue to evaluate IRS's actions to address this recommendation during our fiscal year 2017 audit.
    Recommendation: The Acting Commissioner of Internal Revenue should direct the appropriate IRS officials to establish procedures to implement the updated IRM, including required steps to follow to prevent (1) remittance perfection technicians and (2) all other employee groups that handle hard-copy taxpayer receipts and related sensitive information as part of their job responsibilities from gaining access to command codes not required as part of their designated job duties.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: As a result of its risk assessment efforts thus far, IRS updated the IRM to include procedures to restrict the use of certain IDRS command codes for remittance perfection technicians. However, the IRM has not been updated based on the results of the risk assessment related to TAC employees and, if applicable, other employees who have access to sensitive command codes and handle hard-copy taxpayer receipts and related sensitive information as part of their job duties. We will continue to evaluate IRS's actions to address this recommendation during our fiscal year 2017 audit.
    Director: Khan, Asif A
    Phone: (202)512-9869

    9 open recommendations
    including 9 priority recommendations
    Recommendation: The Secretary of Defense should direct the Under Secretary of Defense (Comptroller), with regard to estimating improper payments, to establish and implement key quality assurance procedures, such as reconciliations, to ensure the completeness and accuracy of the sampled populations.

    Agency: Department of Defense
    Status: Open
    Priority recommendation

    Comments: The Department of Defense (DOD), in concurring with this recommendation, stated that the Department will work with the Defense Finance and Accounting Service (DFAS) to implement key quality assurance procedures, such as reconciliations, to ensure the completeness and accuracy of sampled populations. In June 2016, DOD officials stated that while the department is moving toward full auditability of its financial statements, the capability to ensure the completeness and accuracy of the sampled populations is still under development. As of August 31, 2017, DOD's efforts in this area were ongoing.
    Recommendation: The Secretary of Defense should direct the Under Secretary of Defense (Comptroller), with regard to estimating improper payments, to revise the procedures documented in DOD's sampling methodologies so that they (1) are in accordance with OMB guidance and generally accepted statistical standards and (2) produce statistically valid improper payment error rates, statistically valid improper payment dollar estimates, and appropriate confidence intervals for both. At a minimum, such procedures should take into account the size and complexity of the transactions being sampled.

    Agency: Department of Defense
    Status: Open
    Priority recommendation

    Comments: The Department of Defense (DOD) partially concurred with this recommendation, stating that sampling methodologies would be reviewed for all payment types and would be modified as appropriate to produce valid improper payment estimates and appropriate confidence intervals for them. In its May 2016 FIAR Plan Status Report, DOD officials stated that the department is reviewing the methodologies associated with identifying improper payments for seven improper payment programs, and if warranted, will change their sampling plans (methodologies). These seven programs are: Defense Finance and Accounting Service's Military Pay, Civilian Pay, Military Retirement, and Travel Pay; U.S. Corps of Engineers' Commercial Pay and Travel Pay; and Navy ERP commercial payments. In June 2016, DOD officials stated that the Office of the Under Secretary of Defense (Comptroller) will continue to coordinate with those DOD components currently using simple random sample designs, to develop methodologies that are stratified by an appropriate variable, such as an invoice or payment amount based on appropriate confidence intervals. As of August 31, 2017, this recommendation was still open.
    Recommendation: The Secretary of Defense should direct the Under Secretary of Defense (Comptroller), with regard to identifying programs susceptible to significant improper payments, to conduct a risk assessment that is in compliance with IPERA.

    Agency: Department of Defense
    Status: Open
    Priority recommendation

    Comments: The Department of Defense (DOD), in concurring with this recommendation, stated that it would work collaboratively with the applicable Defense components to develop a framework to conduct a risk assessment that is in compliance with the Improper Payments Elimination and Recovery Act (IPERA). Risk assessments for six DOD programs (military health benefits, military pay, civilian pay, Defense Finance and Accounting Service (DFAS) travel pay, retiree & annuitant pay, and DFAS commercial pay) complied with IPERA requirements based on documentation provided to support them. However, based on our review of documentation provided by the U.S. Army Corps of Engineers (USACE), risk assessments for the two programs it administers (USACE travel pay and USACE commercial pay) have not been performed. DOD officials stated that the risk assessment documentation for the two USACE programs is under development. In October 2016, DOD issued a remediation plan for travel pay improper payments and recovery. As of August 31 2017, this recommendation was still open.
    Recommendation: The Secretary of Defense should direct the Under Secretary of Defense (Comptroller), with regard to reducing improper payments, to establish procedures that produce corrective action plans that comply fully with IPERA and OMB implementation guidance, including at a minimum, holding individuals responsible for implementing corrective actions and monitoring the status of the corrective actions.

    Agency: Department of Defense
    Status: Open
    Priority recommendation

    Comments: The Department of Defense, in concurring with this recommendation, stated that it would work collaboratively with applicable components to establish procedures that produce corrective action plans that fully comply with the Improper Payment Elimination and Recovery Act and Office of Management and Budget (OMB) guidance. According to DOD officials, these established procedures will include individual accountability for implementing corrective actions and monitoring the status of corrective actions. As of June 2016, DOD officials told us that department enters corrective actions plans associated with audit findings into a notice of findings and recommendations (NFR) database developed to track their status and progress. The database was deployed in May 2016. According to DOD's fiscal year 2015 Agency Financial Report, DOD's travel pay had the highest error rate among all DOD-reported improper payment programs, and therefore DOD would place its initial focus to achieve measurable progress more quickly in this area. In June 2016, DOD officials stated that the Office of the Under Secretary of Defense (Comptroller) (OUSD(C)) would revise and expand the DOD Travel Remediation Plan into a more comprehensive plan which includes establishing Senior Accountable Officials (SAOs) within each military service. OUSD(C) will collaborate with each SAO to ensure the development of standardized procedures and corrective action plans to include training, root cause identification, and quality assurance goals that comply with improper payment law and regulatory guidance. On October 7, 2016, DOD issued its remediation plan entitled "Preventing Travel Pay Improper Payments and Recovery." The remediation plan notes two primary causes of improper travel payments; each of which highlights the need for increased detail (documentation), attention to detail (accuracy), and a more regular and effective training regimen. The remediation plan includes several requirements that must be met to reinforce internal controls and accountability. Beginning in fiscal year 2017, the DOD Comptroller and component SAOs are to receive travel pay metrics reports to measure progress. The first report is intended to establish a baseline. As of April 2017, DOD officials stated that there are corrective action plans, but the implementation of these plans needs to be assigned to the individual level components. As of August 31, 2017, this recommendation was still open.
    Recommendation: The Secretary of Defense should direct the Under Secretary of Defense (Comptroller), with regard to reducing improper payments, to establish procedures that produce corrective action plans that are in accordance with best practices, such as those recommended by the Chief Financial Officers Council (CFOC), and include (1) measuring the progress made toward remediating root causes and (2) communicating to agency leaders and key stakeholders the progress made toward remediating the root causes of improper payments.

    Agency: Department of Defense
    Status: Open
    Priority recommendation

    Comments: The Department of Defense (DOD), in concurring with this recommendation, stated that it would work collaboratively with the applicable components to establish procedures that produce corrective action plans that incorporate best practices, including those recommended by the Chief Financial Officers Council. DOD's corrective action plans would include information on (1) measuring the progress made toward remediating root causes and (2) communicating to agency leaders and key stakeholders the progress made toward remediating the root causes of improper payments. In June 2016, DOD officials told us that department enters corrective actions plans associated with audit findings into a notice of findings and recommendations (NFR) database developed to track their status and progress. The database was deployed in May 2016. According to DOD's fiscal year 2015 Agency Financial Report, DOD's travel pay had the highest error rate among all DOD-reported improper payment programs, and therefore DOD would place its initial focus to achieve measurable progress more quickly in this area. In June 2016, DOD officials stated that the Office of the Under Secretary of Defense (Comptroller) (OUSD(C)) will revise and expand the DOD Travel Remediation Plan into a more comprehensive plan which will include establishing Senior Accountable Officials (SAOs) within each military service. OUSD(C) will collaborate with each SAO to ensure the development of standardized procedures and corrective action plans to include training, root cause identification, and quality assurance goals that comply with improper payment law and regulatory guidance. On October 7, 2016, DOD issued its corrective/remediation plan entitled "Preventing Travel Pay Improper Payments and Recovery." We plan to review this plan for consistency with OMB and IPERA guidelines. In April 2017, we learned that the Office of Management and Budget had done an assessment of this plan and provided helpful suggestions. As of August 31, 2017, this recommendation was still open.
    Recommendation: The Secretary of Defense should direct the Under Secretary of Defense (Comptroller), with regard to implementing recovery audits, to develop and implement procedures to (1) identify costs related to the department's recovery audits and existing recovery efforts and (2) evaluate existing improper payment recovery efforts to ensure that they are cost effective.

    Agency: Department of Defense
    Status: Open
    Priority recommendation

    Comments: Department of Defense (DOD) officials concurred with this recommendation, stating that the DOD would review its procedures for improper payment recovery activities to ensure currency and accuracy and that it would also perform analyses to ensure that its recovery efforts are cost-effective. In July 2015, DOD reported that the development of cost estimates for recovery auditing was ongoing. In addition, DOD officials indicated that only the United States Army Corps of Engineers (USACE) has developed an analysis to evaluate the cost effectiveness of performing recovery audits. As of April 2017, DOD's efforts to develop cost-estimates for recovery audits were still under way. As of August 31, 2017, this recommendation was still open.
    Recommendation: The Secretary of Defense should direct the Under Secretary of Defense (Comptroller), with regard to implementing recovery audits, to monitor the implementation of the revised FMR chapter on recovery audits to ensure that the components either develop recovery audits or demonstrate that it is not cost effective to do so.

    Agency: Department of Defense
    Status: Open
    Priority recommendation

    Comments: Department of Defense (DOD) officials, in concurring with this recommendation, stated that DOD would work with the applicable components to monitor the implementation of the revised Financial Management Regulation (FMR) chapter on recovery audits. According to DOD officials, this action would help to ensure that recovery audits are developed, or will demonstrate that it is not cost-effective to do these audits. In July 2015, DOD was working to update the FMR chapter on recovery audits to reflect revised Office of Management and Budget (OMB) guidance issued in October 2014. DOD issued its revised FMR chapter in November 2015. This chapter requires components to develop cost-effective payment recapture audits or to submit a quantitative justification to the Office of the Under Secretary (Comptroller) for approval. However, we consider this recommendation to be open because DOD did not provide documentation demonstrating that the Office of the Under Secretary of Defense (Comptroller) is monitoring component implementation of recovery auditing. Further, as of April 2017, DOD's efforts to develop cost-estimates for recovery audits were still under way. As of August 31, 2017, this recommendation was still open.
    Recommendation: The Secretary of Defense should direct the Under Secretary of Defense (Comptroller), with regard to implementing recovery audits, to develop and submit to OMB for approval a payment recapture audit plan that fully complies with OMB guidance.

    Agency: Department of Defense
    Status: Open
    Priority recommendation

    Comments: Department of Defense (DOD) officials, in concurring with this recommendation, stated that DOD would develop and submit to the Office of Management and Budget (OMB) a payment recapture plan that fully complies with OMB guidance and is informed by a cost-effectiveness analysis. In July 2015, DOD's Office of the Under Secretary of Defense (Comptroller) efforts to develop a payment recapture audit plan to ensure cost-effectiveness were ongoing and these efforts must be completed before a plan can be submitted to the OMB. In June 2016, DOD officials stated that the Comptroller's efforts to develop a payment recapture audit plan to ensure cost-effectiveness were ongoing. As of August 31,2017, the department's efforts to implement this recommendation are continuing.
    Recommendation: The Secretary of Defense should direct the Under Secretary of Defense (Comptroller), with regard to reporting, to design and implement procedures to ensure that the department's annual improper payment and recovery audit reporting is complete, accurate, and in compliance with IPERA and OMB guidance.

    Agency: Department of Defense
    Status: Open
    Priority recommendation

    Comments: Department of Defense (DOD) officials, in concurring with this recommendation, stated that DOD would design and implement procedures to further ensure that its annual improper payment and recovery audit reporting is complete, accurate, and in compliance with the Improper Payments Elimination and Recovery Act (IPERA) requirements and Office of Management and Budget (OMB) guidance. In June 2015, DOD revised its FMR chapter on improper payments to require components to provide information needed to report on improper payment and recovery audit activities in its annual financial report (AFR) in accordance with IPERA requirements and OMB guidance. DOD's fiscal year 2015 AFR reflected its implementation of the revised FMR. We found that DOD's improper payment reporting in its fiscal year 2015 AFR had improved. However, we were not provided with evidence that Office of the Under Secretary of Defense (Comptroller) is performing oversight and monitoring activities to ensure the accuracy and completeness of the improper payment and recovery audit data submitted by DOD components for inclusion in the AFR. As of April 2017, DOD is continuing to work on procedures for ensuring that its reporting on improper payment and recovery audits is accurate, complete, and in compliance with IPERA and OMB guidance. As of August 31, 2017, this recommendation was still open.
    Director: King, Kathleen M
    Phone: (202) 512-7114

    1 open recommendations
    Recommendation: To improve the effectiveness of the unpublished MUEs and better ensure Medicare program integrity, the CMS Administrator should consider periodically reviewing claims to identify the providers exceeding the unpublished MUE limits and determine whether their billing was proper.

    Agency: Department of Health and Human Services: Centers for Medicare and Medicaid Services
    Status: Open

    Comments: In its comments on a draft of this report, HHS concurred with this recommendation and indicated that CMS would conduct further analysis to determine the most appropriate way to respond. In July 2015, HHS told us that CMS has established a process to identify providers exceeding the unpublished MUE limits and determine whether their billing was proper. In August 2016, CMS informed us that the agency is developing a process to review provider level data to determine potential improper billing that exceeds unpublished MUE limits. However, as of September 2016, CMS has not yet implemented this process. We requested that CMS provide documentation of the process once it has been implemented. With this documentary support, we hope to close the recommendation.
    Director: King, Kathleen M
    Phone: (202) 512-7114

    1 open recommendations
    Recommendation: Should the Congress decide to cap payments for physician and other nonhospital services made through IHS's CHS program, the Secretary of Health and Human Services should direct the Director of IHS to monitor CHS program patient access to physician and other nonhospital care in order to assess how any new payment rates may benefit or impede the availability of care.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: HHS agreed with GAO's recommendation and indicated that monitoring patient access to care in light of any payment changes is essential to providing high-quality health care to American Indians and Alaska Natives. Since there have not been any changes to the payment rates, IHS has not yet implemented this recommendation.
    Director: Bagdoyan, Seto J
    Phone: (202) 512-4749

    1 open recommendations
    Recommendation: Congress should consider granting Labor the additional authority it is seeking to access wage data to help verify claimants' reported income and help ensure the proper payment of benefits.

    Agency: Congress
    Status: Open

    Comments: No legislation introduced as of February 2017. The Workers' Compensation Reform Act of 2015 (S. 2051, title V) was introduced in the 114th Congress. It would have allowed DOL to access wage data, as GAO suggested in April 2013, from the National Directory of New Hires to improve the integrity of the Federal Employees' Compensation Act program, among other actions. If introduced in the 115th Congress and enacted, this legislation could help to prevent and detect improper payments in the Federal Employees' Compensation Act program.
    Director: Irving, Susan J
    Phone: (202) 512-6806

    2 open recommendations
    Recommendation: In light of declining discretionary budgets, to reduce or eliminate the reliance of the AQI program on taxpayer funding, Congress should consider allowing USDA to set AQI fees to recover the aggregate estimated costs of AQI services--thereby allowing the Secretary of Agriculture to set fee rates to recover the full costs of the AQI program.

    Agency: Congress
    Status: Open

    Comments: As of March 2017, Congress had not passed legislation to give the Secretary of Agriculture authority to set fee rates to fully recover the aggregate costs of agricultural quarantine inspection (AQI) services, as GAO suggested in March 2013. In the 114th Congress, the Savings, Accountability, Value, and Efficiency Act of 2015 was introduced in the House and referred to the committees of jurisdiction. The act would require the Secretary of Agriculture to (1) study whether the amount of AQI fees collected cover the aggregate costs of AQI services, and (2) report to Congress the results of the study and any recommendations for ensuring that fees covered costs. The act would not authorize the Secretary of Agriculture to set fee rates to recover the full costs of the AQI program. The current AQI fee authority does not permit the U.S. Department of Agriculture to set AQI fees to recover the aggregate estimated costs of AQI services. Authorizing the Secretary of Agriculture to set fee rates to recover the full costs of the AQI program would save the federal government money by reducing the program's reliance on U.S. Customs and Border Protection's annual Salaries and Expenses appropriation.
    Recommendation: Congress should consider amending USDA's authorization to assess AQI fees on bus companies, private vessels, and private aircraft and include in those fees the costs of AQI services for the passengers on those buses, private vessels, and private aircraft.

    Agency: Congress
    Status: Open

    Comments: As of March 2017, Congress had not passed legislation to give the Secretary of Agriculture authority to assess agricultural quarantine inspection (AQI) fees on private vessels, private aircraft, and commercial buses and include in those fees the costs of AQI services for the passengers on those vehicles. In the 114th Congress, the Savings, Accountability, Value, and Efficiency Act of 2015 was introduced in the House and referred to the committees of jurisdiction. The act would require the Secretary of Agriculture to (1) study whether the amount of AQI fees collected cover the aggregate costs of AQI services, and (2) report to Congress the results of the study and any recommendations for ensuring that fees covered costs. The current AQI fee authority does not permit the U.S. Department of Agriculture to assess AQI fees on private vessels, private aircraft and commerical buses and to recover, through those fees, the costs of AQI services for the passengers on those vehicles.
    Director: Khan, Asif A
    Phone: (202) 512-9869

    5 open recommendations
    Recommendation: To strengthen the design of controls over active duty Army military payroll, and to assure the effectiveness of the UCFR process as a compensating control for confirming the accuracy of its military pay, the Secretary of Defense should direct the Secretary of the Army to revise AR 37-104-4, Military Pay and Allowances Policy, to establish a requirement for periodic monitoring of the effectiveness of unit commander UCFR reviews.

    Agency: Department of Defense
    Status: Open

    Comments: In June 2013, DOD and Army officials told us that the Army and Defense Finance and Accounting Service (DFAS) performed an analysis of the effectiveness of the Unit Commander Finance Report (UCFR) in preventing payroll errors. The officials shared a February 21, 2013, Army memo on the results of the analysis, which indicated that while the UCFR was an effective tool as a snapshot of a Soldier's pay, it was not comprehensive enough to provide the level of detail needed to manage many pay entitlements. Additionally, analytical results showed that in most cases, having units certify and return UCFRs to the Finance Office did not result in corrective action in the month the condition requiring action first appeared on the report. The officials told us the Army intends to rely on existing primary controls over pay transactions and the implementation of the Integrated Personnel and Pay System-Army (IPPS-A), which was targeted for implementation in 2017, to address the issues we reported rather than revising AR-37-104-4 to require certification of the UCFR and its return to the Finance Office. The Army concluded that if used properly, the UCFR could provide a secondary control for units to identify a limited number of pay discrepancies. The Army's Finance Command Director subsequently told us that because the analysis showed that the UCFR was not being used as an effective tool by unit commanders, the Army would continue to pursue methods to improve pay transaction timeliness through training and command awareness efforts, to include use of the UCFR, pending implementation of IPPS-A. For example, the Army expanded the list of entitlements that, similar to UCFRs, are sent to commands for review and increased the frequency of the command reviews. The Army also implemented a process for monitoring high-risk special pays that have an anniversary date, such as Foreign Language Proficiency Bonus, Basic Allowance for Housing, and Basic Allowance for Subsistence, and confirming that the certifications have not expired. However, DOD's May 2017 FIAR Plan Status Report showed that the Army's IPPS-A is not expected to be fully implemented until April 2020. We will continue to assess DOD's efforts to address this recommendation.
    Recommendation: To strengthen the design of controls over active duty Army military payroll, and to assure the effectiveness of the UCFR process as a compensating control for confirming the accuracy of its military pay, the Secretary of Defense should direct the Secretary of the Army to revise AR 37-104-4, Military Pay and Allowances Policy, to require unit commanders to review and submit documentation showing completion of all monthly UCFR reviews.

    Agency: Department of Defense
    Status: Open

    Comments: In June 2013, DOD and Army officials told us that the Army and Defense Finance and Accounting Service (DFAS) performed an analysis of the effectiveness of the Unit Commander Finance Report (UCFR) in preventing late transactions for updating pay. The results of an Army analysis showed that units certifying and returning UCFRs to the Finance Office did not increase timely corrective actions being taken to a soldier's pay. In a memo dated Feb. 21, 2013, the Army stated, "Creating a mandatory process of requiring Commanders to certify and return the UCFR (even when there are no errors) imposes additional administrative requirements and associated costs on the unit, the Finance Office and DFAS." The memo further stated that, based on the sample taken, most units are already certifying UCFRs and returning them to Finance -- with little impact on Soldiers' pay." Army officials told us that based on the Feb. 21, 2013, memo and subsequent follow up, the Army intended to rely on existing primary controls over pay transactions and the implementation of the Integrated Personnel and Pay System-Army (IPPS-A) targeted for August 2017 to address the issues we reported, rather than revise AR-37-104-4 to require certification of the UCFR and its return to the Finance Office. Army officials told us they would continue to pursue methods to improve pay transaction timeliness through training and command awareness efforts, to include use of the UCFR. The Army stated that the development and fielding of IPPS-A offers opportunities for reducing errors and manual inputs, while providing improved transaction timeliness and pay accuracy. However, DOD's May 2017 FIAR Plan Status Report showed that the Army's IPPS-A is not expected to be fully implemented until April 2020. We will continue to assess DOD's efforts to address this recommendation.
    Recommendation: To strengthen the design of controls over active duty Army military payroll, and to assure the effectiveness of the UCFR process as a compensating control for confirming the accuracy of its military pay, the Secretary of Defense should direct the Secretary of the Army to revise AR 37-104-4, Military Pay and Allowances Policy, to specify the time frame for submitting UCFRs, such as no later than the 10th of the month.

    Agency: Department of Defense
    Status: Open

    Comments: In a Feb. 21, 2013 memo, the Army stated that its regulations require units to take immediate action when an error is discovered during a review of an Unit Commander Finance Report (UCFR). According to the Army, specifying a timeframe for the review and submission of UCFRs, such as 10 days, would also require the development of additional controls and monitoring procedures and create exceptions/waivers for those units deployed or on training exercises. As a result, the Army intended to rely on existing primary controls over pay transactions and the targeted implementation of the Integrated Personnel and Pay System-Army (IPPS-A) in August 2017 to address the issues, rather than revise AR-37-104-4. With the slippage in implementation of IPPS-A integrated military personnel and pay functionality to April 2020, the Army needs to reconsider our recommendation along with reasonable timeline accommodations for deployed units. We will continue to assess the Army's efforts to address this recommendation.
    Recommendation: To strengthen the design of controls over active duty Army military payroll, and to provide a means for monitoring the overall accuracy of the Army's military payroll, the Secretary of Defense should direct the DOD Comptroller to require DFAS-IN to develop criteria and establish a comprehensive metric to capture and measure all types of pay errors affecting accuracy.

    Agency: Department of Defense
    Status: Open

    Comments: In June 2013, the Defense Finance and Accounting Service (DFAS)-Indianapolis Director told us that DFAS conducted a gap analysis for two installations (Ft. Carson and Ft. Gordon). This analysis compared data on the effective date of pay impacting transactions (e.g., Basic Allowance for Housing, Foreign Language Proficiency Pay, etc.); the date transactions were entered into the pay system; the elapsed time in days from the effective date through each step of the process to the date pay was input to the military pay system. The Army's analysis concluded that most errors that occurred were due to units' late submissions of source documents. The Army's position is that the key metric for military pay accuracy is the timeliness of processing of pay impacting transactions. The Army intended to rely on the targeted August 2017 implementation of the Integrated Personnel and Pay System-Army (IPPS-A) to address pay transaction timeliness and address any other identified issues rather than require DFAS-Indianapolis to develop additional criteria and metrics within the current systems environment to measure all types of conditions affecting accuracy. However, DOD's May 2017 FIAR Plan Status Report showed that the Army's IPPS-A is not expected to be fully implemented until April 2020. We will continue to assess DOD's efforts to address this recommendation.
    Recommendation: To strengthen the design of controls over active duty Army military payroll, and to provide a means for monitoring the overall accuracy of the Army's military payroll, the Secretary of Defense should direct the Department of Defense (DOD) Comptroller to require DFAS-IN to establish an interim mechanism at DFAS-IN for identifying and analyzing the extent and causes of all types of military payroll errors processed by Defense Military Pay Offices (DMPOs), Army Finance Offices, Defense Joint Military Pay System-Active Component (DJMS-AC), and Case Management System (CMS) to address any systemic control weaknesses.

    Agency: Department of Defense
    Status: Open

    Comments: In June 2013, DOD and Army officials stated that DFAS, as part of its pre-assertion audit readiness efforts for the Military Pay Statement on Standards for Attestation Engagements (SSAE) No. 16, Reporting on Controls at a Service Organization examination, has identified and validated many controls over the completeness, accuracy and validity of military pay. This included identifying gaps in internal controls and developing and implementing corrective action plans to mitigate any gaps. The Army subsequently engaged another independent public accounting firm to assess its audit readiness for the Statement of Budgetary Resources, including audit readiness for its military pay. In addition, the Army underwent an audit of its fiscal year 2015 General Fund Schedule of Budgetary Activity. Both audit engagements identified military pay issues requiring corrective action. Most recently, the audit of the Army's fiscal year 2016 Budgetary Schedule resulted in a disclaimer of opinion, in part, due to the Army's inability to produce a complete and accurate population of accession, separation, promotion/reduction, special pay, and leave populations for Active Duty, Reserve, and Guard soldiers. In January 2016, the Army auditor reported that "without the ability to produce complete populations, the risk exists that a soldier is improperly accessed, separated, promoted/reduced, awarded special pay, and/or had his or her leave account adjusted incorrectly. Further, the Army's ability to identify and correct any errors is significantly reduced, potentially misstating payroll obligations and outlays reported on the schedule." Army officials stated that it intends to rely on its current transaction timeliness metrics, pre-payment statistical sampling, Improper Payment Elimination and Reporting Act (IPERA) reporting, and eventually implementation of the Integrated Personnel and Pay System - Army (IPPS-A) to address the issues regarding completeness, accuracy, and validity of military pay. However, DOD's May 2017 FIAR Plan Status Report showed that the Army's IPPS-A is not expected to be fully implemented until April 2020. Therefore, we believe that the Army needs to revisit our recommendation and establish an interim mechanism for identifying and analyzing the extent and causes of military payroll errors and take appropriate action to address any systemic control weaknesses. We will continue to assess the Army's efforts to address this recommendation.
    Director: Iritani, Katherine M
    Phone: (202) 512-7114

    1 open recommendations
    Recommendation: To improve transparency of and accountability for Medicaid non-DSH supplemental payments, Congress should consider requiring the Administrator of CMS to (1) improve state reporting of non-DSH supplemental payments, including requiring annual reporting of payments made to individual facilities and other information that the agency determines is necessary to oversee non-DSH supplemental payments; (2) clarify permissible methods for calculating non-DSH supplemental payments; and (3) require states to submit an annual independent certified audit verifying state compliance with permissible methods for calculating non-DSH supplemental payments.

    Agency: Congress
    Status: Open

    Comments: As of August 2017, no legislation had been enacted although at least one bill had been introduced in the Congress that would implement this Matter. If enacted, H.R. 541 would, among other things, require annual reporting of non-DSH supplemental payments made to individual institutional providers; information on type of ownership of providers that received the supplemental payments; and other information the agency determines is necessary to oversee non-DSH supplemental payments. However, CMS has taken some actions administratively to understand how to improve its oversight, which are underway. CMS had planned to publish a proposed rule for public comment in fall 2016 that could improve the oversight of supplemental payments made to individual providers. As of August 2017, the agency stated that it is gathering information from data submitted by states to better inform individual provider level payment criteria and establish policies and procedures to evaluate whether payments at the provider level are economic and efficient. They expect to complete this process by March 2018. CMS has also awarded a contract to review Medicaid supplemental payment information submitted by states that may, according to CMS officials, provide information to identify areas for future supplemental payment oversight, including issuing additional guidance on non-DSH supplemental payment submissions and developing standardized formatting. CMS reported that in 2016 it received approval from the Office of Management and Budget to issue standardized templates for all states to use when submitting the annual non-DSH supplemental payments for agency review, but did not specify when standard templates would be used. CMS also reported that the agency was developing a tool to assist in reviewing amendments to state plans and analyzing non-DSH supplemental payments. GAO plans to continue to monitor congressional action, as well as CMS's guidance on supplemental payments to individual providers and actions resulting from the contracted review to determine the extent to which improve state reporting of non-DSH supplemental payments, clarify permissible methods for calculating non-DSH supplemental payments, and require audits to verify that states use permissible methods to calculate non-DSH supplemental payments.
    Director: King, Kathleen M
    Phone: (202) 512-7114

    1 open recommendations
    including 1 priority recommendation
    Recommendation: In order to promote greater use of effective prepayment edits and better ensure proper payment, and to promote implementation of effective edits based on national policies, the CMS Administrator should develop written procedures to provide guidance to agency staff on all steps in the processes for developing and implementing edits based on national policies, including (1) time frames for taking corrective actions, (2) methods for assessing the effects of corrective actions, and (3) procedures for ensuring consideration of automated edits whenever possible, including for all existing NCDs and other national policies.

    Agency: Department of Health and Human Services: Centers for Medicare and Medicaid Services
    Status: Open
    Priority recommendation

    Comments: HHS concurred with this recommendation. CMS developed written procedures in November 2012 to provide guidance to agency staff on procedures for ensuring consideration of automated edits whenever possible, as GAO recommended in November 2012, but these procedures do not include several key elements of GAO's recommendation. For example, the written procedures do not include time frames for making decisions on whether an edit will be developed for all existing National Coverage Determinations (NCD) and national policies. The written procedures also do not include requirements for methods to assess the effects of corrective actions taken. Implementing a comprehensive written process for developing edits for national policies could help ensure that edits are implemented whenever possible to reduce improper payments. As of September 2017, CMS had not provided us updated documentation that addressed these aspects of our recommendation. Once received, we will review the information and update this recommendation accordingly.
    Director: Clark, Cheryl E
    Phone: (202)512-3000

    2 open recommendations
    Recommendation: The Commission should direct the appropriate officials to establish and implement written procedures for conducting all physical inventory counts of equipment. These procedures, at a minimum, should outline the processes for (1) planning and executing the physical inventory count and (2) analyzing and documenting the results.

    Agency: American Battle Monuments Commission
    Status: Open

    Comments: During our audit of the American Battle Monuments Commission's (Commission) fiscal year 2011 financial statements, we found that the Commission had not performed independent physical inventory of equipment owned by the Commission at the various cemeteries across the world. We found that although the Commission had a policy to perform biennial physical inventory counts of all equipment over $500, this policy was not adhered to during fiscal year 2011. Further, the policy does not explain how to plan, execute, and analyze the results of an inventory count. As a result of this finding, we recommended that the Secretary of the Commission instruct the appropriate officials to establish and implement written procedures for conducting all physical inventory counts of equipment. These procedures, at a minimum, should outline the processes for (1) planning and executing the physical inventory count and (2) analyzing and documenting the results. During our fiscal year 2012 audit, we noted that the Commission did not have policies and procedures for performing an inventory of physical assets. During our fiscal year 2017 follow-up, the Commission informed us that they plan to implement procedures to address our recommendation. We will follow up on this open recommendation at a later date.
    Recommendation: The Commission should direct the appropriate officials to establish a mechanism to monitor implementation of existing Commission policy to perform biennial physical inventory counts of all items of equipment with an obligated balance of $500 or more.

    Agency: American Battle Monuments Commission
    Status: Open

    Comments: During our audit of the American Battle Monuments Commission's (Commission) fiscal year 2011 financial statements, we found that the Commission had not performed independent physical inventory of equipment owned by the Commission at the various cemeteries across the world. We found that although the Commission had a policy to perform biennial physical inventory counts of all equipment over $500, this policy was not adhered to during fiscal year 2011. As a result of this finding, we recommended that the Secretary of the Commission direct the appropriate officials to establish a mechanism to monitor implementation of existing Commission policy to perform biennial physical inventory counts of all items of equipment with an obligated balance of $500 or more. During our fiscal year 2012 audit, we found that although the Commission had performed a comparison of the equipment on hand to the data recorded in SharePoint (document management web application to share documents internally), an independent physical inventory was not performed. We determined that the Commission had not established a mechanism for performing an inventory of assets. During our fiscal year 2017 follow-up, the Commission informed us that they plan to implement procedures to address our recommendation. We will follow up on this open recommendation at a later date.
    Director: Cackley, Alicia P
    Phone: (202)512-8678

    2 open recommendations
    Recommendation: To help ensure effective and efficient use of federal financial literacy resources, the Secretary of the Treasury and the Director of the Consumer Financial Protection Bureau, in their capacity as Chair and Vice Chair of the Financial Literacy and Education Commission, and in concert with other agency representatives of the commission should identify for federal agencies and Congress options for consolidating federal financial literacy efforts into the activities and agencies that are best suited or most effective.

    Agency: Department of the Treasury
    Status: Open

    Comments: The Financial Literacy and Education Commission and its member agencies have taken actions to avoid potential duplication, but the Commission has not yet identified options for consolidating federal financial literacy efforts. The Commission has made significant progress in coordinating federal financial literacy programs. Moreover, the Commission and its committees have promoted collaborations that delineate appropriate roles among agencies. For example, in recent years, CFPB signed memorandums with several federal agencies clarifying respective roles in financial education for specific subpopulations, and the Commission led an initiative that sought to coordinate and avoid overlap in federal financial literacy research efforts. Such efforts have helped avoid duplication and inefficiency, which also is a key goal of consolidation. However, as of March 1, 2017, the Commission still has not specifically examined options for consolidation of federal financial literacy efforts. In August 2016, a representative of the commission told GAO it believes that identifying options for consolidation would be outside the commission's scope. GAO maintains that identifying options for consolidating federal financial literacy efforts is needed to help ensure the most efficient and effective use of resources.
    Recommendation: To help ensure effective and efficient use of federal financial literacy resources, the Secretary of the Treasury and the Director of the Consumer Financial Protection Bureau, in their capacity as Chair and Vice Chair of the Financial Literacy and Education Commission, and in concert with other agency representatives of the commission should revise the commission's national strategy to incorporate clear recommendations on the allocation of federal financial literacy resources across programs and agencies.

    Agency: Department of the Treasury
    Status: Open

    Comments: No executive action taken as of March 1, 2017. The Financial Literacy and Education Commission has not made clear recommendations on allocation of federal financial literacy resources. In November 2016, the Commission updated its national strategy. The update describes activities that the Commission and federal agencies have taken to advance financial literacy in the areas of policy, education, practice, research, and coordination, and identifies next steps in these areas. In addition, in a 2016 report describing its progress, the Commission states that it will consider whether actions are needed to streamline, improve, or augment federal financial literacy programs, grants, and materials. However, these reports do not specifically make recommendations on allocation of federal resources. Without a clear discussion of resource needs and where resources should be targeted, policymakers lack information to direct the strategy's implementation and help ensure efficient use of funds.
    Director: Clowers, Angela N
    Phone: (202) 512-8678

    2 open recommendations
    Recommendation: As SEC works to enhance its oversight of FINRA, the SEC Chairman should encourage FINRA to conduct retrospective reviews of its rules and establish a process for examining FINRA's reviews.

    Agency: United States Securities and Exchange Commission
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: As SEC works to enhance its oversight of FINRA, the SEC Chairman should direct Office of Compliance Inspections and Examinations (OCIE) to follow all elements of a risk-management framework as it develops plans for an enhanced risk-based approach to FINRA oversight, such as developing plans for how it will prioritize risks related to oversight of FINRA and assessing the effectiveness of its risk-based model.

    Agency: United States Securities and Exchange Commission
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: Mittal, Anu K
    Phone: (202) 512-3841

    1 open recommendations
    Recommendation: To ensure effective oversight of phosphate-mining operations and reclamation and cleanup, the Administrator of EPA should ensure that the agency complete its plan to assess whether corporate guarantees are an adequate financial mechanism, including giving due consideration to the experience of EPA Region 10 and BLM in using such assurances. If EPA determines that corporate guarantees are not an appropriate form of financial assurance, then their use should be prohibited in the financial assurance regulations that the agency expects to promulgate for the mining industry.

    Agency: Environmental Protection Agency
    Status: Open

    Comments: On January 11, 2017 EPA published proposed financial assurance regulations for the mining industry in the Federal Register. The proposal contains two alternative financial assurance provisions. The first alternative would prohibit the use of corporate guarantees and instead would require operators to obtain third-party financial assurance instruments. The second alternative would allow the use of corporate guarantees in conjunction with a financial test. EPA expects to finalize the rule in December 2017, at which time it will select one of the two alternatives.
    Director: Khan, Asif A
    Phone: (202) 512-3000

    4 open recommendations
    Recommendation: To help provide for the successful implementation of Army and Air Force ERPs, and to help ensure that DFAS users have the training needed, the Secretary of Defense should direct the Secretary of the Army to ensure that time lines are established and monitored for those issues identified by DFAS that are impacting their efficient and effective use of GFEBS.

    Agency: Department of Defense
    Status: Open

    Comments: In commenting on the draft report, DOD concurred with the recommendation and cited action(s) being taken by the Army to ensure that time lines are established and monitored for those issues identified by DFAS that are impacting their efficient and effective use of GFEBS. We have made attempts to follow up with Office of the Undersecretary of Defense (Comptroller) Acquisition Technology and Logistics officials to obtain documentation of actions taken and to determine whether the Army has taken sufficient action to address this recommendation. However, as of July 2017, we have not been able to obtain documentation that supports that this recommendation was addressed.
    Recommendation: To help provide for the successful implementation of Army and Air Force ERPs, and to help ensure that DFAS users have the training needed, the Secretary of Defense should direct the Secretary of the Air Force to ensure that time lines are established and monitored for those issues identified by DFAS that are impacting their efficient and effective use of DEAMS.

    Agency: Department of Defense
    Status: Open

    Comments: In commenting on the draft report, DOD concurred with the recommendation and cited action(s) being taken by the Air Force to ensure that time lines are established and monitored for those issues identified by DFAS that are impacting their efficient and effective use of DEAMS. We have made attempts to follow up with Office of the Undersecretary of Defense (Comptroller) Acquisition Technology and Logistics officials to obtain documentation of actions taken to determine whether the Army has taken sufficient action to address this recommendation. However, as of July 2017, we have not been able to obtain documentation that supports that this recommendation was addressed.
    Recommendation: To help provide for the successful implementation of Army and Air Force ERPs, and to help ensure that DFAS users have the training needed, the Secretary of Defense should direct the Secretary of the Army to improve training for GFEBS users by providing training on actual job processes in a manner that allows users to understand how the new processes support their job responsibilities and the work they are expected to perform.

    Agency: Department of Defense
    Status: Open

    Comments: In commenting on the draft report, DOD concurred with the recommendation and cited action(s) being taken by the Army to improve training for GFEBS users on actual job processes. We have made attempts to follow up with Office of the Undersecretary of Defense (Comptroller) Acquisition Technology and Logistics officials to obtain documentation of actions taken to determine whether the Army has taken sufficient action to address this recommendation. However, as of July 2017, we have not been able to obtain documentation that supports that this recommendation was addressed.
    Recommendation: To help provide for the successful implementation of Army and Air Force ERPs, and to help ensure that DFAS users have the training needed, the Secretary of Defense should direct the Secretary of the Air Force to improve training for DEAMS users by providing training on actual job processes in a manner that allows users to understand how the new processes support their job responsibilities and the work they are expected to perform.

    Agency: Department of Defense
    Status: Open

    Comments: In commenting on the draft report, DOD concurred with the recommendation and cited action(s) being taken by the Air Force to improve training for DEAMS users on actual job processes. We have made attempts to follow up with Office of the Undersecretary of Defense (Comptroller) Acquisition Technology and Logistics officials to obtain documentation of actions taken to determine whether the Army has taken sufficient action to address this recommendation. However, as of July 2017, we have not been able to obtain documentation that supports that this recommendation was addressed.
    Director: Khan, Asif A
    Phone: (202)512-9869

    3 open recommendations
    Recommendation: To improve the development, implementation, documentation, and oversight of the department's financial management improvement efforts, and to ensure that the Air Force develops and implements its Financial Improvement Plan in accordance with the FIAR Guidance, the Secretary of Defense should direct the Secretary of the Air Force to ensure that the Air Force's Financial Improvement Plans include documentation that the Air Force performed a reconciliation of the complete population of transactions for an assessable unit to the relevant general ledger(s) and to the amount(s) reported in the financial statements, including researching and resolving reconciling items.

    Agency: Department of Defense
    Status: Open

    Comments: The Department of Defense (DOD) concurred with this recommendation. In November 2015, an independent public accountant (IPA) issued a disclaimer of opinion in connection with its audit of Air Force's fiscal year 2015 General Fund Schedule of Budgetary Activity (SBA) because Air Force was unable to provide sufficient audit evidence to provide a basis for an audit opinion. In addition, the IPA specifically identified Air force's inability to validate the completeness of transactions underlying the SBA as one of three material weaknesses in internal controls over financial reporting. We followed up with DOD officials in August 2017 and have not been able to obtain documentation indicating that actions were taken to address this recommendation. As a result, this recommendation remains open.
    Recommendation: To improve the development, implementation, documentation, and oversight of the department's financial management improvement efforts, and to improve DOD's monitoring and oversight of FIP activities, the Secretary of Defense should direct the Secretary of the Navy to ensure that all responsible parties within the Navy, including the Assistant Secretary of the Navy (Financial Management and Comptroller), carry out their responsibilities for ensuring that FIP development and implementation complies with the FIAR Guidance and that the FIP contains sufficient information to indicate audit readiness before it is signed.

    Agency: Department of Defense
    Status: Open

    Comments: The Department of Defense (DOD) concurred with this recommendation. In February 2016, an independent public accountant (IPA) issued a disclaimer of opinion in connection with its audit of Navy's fiscal year 2015 General Fund Schedule of Budgetary Activity because Navy was unable to provide sufficient audit evidence regarding its completeness and accuracy. In addition, the IPA identified three material weaknesses in internal control over financial reporting such that there is a reasonable possibility that a material misstatement of its financial statements will not be prevented, or detected and corrected, on a timely basis. Ensuring the completeness and accuracy of financial reports are key elements of the FIAR Guidance. We followed up with DOD officials in August 2017 and have not been able to obtain documentation indicating that actions were taken to address this recommendation. As a result, this recommendation remains open.
    Recommendation: To improve the development, implementation, documentation, and oversight of the department's financial management improvement efforts, and to improve DOD's monitoring and oversight of FIP activities, the Secretary of Defense should direct the Secretary of the Air Force to ensure that all responsible parties within the Air Force, including the Assistant Secretary of the Air Force (Financial Management and Comptroller) carry out their responsibilities for ensuring that FIP development and implementation complies with the FIAR Guidance and that the FIP contains sufficient information to indicate audit readiness before it is signed.

    Agency: Department of Defense
    Status: Open

    Comments: The Department of Defense (DOD) concurred with this recommendation. In November 2016, an independent public accountant (IPA) issued a disclaimer of opinion in connection with its audit of Air Force's fiscal year 2015 General Fund Schedule of Budgetary Activity (SBA) because Air Force was unable to provide sufficient audit evidence to provide a basis for an audit opinion. In addition, the IPA identified three material weaknesses in internal control over financial reporting such that there is a reasonable possibility that a material misstatement of its financial statements will not be prevented, or detected and corrected, on a timely basis. Ensuring the completeness and accuracy of financial reports are key elements of the DOD FIAR Guidance. We followed up with DOD officials in August 2017 and have not been able to obtain documentation of actions taken to address this recommendation. As a result, this recommendation remains open.
    Director: Clark, Cheryl E
    Phone: (202)512-3000

    7 open recommendations
    Recommendation: The Secretary of the Commission should instruct the Director of Finance at Commission headquarters to monitor monthly cash reconciliations for all Fund Balance with Treasury accounts Commissionwide to ensure their completeness and accuracy.

    Agency: American Battle Monuments Commission
    Status: Open

    Comments: During fiscal year 2012, the Commission contracted with the Interior Business Center (IBC) to perform its monthly cash reconciliations with Treasury. During our testing, we found that IBC effectively reconciled cash on hand to Treasury records. However, we found that ABMC did not effectively monitor IBC's reconciliations. Specifically, ABMC did not document its review of the FMS-224 and Fund Balance with Treasury reconciliations performed by IBC. To fully address this recommendation, ABMC needs to document its review of the IBC prepared reconciliations to ensure they are accurate and complete. During fiscal year 2017, the Commission informed us that they plan to develop and implement corrective actions to address our recommendation. Therefore, we will follow up on this open recommendation at a later date.
    Recommendation: The Secretary of the Commission should instruct the Director of Human Resources and Administration at Commission headquarters to maintain a consolidated Active Contracts List, or require the Paris Overseas Office to maintain a separate list, with information on each contract including the name of the contact person; the status of work completed; whether retainage amounts had been paid; and whether any amounts were pending due to disagreements on work performed.

    Agency: American Battle Monuments Commission
    Status: Open

    Comments: During our fiscal year 2012 audit, although the Commission provided GAO with active contract lists, we determined that these lists were not consolidated nor were they adequately maintained by the director of Engineering. We also continued to find instances where the Commission did not properly close contracts and deobligate funds. In addition, the Commission could not identify any specific actions taken to address this recommendation. During our fiscal year 2017 follow-up, the Commission informed us that they plan to implement an automated procurement system that will meet the intent of our recommendation. Therefore, we will follow up on this open recommendation at a later date.
    Recommendation: The Secretary of the Commission should instruct the Director of Human Resources and Administration at Commission headquarters to ensure that the Active Contracts List is reconciled to contracts on the undelivered orders report produced by the Commission's accounting system.

    Agency: American Battle Monuments Commission
    Status: Open

    Comments: During our fiscal year 2012 audit, we found that the Headquarters active contracts list had not been reconciled to the undelivered orders account. In addition, we concluded that these lists were not adequately maintained. We also continued to find instances where the Commission did not properly close contracts and deobligate funds. In addition, the Commission could not identify any specific actions taken to address this recommendation. During our fiscal year 2017 follow-up, the Commission informed us that they plan to develop and implement procurement-related standard operating procedures to address our recommendation. Therefore, we will follow-up on this recommendation at a later date.
    Recommendation: The Secretary of the Commission should instruct the Director of Finance at Commission headquarters to follow existing budgetary procedures to ensure that contracts are officially agreed to and executed as of or before the date of obligation.

    Agency: American Battle Monuments Commission
    Status: Open

    Comments: During our fiscal year 2011 audit of the American Battle Monuments Commission's financial statements, the Commission informed us that this recommendation was implemented with FMS and that ABMC now follows commitment accounting which prevents contracts from being signed before funds are reserved. During our 2012 testing we continued to monitor and we found no related issues. However, the Commission was unable to provide documentation or support for the corrective action instituted with FMS. During our fiscal year 2017 follow-up, the Commission informed us that they plan to implement an automated procurement system that will meet the intent of our recommendation. Therefore, we will follow up on this open recommendation at a later date.
    Recommendation: The Secretary of the Commission should instruct the Director of Human Resources at the Commission's Paris Overseas Office to follow existing policy to prepare, approve, and file current forms to support pay changes in foreign employee's official personnel file.

    Agency: American Battle Monuments Commission
    Status: Open

    Comments: During our fiscal year 2012 audit, we tested a sample of payroll transactions and found that not all personnel files contained accurate forms to support current payroll information. In one sample, the ABM-87 was not approved by a Director or designee. In another sample, the salary for the grade and step did not match that of the employee's local compensation plan. In a third sample, the employee's salary was not updated for a General Schedule step increase until almost a year later. During our fiscal year 2017 follow-up, the Commission informed us that they plan to implement an automated HR system that will meet the intent of our recommendation. Therefore, we will follow up on this open recommendation at a later date
    Recommendation: The Secretary of the Commission should instruct the Director of Human Resources at the Commission's Paris Overseas Office to establish a consistent policy for Paris and Rome offices to support changes in employee's official personnel files by using an SF-50, Notification of Personnel Action, for all employees.

    Agency: American Battle Monuments Commission
    Status: Open

    Comments: During fiscal year 2012, we determined that the Commission's policy is to use two forms for payroll actions. The headquarters office processes SF-50s for General Schedule (GS) employees and the Paris office uses SF-50s for GS employees and ABM-87s for foreign employees. We did not find any exception with this policy as the SF-50 is a required form for processing payroll actions for GS employees and the ABM 87 is a standard form for processing payroll actions for foreign employees. However, this policy is not documented. To clarify the intent of this recommendation, which is for the Commission to be consistent in processing payroll actions, we issued a subsequent recommendation that calls for the Commission to direct appropriate officials to establish written policies and procedures outlining the key tasks, roles, and responsibilities of both the Human Resources Directorate and the Finance Directorate, including a formal mechanism for communicating all decisions and actions related to processing payroll for foreign employees. This would include the processing of payroll actions. During our fiscal year 2017 follow-up, the Commission informed us that training was provided to employees in the proper production of personnel documentation, however, no policy was provided. Therefore, we will follow up on this open recommendation at a later date.
    Recommendation: The Secretary of the Commission should instruct the Finance Directorate's Finance Officer at the Commission's Paris Overseas Office to modify existing accounting procedures to instruct Finance Directorate personnel to enter the date on the invoice into the accounting system.

    Agency: American Battle Monuments Commission
    Status: Open

    Comments: During our audit of the American Battle Monuments Commission's (the Commission) fiscal year 2010 financial statements, we found that Commission controls were not always effective in ensuring that the receipt and acceptance of goods and services were properly authorized and that invoice dates were accounted for in a consistent manner. The Commission informed us that all Finance personnel were instructed to enter both the invoice receipt date and the invoice date when processing invoices for payment. However, during our fiscal year 2012 audit, we found that the date on the invoice was not consistently entered into the accounting system. For example, we found inconsistencies with the invoice receipt date being entered into the accounting system as either the date the goods were received, the date the invoice was received, or the date the invoice was being entered into the financial system. In addition, we could not verify whether current accounting procedures included this requirement. During our fiscal year 2017 follow-up, the Commission informed us that the invoice date entered in Oracle is taken directly from the invoice approval stamp, however, the Commission was not able to provide a policy, procedures, or statement of work supporting the actions taken. We contacted the agency to ask for further information but no response was received within the established deadline for us to conduct our follow up. Therefore, we will follow up on this recommendation at a later date.
    Director: Grover, Jennifer A
    Phone: (202) 512-7141

    3 open recommendations
    including 1 priority recommendation
    Recommendation: To identify effective and cost-efficient methods for meeting TWIC program objectives, and assist in determining whether the benefits of continuing to implement and operate the TWIC program in its present form and planned use with readers surpass the costs, the Secretary of Homeland Security should perform an internal control assessment of the TWIC program by (1) analyzing existing controls, (2) identifying related weaknesses and risks, and (3) determining cost-effective actions needed to correct or compensate for those weaknesses so that reasonable assurance of meeting TWIC program objectives can be achieved. This assessment should consider weaknesses we identified in this report among other things, and include: (1) strengthening the TWIC program's controls for preventing and detecting identity fraud, such as requiring certain biographic information from applicants and confirming the information to the extent needed to positively identify the individual, or implementing alternative mechanisms to positively identify individuals; (2) defining the term extensive criminal history for use in the adjudication process and ensuring that adjudicators follow a clearly defined and consistently applied process, with clear criteria, in considering the approval or denial of a TWIC for individuals with extensive criminal convictions not defined as permanent or interim disqualifying offenses; and (3) identifying mechanisms for detecting whether TWIC holders continue to meet TWIC disqualifying criminal offense and immigration-related eligibility requirements after TWIC issuance to prevent unqualified individuals from retaining and using authentic TWICs.

    Agency: Department of Homeland Security
    Status: Open

    Comments: We reported that internal control weaknesses governing the enrollment, background checking, and use of TWIC potentially limit the program's ability to provide reasonable assurance that access to secure areas of MTSA-regulated facilities is restricted to qualified individuals. We further reported that TSA did not assess the internal controls designed and in place to determine whether they provided reasonable assurance that the program could meet defined mission needs for limiting access to only qualified individuals, and that internal control weaknesses in TWIC enrollment, background checking, and use could have contributed to the breach of selected MTSA-regulated facilities during covert tests conducted by our investigators. We recommended that DHS perform an internal control assessment of the TWIC program by (1) analyzing existing controls, (2) identifying related weaknesses and risks, and (3) determining cost-effective actions needed to correct or compensate for those weaknesses so that reasonable assurance of meeting TWIC program objectives can be achieved. In April 2013, DHS reported that it had taken a number of steps to address our recommendations. For example, it had refreshed and reissued fraudulent document detection training to enrollment personnel; created a mechanism for enrollment personnel to send detailed information of suspected fraud to adjudication personnel; benchmarked TWIC enrollment processes with passport enrollment processes; and defined guidance for adjudicators on the application of discretionary authority. As we reported in May 2013, to determine if the internal control weaknesses identified in our May 2011 report still exist, we conducted limited covert testing in late 2012. Our investigators again acquired an authentic TWIC through fraudulent means and were able to use this card and counterfeit TWIC cards to access areas of ports or port facilities requiring a TWIC for entry at four ports. In February 2014, TSA reported that it, in coordination with Coast Guard and DHS subject matter experts, had established an Executive Steering Committee to address recommendations from the May 2011 report on the TWIC program's internal controls (GAO-11-657). GAO recommended that the internal control assessment be the basis of the effectiveness assessment. In response, the Executive Steering Committee developed an internal control action plan that lists TWIC program control issues GAO identified, along with actions that TSA and the Coast Guard would or would not take to address them. However, based on our review of the internal control action plan and associated documents, and further discussing with TSA officials the methodology used to arrive at the internal control action plan, we determined that the internal control assessment we recommended has not been implemented. Specifically, there is no evidence of a detailed mapping of each policy and process in the program, their interrelationships, and clear linkage to show how actions in one step may enhance or reduce the effectiveness of the TWIC program achieving its stated mission needs. In January 2017 TSA awarded a contract for an internal control assessment of the TWIC program, including the TWIC program?s internal controls of the enrollment, background checking, and credential issuance processes. The assessment, however, is to exclude an assessment of Coast Guard?s role in TWIC enforcement. The project held a kickoff meeting in March of 2017 and is expected to produce final recommendations by August 2017. We believe that this is a positive step towards addressing our recommendation. However, the assessment does not include an evaluation of the use of TWIC, including Coast Guard's role in TWIC enforcement. We continue to believe that the internal control assessment inclusive of TWIC use and the interrelationship between acquiring a TWIC and using it in the maritime environment is needed. For the reasons noted above, this recommendation remains open.
    Recommendation: To identify effective and cost-efficient methods for meeting TWIC program objectives, and assist in determining whether the benefits of continuing to implement and operate the TWIC program in its present form and planned use with readers surpass the costs, the Secretary of Homeland Security should conduct an effectiveness assessment that includes addressing internal control weaknesses and, at a minimum, evaluates whether use of TWIC in its present form and planned use with readers would enhance the posture of security beyond efforts already in place given costs and program risks.

    Agency: Department of Homeland Security
    Status: Open
    Priority recommendation

    Comments: We reported that DHS had not assessed the program's effectiveness at enhancing security. We recommended that DHS conduct an effectiveness assessment that includes addressing internal control weaknesses and, at a minimum, evaluates whether use of TWIC in its present form and planned use with readers would enhance the posture of security beyond efforts already in place given costs and program risks. In March 2012, DHS reported that it agreed that the results and progress of the internal control actions should be used to further evaluate the effectiveness of the TWIC program. They further noted that as the different long term actions progress, DHS will develop specific plans to address this action. In May 2013 (see GAO-13-198), we reported that DHS had not addressed this recommendation. On January 17, 2014, the explanatory statement accompanying the Consolidated Appropriations Act, 2014, directed DHS to complete the assessment that we recommended within 90 days after enactment (April 17, 2014). In February 2014, TSA reported that it, in coordination with Coast Guard and DHS subject matter experts, had established an Executive Steering Committee to address recommendations from the May 2011 report on the TWIC program's internal controls (GAO-11-657). GAO recommended that the internal control assessment be the basis of the effectiveness assessment. In response, the Executive Steering Committee developed an internal control action plan that lists TWIC program control issues GAO identified, along with actions that TSA and the Coast Guard would or would not take to address them. However, based on our review of the internal control action plan and associated documents, and further discussing with TSA officials the methodology used to arrive at the internal control action plan, we determined that the internal control assessment we recommended has not been implemented. Specifically, there is no evidence of a detailed mapping of each policy and process in the program, their interrelationships, and clear linkage to show how actions in one step may enhance or reduce the effectiveness of the TWIC program achieving its stated mission needs. As of March 2017, the internal control assessment we recommended as the basis for initiating the effectiveness assessment had not been completed. However, on January 15, 2016, Coast Guard reported that it had completed its effectiveness assessment. Specifically, DHS completed an effectiveness assessment titled "Security Assessment of the Transportation Worker Identification Credential and Readers." However, the effectiveness assessment did not substantively address the risk concerns identified in our report. For example, the effectiveness assessment lacked the internal control assessment we deem to be the critical first step for fully understanding the TWIC program's controls, costs, and risks. Further, while the effectiveness assessment presented a comparison of alternative credentialing approaches, the assessment did not fully consider, as discussed in our 2011 and 2013 reports, an approach wherein federal security threat assessments could be leveraged in concert with site-specific credentials. The analysis did consider the benefits of updating the TWIC credential to new federal credentialing standards. However, absent from the analysis is a risk-informed basis for disallowing site-specific credentials. While TWIC credentials are developed based on standards aligned with those used by federal entities, each federal entity continues to use site-specific credentials that have varying appearances, rather than a single credential for granting access to all federal entities. This is important, especially because Coast Guard's risk assessment does not include an evaluation of the security benefits and shortfalls that a single credential used nation-wide provide. Absent effectiveness assessment that meets the intent of our recommendation, this recommendation remains open.
    Recommendation: To identify effective and cost-efficient methods for meeting TWIC program objectives, and assist in determining whether the benefits of continuing to implement and operate the TWIC program in its present form and planned use with readers surpass the costs, the Secretary of Homeland Security should use the information from the internal control and effectiveness assessments as the basis for evaluating the costs, benefits, security risks, and corrective actions needed to implement the TWIC program in a manner that will meet stated mission needs and mitigate existing security risks as part of conducting the regulatory analysis on implementing a new regulation on the use of TWIC with biometric card readers.

    Agency: Department of Homeland Security
    Status: Open

    Comments: We reported that prior to issuing the regulation on implementing the use of TWIC as a flashpass, DHS conducted a regulatory analysis, which asserted that TWIC would increase security. The analysis included an evaluation of the costs and benefits related to implementing TWIC. We further reported that as a proposed regulation on the use of TWIC with biometric card readers is under development, DHS is to issue a new regulatory analysis. Conducting a regulatory analysis using the information from the internal control and effectiveness assessments as the basis for evaluating the costs, benefits, security risks, and needed corrective actions could better inform and enhance the reliability of the new regulatory analysis. Moreover, these actions could help DHS identify and assess the full costs and benefits of implementing the TWIC program in a manner that will meet stated mission needs and mitigate existing security risks, and help ensure that the TWIC program is more effective and cost-efficient than existing measures or alternatives at enhancing maritime security. We therefore recommended that DHS use the information from the internal control and effectiveness assessments we recommended as the basis for evaluating the costs, benefits, security risks, and corrective actions needed to implement the TWIC program in a manner that will meet stated mission needs and mitigate existing security risks as part of conducting the regulatory analysis on implementing a new regulation on the use of TWIC with biometric card readers. In March 2012, DHS reported that upon completion of the internal control and effectiveness assessments, DHS will evaluate the results to determine any subsequent actions, and that any applicable data or risks will be communicated to the Coast Guard for consideration during their regulatory analysis. However, DHS has not implemented the internal control assessment we recommended, which is to be the basis for the effectiveness assessment and addressing this recommendation. Further, the January 15, 2016 effectiveness assessment titled "Security Assessment of the Transportation Worker Identification Credential and Readers" did not substantively address the risk concerns identified in our report. Given shortfalls that remain in addressing our internal control assessment and effectiveness assessment recommendations, this recommendation remains open pending DHS taking corrective actions. As of March 2017, no further action has been taken.
    Director: Khan, Asif A
    Phone: (202)512-3000

    1 open recommendations
    Recommendation: The Secretary of Defense should direct the military department Chief Management Officers, in consultation with the Under Secretary of Defense (Comptroller) and the Under Secretary of Defense for Acquisition, Technology, and Logistics, as appropriate, after defining the cost accounting requirements, to utilize the requirements as input to the ERPs to help ensure that the ERPs will provide the capability to identify and aggregate cost information for the department's assets in accordance with DOD's defined requirements.

    Agency: Department of Defense
    Status: Open

    Comments: DOD's military departments are in the process of implementing Enterprise Resource Planning (ERPs). At least one of these ERPs does not currently include cost accumulation and reporting for military equipment assets. DOD's FIAR plan efforts, which, according to officials, include systems enhancements are still on-going to address this recommendation. The status of this recommendation is open.
    Director: Clark, Cheryl E
    Phone: (202)512-9377

    2 open recommendations
    Recommendation: The Director of Personnel and Administration at Commission headquarters should follow established policies and procedures in taking action to conduct a review of contracts and purchase orders outstanding for completeness, accuracy, and proper dates.

    Agency: American Battle Monuments Commission: Human Resources and Administration Director
    Status: Open

    Comments: In response to this recommendation, the Commission stated that it completed such a review in fiscal year 2009 and made corrections as to how the Commission issues contracts and purchase orders. In addition, the Commission hired a consultant, a retired Federal Government Contracting Officer, to assist with contracting activities and to help draft and implement the Commission's policies and procedures. During our fiscal year 2010 audit, we found errors in relation to the Commission's contracts and found that Headquarter's Active Contracts List for contracts over $100,000 was not up to date. We found 3 out of 20 expenditures we tested that were obligated before there was a signed contract. During our fiscal year 2011 audit, we found that the Headquarter's Active Contracts List for contracts over $100,000 was not being kept up to date and reconciled to the undelivered orders account. During our fiscal year 2012 audit, we found there were no policies and procedures for processing engineering contracts. We were informed by the Commission that they were in the process of documenting policies and procedures for the entire contracting process. We also found there were no documented policies and procedures for reviewing year end open obligations and accounts payable to verify the accuracy and validity of year end balances. Additionally, there was no documented review of accounts payable or open obligations performed at year-end for all the open contracts. As a result, we found errors in year-end aged vendor liability reports and open purchase orders that no longer represented valid obligations and should have been deobligated. During our fiscal year 2017 follow-up, the Commission informed us that they plan to establish procurement-related policies and procedures to address our recommendation. We will follow up on this open recommendation at a later date.
    Recommendation: The Director of Personnel and Administration at Commission headquarters should follow established policies and procedures in taking action to coordinate procurement activity with finance personnel to ensure accurate and compliant obligation of funding of procurements, including proper application of multiyear contract terms.

    Agency: American Battle Monuments Commission: Human Resources and Administration Director
    Status: Open

    Comments: In response to this recommendation, the Commission stated that acquisition personnel would ensure coordination with finance personnel to be certain that accurate and compliant obligation of funding of procurements, including proper application of multi-year contract terms. During our fiscal year 2010 and 2011 audits, we found errors in relation to the Commission's contracts and determined improvements were still needed in the oversight of contracts. During our fiscal year 2012 audit, we found there were no policies and procedures for processing engineering contracts. We were informed by the Commission that they were in the process of documenting policies and procedures for the entire contracting process. We also found there were no documented policies and procedures for reviewing year end open obligations and accounts payable to verify the accuracy and validity of year end balances. Additionally, there was no documented review of accounts payable or open obligations performed at year-end for all the open contracts. As a result, we found errors in year-end aged vendor liability reports and open purchase orders that no longer represented valid obligations and should have been deobligated. During our fiscal year 2017 follow-up, the Commission informed us that they plan to establish procurement-related policies and procedures to address our recommendation. We will follow up on this open recommendation at a later date.
    Director: Khan, Asif A
    Phone: (202)512-3000

    4 open recommendations
    Recommendation: The Secretary of Defense should direct the Under Secretary of Defense (Comptroller), in coordination with the military service secretaries (as appropriate), to revise the Army procedures to include specific steps required to retain documentation of the activities performed and related results.

    Agency: Department of Defense
    Status: Open

    Comments: In commenting on the draft report, DOD concurred with the recommendation and cited actions in process to revise its Financial Management Regulation (FMR). In 2016, the Office of the Under Secretary of Defense (Comptroller) (OUSD(C)) stated that the Components provided comments and edits to the draft Chapter 23. The comments were more detailed than projected and require extensive research to verify. However, it is not clear whether this action will provide sufficient Army-specific procedural requirements. As of August 2017, we have not been able to obtain supporting documentation to assess whether the recommendation was implemented.
    Recommendation: The Secretary of Defense should direct the Under Secretary of Defense (Comptroller), in coordination with the military service secretaries (as appropriate), to revise the Marine Corps and Air Force procedures to include specific steps required to validate data in the OCO report including reconciliations and retain documentation of the activities performed and related results.

    Agency: Department of Defense
    Status: Open

    Comments: In commenting on the draft report, DOD concurred with the recommendation and cited actions in process to revise its Financial Management Regulation (FMR). In 2016, the Office of the Under Secretary of Defense (Comptroller) (OUSD(C)) stated that the Components provided comments and edits to the draft Chapter 23. The comments were more detailed than projected and require extensive research to verify. However, it is not clear whether this action will provide sufficient Marine Corps and Air Force-specific procedural requirements. As of August 2017, we have not been able to obtain supporting documentation to assess whether the recommendation was implemented.
    Recommendation: The Secretary of Defense should direct the Under Secretary of Defense (Comptroller), in coordination with the military service secretaries (as appropriate), to establish Navy procedures to include specific steps required to validate data in the OCO report including variance analysis and reconciliations, and retain documentation of the activities performed and related results.

    Agency: Department of Defense
    Status: Open

    Comments: In commenting on the draft report, DOD concurred with the recommendation and cited actions in process to revise its Financial Management Regulation (FMR). In 2016, the Office of the Under Secretary of Defense (Comptroller) (OUSD(C)) stated that the Components provided comments and edits to the draft Chapter 23. The comments were more detailed than projected and require extensive research to verify. However, it is not clear whether this action will provide sufficient Navy-specific procedural requirements. As of August 2017, we have not been able to obtain supporting documentation to assess whether the recommendation was implemented.
    Recommendation: The Secretary of Defense should direct the Under Secretary of Defense (Comptroller), in coordination with the military service secretaries (as appropriate), to revise DOD requirements in FMR 7000.14-R, Volume 12, Chapter 23, Contingency Operations, to provide clear, detailed guidance on (1) conducting reconciliations and other validations and (2) documenting military service-level reviews and DOD Comptroller-level reviews.

    Agency: Department of Defense
    Status: Open

    Comments: In commenting on the draft report, DOD concurred with the recommendation and cited actions in process to revise its Financial Management Regulation (FMR). In 2016, the Office of the Under Secretary of Defense (Comptroller) (OUSD(C)) stated that the Components provided comments and edits to the draft Chapter 23. The comments were more detailed than projected and require extensive research to verify. As of August 2017, we have not been able to obtain supporting documentation to assess whether the recommendation was implemented.
    Director: Clark, Cheryl E
    Phone: (202)512-9377

    1 open recommendations
    Recommendation: The Finance Officer at the Commission's European Regional (ER) office should instruct and monitor approving officials to ensure that expenditure transactions are dated when goods and services are received and approved before payments are processed.

    Agency: American Battle Monuments Commission: European Regional Office
    Status: Open

    Comments: During our fiscal years 2009, 2010, and 2011 financial statement audits, we continued to find expenditure transactions being processed prior to the goods or services being received and approved for payment. During our fiscal year 2012 audit, the Commission informed us that since the transition to a new financial management system in August 2011, all receiving is conducted in the iProcurement system (part of the Oracle accounting system) and must be complete before an invoice is processed for payment in Oracle. Although we found that invoices were approved before payment, we continued to find instances where the invoices were not dated and/or signed when goods or invoices were received. During fiscal year 2017, the Commission informed us that they developed a related policy to address our recommendation. However, the Commission has not provided documentation or an explanation of the controls used by management for monitoring (i.e. evaluating or reviewing) the effective implementation of the procedures established related to this recommendation. Therefore, we will continue to follow up on this open recommendation with the Commission at a later date.
    Director: Engel, Gary T
    Phone: (202)512-8815

    1 open recommendations
    including 1 priority recommendation
    Recommendation: The Secretary of the Treasury should direct the Fiscal Assistant Secretary, in coordination with the Controller of OMB's Office of Federal Financial Management, to develop and implement effective processes for monitoring and assessing the effectiveness of internal control over the processes used to prepare the CFS.

    Agency: Department of the Treasury
    Status: Open
    Priority recommendation

    Comments: As of the completion of our fiscal year 2016 consolidated financial statements (CFS) audit, Treasury and OMB agreed that this recommendation remained open. Treasury designed and implemented an OMB Circular No. A-123 internal control review for the CFS compilation processes. In fiscal year 2017, Treasury plans to use the internal control review to support its assessment on the effectiveness of internal controls over the processes used to prepare the CFS. We will follow-up on progress made by Treasury and OMB as part of our fiscal year 2017 CFS audit, which is ongoing as of March 2017.
    Director: Engel, Gary T
    Phone: (202)512-8815

    1 open recommendations
    including 1 priority recommendation
    Recommendation: The Secretary of the Treasury should direct the Fiscal Assistant Secretary, working in coordination with the Controller of OMB's Office of Federal Financial Management, to establish effective processes and procedures to ensure that appropriate information regarding litigation and claims is included in the governmentwide legal representation letter.

    Agency: Department of the Treasury
    Status: Open
    Priority recommendation

    Comments: As of the completion of our fiscal year 2016 consolidated financial statements (CFS) audit, Treasury and OMB agreed that this recommendation remained open. Treasury and OMB plan to leverage the existing schedules to the legal representation letters to perform analytics on the items below the threshold to determine the materiality at the aggregate level. We will follow-up on progress made by Treasury and OMB as part of our fiscal year 2017 CFS audit, which is ongoing as of March 2017.
    Director: Aronovitz, Leslie G
    Phone: (312)220-7767

    1 open recommendations
    Recommendation: The Administrator of CMS should require the PSCs to develop thresholds for unexplained increases in billing--and use them to develop automated prepayment controls as one component of their manual medical review strategies.

    Agency: Department of Health and Human Services: Centers for Medicare and Medicaid Services
    Status: Open

    Comments: Despite progress in identifying potentially improper groups of claims by provider, CMS has not developed thresholds for unexplained increases in billing by providers and used them to develop automated prepayment controls, as GAO recommended in January 2007. CMS took action in July 2011 to improve Medicare payment accuracy by introducing predictive analytics to help identify patterns of potentially improper claims and has some other prepayment controls in place. Specifically, the Small Business Jobs Act of 2010 requires CMS to use predictive modeling and other analytic techniques?known as predictive analytic technologies?to identify improper claims and prevent improper payments under the Medicare fee-for-service program. CMS is streaming every Medicare fee-for-service claim through a predictive modeling technology system, known as the Fraud Prevention System (FPS), prior to payment. The FPS uses a series of algorithms to identify potentially fraudulent claims. As each claim streams through the FPS, the system builds profiles of providers, networks, and billing patterns. Using these profiles, CMS estimates a claim's likelihood of being fraudulent and prioritizes providers with the most suspicious groups of claims for further investigation. CMS also has other prepayment controls in place, for example, to identify duplicate billing. As of December 2015, CMS did have algorithms in FPS to flag providers with unexpected increases in billings for investigation. CMS also instituted prepayment controls that can deny a claim before payment, however these controls are related to Medicare coverage requirements and do not address the issue of large increases in provider billing. Prepayment controls can suspend claims processing or deny claims before claims are paid, which would provide a greater assurance that Medicare funds are not going to potentially fraudulent providers. As of August 2016, HHS officials reported that they have not implemented this recommendation. GAO considers it to be open. We will update the status of this recommendation when we receive additional information.
    Director: Ragland, Susan
    Phone: (202)512-9471

    1 open recommendations
    Recommendation: The Secretary of the Interior should direct the Deputy Assistant Secretary for Insular Affairs to develop a framework for OIA employees to use in conducting site visits to help ensure objectives are achieved, to assure that relevant information is shared with responsible officials, and to allow more efficient and effective monitoring of issues.

    Agency: Department of the Interior
    Status: Open

    Comments: On May 24, 2017, the Department of Interior (DOI) sent out an email to its staff showing the dissemination of the new format required for completing trip reports by the staff of the Office of Insular Affairs (OIA). The new format requires staff to include travel justification (i.e., purpose/objective, location, and travel period) and trip report (i.e., meetings, site visits, results, and next steps, as applicable.) The intent of the recommendation is for DOI to have a framework that includes (1) status of required single audit reports; (2) the progress of actions to resolve reported internal control weaknesses; and (3) current needs for technical assistance, capacity building, and staff level expertise. Further, the intent of GAO's recommendation is that this information be integrated into a comprehensive monitoring process. We did not see these elements included in DOI's new format. We will continue to monitor the agency's actions to address this recommendation.
    Director: Daly, Kay L
    Phone: 2025124063

    1 open recommendations
    Recommendation: To better understand the relationship of costs and revenues related to fees SSA collects for administering state SSI supplementation programs, the Commissioner of SSA should direct appropriate officials to study those costs to determine the full cost, including the cost of services provided by other entities for the benefit of SSA.

    Agency: Social Security Administration
    Status: Open

    Comments: SSA is continuing with the roll out of the Employee Office Sampler to all field offices across the nation. According to SSA, this tool removes the manual aspect of the District Office Work Sampling process. A decision was made by SSA to update the Standard Time Values (STVs) used for costing out the full cost SSA incurs for processing state Social Security Insurance claims. SSA stated that it completed these studies in fiscal year 2012 and placed the new STVs into its Cost Analysis System for use in fiscal year 2013. According to SSA, this update allows SSA to more accurately capture the full cost of this work for the agency. In December 2016, SSA stated that it has completed the roll out of the Employee Office Sampler (EOS) to the field offices in the fourth quarter of fiscal year 2016. The Office of Financial Policy and Operations is currently working on a proposal for the IT Investment Process (ITIP) to roll out the EOS to the remaining operational components, targeted for early 2017.
    Director: Daly, Kay L
    Phone: 2025166906

    1 open recommendations
    Recommendation: To help further the progress toward meeting the goals of IPIA and determining states' role in assisting federal agencies to report a national improper payment estimate on federal programs, the Director, Office of Management and Budget, should expand IPIA guidance to provide criteria that federal agencies should consider when developing a plan or methodology for estimating a national improper payment estimate for state-administered programs, such as criteria that address the nature and extent of data and documentation needed from the states to calculate a national improper payment estimate.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: On August 10, 2006, OMB issued its revised guidance to implement the Improper Payments Information Act of 2002 (IPIA)--OMB Circular No. A-123, Appendix C "Requirements for Effective Measurement and Remediation of Improper Payments." OMB expanded its guidance to define federally funded state-administered programs and provided that federal agencies, upon the approval of OMB, could implement alternative methodologies for generating a national improper payment estimate for state-administered programs such as a systematic selection of States each year. The IPIA guidance provides that as part of the justification for using an alternative methodology, the federal agency must include a description of the States selected each year, the methodology for generating annual national estimates, and basis for using an alternative approach rather than the required methodology to calculate the national estimate based on a random statistical sample. While this revision, if fully and effectively implemented, may improve OMB's ability to carry out its oversight responsibilities with respect to determining appropriate methodologies to be employed in generating a program's improper payment estimate, these revisions did not include criteria that agencies should consider in developing plans or methodologies for estimating a national improper payment estimate for state-administered programs--the essence of our recommendation. In fiscal year 2017, we sent a follow inquiry to the OMB to get an update of actions it has taken to address this recommendation. As of August 24, 2017, no updated information has been provided by the OMB. We will continue to monitor the status of this recommendation.
    Director: Daly, Kay L
    Phone: 2025124063

    2 open recommendations
    Recommendation: To help ensure that Transportation components implement reliable cost accounting methodologies for use in managerial decision making in accordance with departmental objectives, the Secretary of Transportation should direct appropriate department officials to finalize and issue a policy for implementing MCA departmentwide.

    Agency: Department of Transportation
    Status: Open

    Comments: Transportation initiated a major, multi-year department-wide program to re-engineer their financial processes, including cost accounting. Because of the complexity of cost accounting and the complications of the next release of their financial software, Transportation has told us that cost accounting is scheduled as a future process to be reviewed. As a result, Transportation has not yet implemented this recommendation to finalize and issue a policy for implementing MCA departmentwide.
    Recommendation: To help ensure that Transportation components implement reliable cost accounting methodologies for use in managerial decision making in accordance with departmental objectives, the Secretary of Transportation should direct appropriate department officials to finalize and issue formal procedures, revised as necessary, to monitor implementation of that policy and establish a sound system of controls.

    Agency: Department of Transportation
    Status: Open

    Comments: Transportation initiated a major, multi-year department-wide program to re-engineer their financial processes, including cost accounting. Because of the complexity of cost accounting and the complications of the next release of their financial software, Transportation has told us that cost accounting is scheduled as a future process to be reviewed. As a result, Transportation has not finalized or issued a policy for implementing MCA departmentwide.
    Director: Engel, Gary T
    Phone: (202)512-8815

    2 open recommendations
    including 2 priority recommendations
    Recommendation: In the interim, until the joint task force is established and a strategic plan is developed, the Director of OMB should direct the Controller of OMB, in coordination with the Fiscal Assistant Secretary of the Treasury, to work with Justice and certain other executive branch agencies to ensure that these agencies report or disclose relevant criminal debt information in conformity with GAAP in their financial statements and have such information subjected to audit.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open
    Priority recommendation

    Comments: As of the completion of our fiscal year 2016 consolidated financial statements (CFS) audit, Treasury and OMB agreed that this recommendation remained open. Treasury plans to provide guidance in the FY 2017 Treasury Financial Manual 2-4700 on the process to be followed by federal agencies to report and disclose relevant criminal debt information. We will follow-up on progress made by Treasury and OMB as part of our fiscal year 2017 CFS audit, which is ongoing as of March 2017.
    Recommendation: The Secretary of the Treasury should direct the Fiscal Assistant Secretary to include relevant criminal debt information in the CFS or document the specific rationale for excluding such information.

    Agency: Department of the Treasury
    Status: Open
    Priority recommendation

    Comments: As of the completion of our fiscal year 2016 consolidated financial statements (CFS) audit, Treasury and OMB agreed that this recommendation remained open. Treasury plans to provide guidance in the FY 2017 Treasury Financial Manual 2-4700 on the process to be followed by federal agencies to report and disclose relevant criminal debt information. We will follow-up on progress made by Treasury and OMB as part of our fiscal year 2017 CFS audit, which is ongoing as of March 2017.
    Director: Engel, Gary T
    Phone: (202)512-8815

    7 open recommendations
    including 7 priority recommendations
    Recommendation: The Secretary of the Treasury should direct the Fiscal Assistant Secretary, working in coordination with the Controller of OMB's Office of Federal Financial Management, to help ensure that agencies provide adequate information in their legal representation letters regarding the expected outcome of the cases.

    Agency: Department of the Treasury
    Status: Open
    Priority recommendation

    Comments: As of the completion of our fiscal year 2016 consolidated financial statements (CFS) audit, Treasury and OMB agreed that this recommendation remained open. Treasury documented the processes that federal entities are following in using the "unable to determine" expected outcome of legal cases. Treasury and OMB will continue to work with GAO to close any remaining gaps. We will follow-up on progress made by Treasury and OMB as part of our fiscal year 2017 CFS audit, which is ongoing as of March 2017.
    Recommendation: The Secretary of the Treasury should direct the Fiscal Assistant Secretary, working in coordination with the Controller of OMB's Office of Federal Financial Management, to establish written policies and procedures to help ensure that major treaty and other international agreement information is properly identified and reported in the CFS. Specifically, these policies and procedures should require that agencies develop a detailed schedule of all major treaties and other international agreements that obligate the U.S. government to provide cash, goods, or services, or that create other financial arrangements that are contingent on the occurrence or nonoccurrence of future events (a starting point for compiling these data could be the State Department's Treaties in Force).

    Agency: Department of the Treasury
    Status: Open
    Priority recommendation

    Comments: As of the completion of our fiscal year 2016 consolidated financial statements (CFS) audit, Treasury and OMB agreed that this recommendation remained open. Treasury and OMB plan to leverage the existing process and oversight followed by the Department of State to enhance the guidance issued to federal entities to ensure the proper reporting and accounting on treaties and international agreements. We will follow-up on progress made by Treasury and OMB as part of our fiscal year 2017 CFS audit, which is ongoing as of March 2017.
    Recommendation: The Secretary of the Treasury should direct the Fiscal Assistant Secretary, working in coordination with the Controller of OMB's Office of Federal Financial Management, to establish written policies and procedures to help ensure that major treaty and other international agreement information is properly identified and reported in the CFS. Specifically, these policies and procedures should require that agencies classify all such scheduled major treaties and other international agreements as commitments or contingencies.

    Agency: Department of the Treasury
    Status: Open
    Priority recommendation

    Comments: As of the completion of our fiscal year 2016 consolidated financial statements (CFS) audit, Treasury and OMB agreed that this recommendation remained open. Treasury and OMB plan to leverage the existing process and oversight followed by the Department of State to enhance the guidance issued to federal entities to ensure the proper reporting and accounting on treaties and international agreements. We will follow-up on progress made by Treasury and OMB as part of our fiscal year 2017 CFS audit, which is ongoing as of March 2017.
    Recommendation: The Secretary of the Treasury should direct the Fiscal Assistant Secretary, working in coordination with the Controller of OMB's Office of Federal Financial Management, to establish written policies and procedures to help ensure that major treaty and other international agreement information is properly identified and reported in the CFS. Specifically, these policies and procedures should require that agencies disclose in the notes to the CFS amounts for major treaties and other international agreements that have a reasonably possible chance of resulting in a loss or claim as a contingency.

    Agency: Department of the Treasury
    Status: Open
    Priority recommendation

    Comments: As of the completion of our fiscal year 2016 consolidated financial statements (CFS) audit, Treasury and OMB agreed that this recommendation remained open. Treasury and OMB plan to leverage the existing process and oversight followed by the Department of State to enhance the guidance issued to federal entities to ensure the proper reporting and accounting on treaties and international agreements. We will follow-up on progress made by Treasury and OMB as part of our fiscal year 2017 CFS audit, which is ongoing as of March 2017.
    Recommendation: The Secretary of the Treasury should direct the Fiscal Assistant Secretary, working in coordination with the Controller of OMB's Office of Federal Financial Management, to establish written policies and procedures to help ensure that major treaty and other international agreement information is properly identified and reported in the CFS. Specifically, these policies and procedures should require that agencies disclose in the notes to the CFS amounts for major treaties and other international agreements that are classified as commitments and that may require measurable future financial obligations.

    Agency: Department of the Treasury
    Status: Open
    Priority recommendation

    Comments: As of the completion of our fiscal year 2016 consolidated financial statements (CFS) audit, Treasury and OMB agreed that this recommendation remained open. Treasury and OMB plan to leverage the existing process and oversight followed by the Department of State to enhance the guidance issued to federal entities to ensure the proper reporting and accounting on treaties and international agreements. We will follow-up on progress made by Treasury and OMB as part of our fiscal year 2017 CFS audit, which is ongoing as of March 2017.
    Recommendation: The Secretary of the Treasury should direct the Fiscal Assistant Secretary, working in coordination with the Controller of OMB's Office of Federal Financial Management, to establish written policies and procedures to help ensure that major treaty and other international agreement information is properly identified and reported in the CFS. Specifically, these policies and procedures should require that agencies take steps to prevent major treaties and other international agreements that are classified as remote from being recorded or disclosed as probable or reasonably possible in the CFS.

    Agency: Department of the Treasury
    Status: Open
    Priority recommendation

    Comments: As of the completion of our fiscal year 2016 consolidated financial statements (CFS) audit, Treasury and OMB agreed that this recommendation remained open. Treasury and OMB plan to leverage the existing process and oversight followed by the Department of State to enhance the guidance issued to federal entities to ensure the proper reporting and accounting on treaties and international agreements. We will follow-up on progress made by Treasury and OMB as part of our fiscal year 2017 CFS audit, which is ongoing as of March 2017.
    Recommendation: GAO recommends that the note disclosure for stewardship responsibilities related to the risk assumed for federal insurance and guarantee programs meet the requirements of Statement of Federal Financial Accounting Standards No. 5, Accounting for Liabilities of the Federal Government, paragraph 106, that requires that when financial information pursuant to Financial Accounting Standards Board standards on federal insurance and guarantee programs conducted by government corporations is incorporated in general purpose financial reports of a larger federal reporting entity, the entity should report as required supplementary information what amounts and periodic change in those amounts would be reported under the "risk assumed" approach.

    Agency: Department of the Treasury
    Status: Open
    Priority recommendation

    Comments: As of the completion of our fiscal year 2016 consolidated financial statements (CFS) audit, Treasury agreed that this recommendation remained open. Treasury will continue to request this information from agencies at interim and through year-end reporting requirements in the Treasury Financial Manual 2-4700. In addition, Treasury will continue to participate on the Federal Accounting Standards Advisory Board (FASAB) Risk Assumed Task Force and implement any related changes corresponding to the issuance of revised or new federal accounting standards. We will follow-up on progress made by Treasury as part of our fiscal year 2017 CFS audit, which is ongoing as of March 2017.
    Director: Williams, Mccoy
    Phone: (202)512-3000

    2 open recommendations
    Recommendation: The Senior Civilian Official for the Office of the Assistant Secretary of the Navy should develop a review process so that data call information on sponsor owned material is correctly reported.

    Agency: Department of Defense: Department of the Navy: Office of the Assistant Secretary of the Navy (Financial Management): Senior Civilian Official
    Status: Open

    Comments: According to Navy officials, sponsor owned material is a subset of Operating Materials and Supplies (OM&S) contained within the OM&S--Remainder (OM&S-R) category. The Navy's Office of Financial Operations (FMO) is providing direction to the various Navy budget submitting offices (BSOs) to guide the development of a complete, accurate, and validated population of the OM&S-R balances reported in the Navy's financial statements--to include sponsor owned material. Specifically, FMO is working with the BSOs to develop a review process in which the BSOs will reconcile their Accountable Property System of Record asset listings to the Navy's financial statements on a quarterly basis. FMO has performed a reconciliation for the third and fourth quarter of fiscal year 2016, and is currently performing a reconciliation for the first quarter of fiscal year 2017. However, FMO has yet to achieve a 100 percent accurate reconciliation. According to Navy FMO officials, the projected implementation date for this review process is expected to be after September 30, 2017. We will continue to follow-up on this recommendation.
    Recommendation: The Senior Civilian Official for the Office of the Assistant Secretary of the Navy should revise the Navy's policies for compiling its financial statements so that they are in accordance with federal accounting standards and the DOD Financial Management Regulation. Specifically: (1) ammunition items needing repair and those categorized as excess, obsolete, and unserviceable should be revalued appropriately to comply with SFFAS No. 3 and the DOD Financial Management Regulation; and (2) shipboard inventories aboard smaller combatant ships should be reported as operating materials and supplies in accordance with federal accounting standards.

    Agency: Department of Defense: Department of the Navy: Office of the Assistant Secretary of the Navy (Financial Management): Senior Civilian Official
    Status: Open

    Comments: Regarding the first part of this recommendation, Navy's procedures for financially reporting ammunition items deemed excess, obsolete, or unserviceable and ammunition items needing repair are not in compliance with federal accounting standards. The Statement of Federal Financial Accounting Standard Number 3 (SFFAS 3) states that excess, obsolete, and unserviceable operating material and supplies shall be valued at their net realizable value. The standard further states that repair costs for inventory held for repair must be accounted for and adjusted accordingly based on the method of accounting used. Specifically, for ammunition items needing repair, entities should revalue, or reduce, such items by the estimated repair costs for financial statement reporting purposes. However, the Navy is currently devaluing its excess, obsolete, and unserviceable ammunition to zero and reporting it as such on the financial statements. Further, although the Navy has identified an annual maintenance cost for ammunition items needing repair, the Navy currently does not devalue its ordnance, or ammunition, amounts by the estimated repair costs. The Navy contends that these are routine maintenance events and will elect to expense the ordnance maintenance cost as it is incurred in opposition to SFFAS 3. Regarding the second part of this recommendation, SFFAS 3 states that Operating Materials and Supplies (OM&S) should be accounted for using the consumption method; in that materials are to be reported as an asset until they are issued to an end user for consumption in normal operations, at which point they would be expensed. Navy acknowledges, in its fiscal year 2016 financial statements, that due to current system limitations, the consumption method of accounting for all of the Navy's OM&S is not feasible, although long-term efforts are underway to transition to the consumption method for the recognition OM&S expenses to address this previously identified material weakness. Until these efforts are completed, the Navy has granted the Fleet Forces Command and Pacific Fleet a waiver to account for OM&S utilizing the purchase method of accounting. Under the purchase method, the OM&S supplies are expensed upon purchase for the smaller combatant command ships, as opposed to federal accounting standards requiring them to be recognized as an asset on the balance sheet and then expensed when consumed in the normal course of operations. We will continue to follow-up on this recommendation and the related issues in future Navy Operating Material and Supplies audit work.