Reports & Testimonies

  • GAO’s recommendations database contains report recommendations that still need to be addressed.

    GAO’s recommendations help congressional and agency leaders prepare for appropriations and oversight activities, as well as help improve government operations. Recommendations remain open until they are designated as Closed-implemented or Closed-not implemented. You can explore open recommendations by searching or browsing.

    GAO's priority recommendations are those that we believe warrant priority attention. We sent letters to the heads of key departments and agencies, urging them to continue focusing on these issues. These recommendations are labeled as such. You can find priority recommendations by searching or browsing our open recommendations below, or through our mobile app.

  • Browse Open Recommendations

    Explore priority recommendations by subject terms or browse by federal agency

    Search Open Recommendations

    Search for a specific priority recommendation by word or phrase



  • Governing on the go?

    Our Priorities for Policy Makers app makes it easier for leaders to search our recommendations on the go.

    See the November 10th Press Release


  • Have a Question about a Recommendation?

    • For questions about a specific recommendation, contact the person or office listed with the recommendation.
    • For general information about recommendations, contact GAO's Audit Policy and Quality Assurance office at (202) 512-6100 or apqa@gao.gov.
  • « Back to Results List Sort by   

    Results:

    Subject Term: "Internal audits"

    20 publications with a total of 77 open recommendations including 15 priority recommendations
    Director: Timothy J. DiNapoli
    Phone: (202) 512-4841

    7 open recommendations
    Recommendation: To enhance management attention to closing out contracts, the Secretary of Defense should develop a means for department-wide oversight into components' progress in meeting their goals on closing contracts and the status of contracts eligible for closeout. (Recommendation 1)

    Agency: Department of Defense
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To enhance management attention to closing out contracts, the Secretary of Health and Human Services should develop a means for department-wide oversight into components' progress in meeting their goals on closing contracts and the status of contracts eligible for closeout. (Recommendation 2)

    Agency: Department of Health and Human Services
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To enhance management attention to closing out contracts, the Secretary of Homeland Security should develop a means, either at the agency or the component level, to track where the contracts are in the closeout process, and establish goals and performance measures for closing contracts. (Recommendation 3)

    Agency: Department of Homeland Security
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To enhance management attention to closing out contracts, the Attorney General should direct the Senior Procurement Executive to ensure the development of a means to track data on the number and type of contracts eligible for closeout and where the contracts are in the closeout process, as well as a means to assess--at the agency or component level--progress by establishing goals and performance measures for closing contracts. (Recommendation 4)

    Agency: Department of Justice
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To enhance management attention to closing out contracts, the Secretary of State should develop a means at the agency level to track data on the entirety of the number and type of contracts eligible for closeout, where the contracts are in the closeout process, and establish goals and performance measures for closing contracts. (Recommendation 5)

    Agency: Department of State
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To manage its incurred cost inventory, the Director, DCAA should assess and implement options for reducing the length of time to begin incurred cost audit work and establish related performance measures. (Recommendation 6)

    Agency: Department of Defense: Defense Contract Audit Agency
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To manage its incurred cost inventory, the Director, DCAA should comprehensively assess the use and effect of multi-year audits on both DCAA and contractors and establish related performance measures. (Recommendation 7)

    Agency: Department of Defense: Defense Contract Audit Agency
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: Maurer, Diana C
    Phone: (202) 512-8777

    1 open recommendations
    Recommendation: To better ensure that the FBI Laboratory obtains additional transcripts, the FBI Director should require that the FBI Laboratory's procedure for tracking and obtaining transcripts routinely captures and uses additional information and data critical to transcript acquisition, such as the reason a transcript is unavailable, when it is expected to be available, the court jurisdiction, and a point of contact for the transcript.

    Agency: Department of Justice: Federal Bureau of Investigation
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: David C. Trimble
    Phone: (202) 512-3841

    6 open recommendations
    Recommendation: To allow DOE management to effectively monitor invoice reviews and have assurance that this control activity is operating as intended, the Secretary of Energy should establish a DOE-wide invoice review policy that includes requirements for sites to establish well-documented invoice review operating procedures.

    Agency: Department of Energy
    Status: Open

    Comments: DOE stated that it already has an established, detailed DOE-wide invoice review policy provided in DOE's Financial Management Handbook and in the DOE Acquisition Guide, and that they are updating the Financial Management Handbook to include additional procedures to address intra-governmental payment and collection transactions that they believe will allow the recommendation to be closed by September 30, 2017. However, DOE officials with the office of the CFO at DOE headquarters previously told us that they do not have department-wide invoice review policies and procedures, and that CFOs and contracting officials in DOE field offices are responsible to develop their own invoice review policies and procedures. In addition, we reviewed the Financial Management Handbook and the Acquisition Guide and found that these documents do not contain the detail necessary to serve as an invoice review policy. We will continue to review DOE's implementation of this recommendation to determine whether its actions meet the intent of the recommendation.
    Recommendation: To help DOE take a more strategic approach to managing improper payments and risk, including fraud risk, the Secretary of Energy should implement leading practices for managing the department's risk of fraud, including creating a structure with a dedicated entity within DOE to design and oversee fraud risk management activities.

    Agency: Department of Energy
    Status: Open

    Comments: DOE considers this recommendation to be closed without corrective action. Instead of establishing a dedicated entity within DOE to design and oversee fraud risk management activities, DOE will rely on the existing Office of Financial Policy and Internal Controls and on the DOE Office of Inspector General (OIG)to design and oversee financial fraud risk management activities. We disagree that reliance on these offices meets best practices because neither office is solely dedicated to designing or overseeing fraud risk management activities. Furthermore, according the best practices in GAO's Fraud Risk Framework, the dedicated entity should not be the OIG.
    Recommendation: To help DOE take a more strategic approach to managing improper payments and risk, including fraud risk, the Secretary of Energy should implement leading practices for managing the department's risk of fraud, including conducting fraud risk assessments that are tailored to each program and use the assessments to develop a fraud risk profile

    Agency: Department of Energy
    Status: Open

    Comments: DOE concurred with the substance of the recommendation; however they consider the recommendation to be closed without corrective action because its risk assessments meet the requirements of the Improper Payments Elimination and Recovery Improvement Act of 2012, as reported by the Office of Inspector General (OIG), and because it has implemented updates to OMB Circular A-123 that added requirements related to managing fraud risk and adherence to GAO's Fraud Risk Framework. However, we found that DOE has not conducted fraud risk assessments that are tailored to its programs and therefore do not allow the department to create a fraud risk profile. We also found that, although DOE updated its internal control assessment tools with a list of fraud risks as required by OMB Circular A-123, the list of risks were the same for all DOE sites and were not tailored to the sites' different programs.
    Recommendation: To help DOE take a more strategic approach to managing improper payments and risk, including fraud risk, the Secretary of Energy should implement leading practices for managing the department's risk of fraud, including developing and documenting an antifraud strategy that describes the programs' approaches for addressing the prioritized fraud risks identified during the fraud risk assessment.

    Agency: Department of Energy
    Status: Open

    Comments: DOE concurred with this recommendation but considers the recommendation closed without corrective action because DOE has implemented the updated OMB Circular A-123 and because DOE's anti-fraud strategy is imbedded in the DOE internal control program. However, DOE officials told us that they have not developed or documented a DOE-wide antifraud strategy or directed individual programs to develop program-specific strategies. Furthermore, DOE's implementation of OMB Circular A-123 included adding a list of potential risks to their internal control assessment tool that were the same for all DOE sites and were not tailored to the sites' different programs.
    Recommendation: To help DOE take a more strategic approach to managing improper payments and risk, including fraud risk, the Secretary of Energy should implement leading practices for managing the department's risk of fraud, including designing and implementing specific control activities, including fraud awareness training and data analytics, to prevent and detect fraud and other improper payments.

    Agency: Department of Energy
    Status: Open

    Comments: DOE believes that they are either implementing or have already implemented this recommendation and considers the recommendation closed without additional action. Specifically, DOE stated that the Office of Inspector General (OIG) already provides fraud awareness training and that the OIG provided expanded fraud risk training on June 12, 2017 through a CFO-hosted webinar. However, of the 10 field offices responsible for overseeing contractor costs, none required employees responsible for overseeing contractor costs to attend fraud awareness training.
    Recommendation: To help ensure that necessary data are available to employ data analytics as a tool to perform contractor cost-surveillance activities, the Secretary of Energy should require contractors to maintain sufficiently detailed transaction-level cost data that are reconcilable with amounts charged to the government, including (1) cost data that, at a minimum, represent a full data population and (2) the details necessary to determine the nature of each cost transaction, with such identifiers as transaction date, dollar amount, item or service description, and transaction codes to indicate the type of cost represented (e.g., construction materials, property lease, and office supplies).

    Agency: Department of Energy
    Status: Open

    Comments: DOE did not agree to implement this recommendation because they believe that the recommendation establishes agency-specific requirements for DOE contractors that are more prescriptive than current federal requirements. DOE states that they plan to evaluate the merits of government-wide guidance for applying data-analytics to contract costs only if an OMB working group--established as a requirement of the Fraud Reduction and Data Analytics Act of 2015 to promote interagency coordination on fraud reduction and data analytics--requires them to do so. However, the purpose of the working group is to share fraud management best practices. It is not an implementing body and agencies do not need its permission before proceeding with fraud risk reduction efforts.
    Director: Beryl H. Davis
    Phone: (202) 512-2623

    20 open recommendations
    including 12 priority recommendations
    Recommendation: The Secretary of Agriculture should direct the Under Secretary for Food, Nutrition, and Consumer Services to design policies and procedures to reasonably assure that all award recipients required to submit single audit reports do so in accordance with OMB guidance.

    Agency: Department of Agriculture
    Status: Open
    Priority recommendation

    Comments: The Department of Agriculture's (Agriculture) Under Secretary for Food, Nutrition, and Consumer Services did not comment on the recommendation directed to it. GAO believes the recommendation is valid as discussed in our report. In addition, Agriculture has not provided the 60 day letter in response to our recommendations. On July 27, 2017, the agency informed us that the delay is due to their response still needing to clear several approving offices. We have received no further status updates from Agriculture as to when we can expect to receive its 60 day letter. 31 U.S.C. 720 requires that the agency head submit a written statement of the actions taken by the agency on GAO's recommendations to selected congressional committees and GAO not later than 60 days after the date of our report.
    Recommendation: The Secretary of Agriculture should direct the Under Secretary for Food, Nutrition, and Consumer Services to revise policies and procedures to reasonably assure that management decisions contain the required elements and are issued timely in accordance with OMB guidance.

    Agency: Department of Agriculture
    Status: Open
    Priority recommendation

    Comments: The Department of Agriculture's (Agriculture) Under Secretary for Food, Nutrition, and Consumer Services did not comment on the recommendation directed to it. GAO believes the recommendation is valid as discussed in our report. In addition, Agriculture has not provided the 60 day letter in response to our recommendations. On July 27, 2017, the agency informed us that the delay is due to their response still needing to clear several approving offices. We have received no further status updates from Agriculture as to when we can expect to receive its 60 day letter. 31 U.S.C. 720 requires that the agency head submit a written statement of the actions taken by the agency on GAO's recommendations to selected congressional committees and GAO not later than 60 days after the date of our report.
    Recommendation: The Secretary of Agriculture should direct the Under Secretary for Food, Nutrition, and Consumer Services to design and implement policies and procedures for identifying and managing high-risk and recurring single audit findings using a risk-based approach.

    Agency: Department of Agriculture
    Status: Open

    Comments: The Department of Agriculture's (Agriculture) Under Secretary for Food, Nutrition, and Consumer Services did not comment on the recommendation directed to it. GAO believes the recommendation is valid as discussed in our report. In addition, Agriculture has not provided the 60 day letter in response to our recommendations. On July 27, 2017, the agency informed us that the delay is due to their response still needing to clear several approving offices. We have received no further status updates from Agriculture as to when we can expect to receive its 60 day letter. 31 U.S.C. 720 requires that the agency head submit a written statement of the actions taken by the agency on GAO's recommendations to selected congressional committees and GAO not later than 60 days after the date of our report.
    Recommendation: The Secretary of Agriculture should direct the Under Secretary for Rural Development to design policies and procedures to reasonably assure that all award recipients required to submit single audit reports do so in accordance with OMB guidance.

    Agency: Department of Agriculture
    Status: Open
    Priority recommendation

    Comments: The Department of Agriculture's (Agriculture) Under Secretary for Rural Development (RD) concurred with this recommendation. An RD official stated that it will work with Agriculture's Office of the Chief Financial Officer and the program areas to develop policies and procedures to ensure that its award recipients are in compliance with Office of Management and Budget (OMB) guidance. RD stated that it will meet with each program area and discuss how single audits are processed and resolved. RD plans to develop policies and procedures for identifying all award recipients that should file single audit reports; determining if all required single audit reports are filed, received, and processed each year; and assuring that transmittal letters and management decisions contain the required elements and are issued timely in accordance with current OMB guidance. RD also stated that it will develop new policies and procedures for identifying and managing high-risk and recurring single audit findings using a risk-based approach. We will assess these efforts once completed.
    Recommendation: The Secretary of Agriculture should direct the Under Secretary for Rural Development to revise policies and procedures to reasonably assure that management decisions contain the required elements and are issued timely in accordance with OMB guidance.

    Agency: Department of Agriculture
    Status: Open
    Priority recommendation

    Comments: The Department of Agriculture's (Agriculture) Under Secretary for Rural Development (RD) concurred with this recommendation. An RD official stated that it will work with Agriculture's Office of the Chief Financial Officer and the program areas to develop policies and procedures to ensure that its award recipients are in compliance with Office of Management and Budget (OMB) guidance. RD stated that it will meet with each program area and discuss how single audits are processed and resolved. RD plans to develop policies and procedures for identifying all award recipients that should file single audit reports; determining if all required single audit reports are filed, received, and processed each year; and assuring that transmittal letters and management decisions contain the required elements and are issued timely in accordance with current OMB guidance. RD also stated that it will develop new policies and procedures for identifying and managing high-risk and recurring single audit findings using a risk-based approach. We will assess these efforts once completed.
    Recommendation: The Secretary of Agriculture should direct the Under Secretary for Rural Development to design and implement policies and procedures for identifying and managing high-risk and recurring single audit findings using a risk-based approach.

    Agency: Department of Agriculture
    Status: Open

    Comments: The Department of Agriculture's (Agriculture) Under Secretary for Rural Development (RD) concurred with this recommendation. An RD official stated that it will work with Agriculture's Office of Chief Financial Officer and the program areas to develop policies and procedures to ensure that its award recipients are in compliance with Office of Management and Budget (OMB) guidance. RD stated that it will meet with each program area and discuss how single audits are processed and resolved. RD plans to develop policies and procedures for identifying all award recipients that should file single audit reports; determining if all required single audit reports are filed, received, and processed each year; and assuring that transmittal letters and management decisions contain the required elements and are issued timely in accordance with current OMB guidance. RD also stated that it will develop new policies and procedures for identifying and managing high-risk and recurring single audit findings using a risk-based approach. We will assess these efforts once completed.
    Recommendation: The Secretary of Health and Human Services should direct the Assistant Secretary for Financial Resources to revise policies and procedures to reasonably assure that management decisions contain the required elements and are issued timely in accordance with OMB guidance.

    Agency: Department of Health and Human Services
    Status: Open
    Priority recommendation

    Comments: The Department of Health and Human Services (HHS) concurred with this recommendation to the Assistant Secretary for Financial Resources (ASFR). HHS stated that it will enhance the Grants Policy Administration Manual (issued on December 31, 2015) to provide additional details regarding the elements to be included in the management decisions letters. ASFR stated that it will use its established Single Audit Resolution Workgroup, comprised of representatives from the HHS agencies who are responsible for single audit resolution activities, to continually evaluate and strengthen its relevant policies and procedures. We will assess these efforts once completed.
    Recommendation: The Secretary of Health and Human Services should direct the Assistant Secretary for Financial Resources to design and implement policies and procedures for identifying and managing high-risk and recurring single audit findings using a risk-based approach.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: The Department of Health and Human Services (HHS) concurred with this recommendations to the Assistant Secretary for Financial Resources (ASFR). HHS stated that it is committed to ensuring that grantees submit single audits in a timely and complete manner and that its subagencies utilize the findings to ensure proper management of its grantees. HHS stated that ASFR is taking over the single audit assignment and tracking function from the OIG and that this realignment will allow HHS to better meet the requirements of the Uniform Guidance. HHS stated that it would continue to evaluate its policies and procedures to ensure compliance with regulations, particularly as ASFR takes over the single audit findings assignment and tracking function from the OIG. In addition, HHS stated that ASFR will work to develop policies and procedures that utilize a risk-based approach for high-risk and recurring single audit findings. We will assess these efforts once completed.
    Recommendation: The Secretary of Health and Human Services should direct the Administrator of the Centers for Medicare and Medicaid Services to revise its policies and procedures to take action to obtain single audit reports when award recipients did not submit reports within the required time frames.

    Agency: Department of Health and Human Services
    Status: Open
    Priority recommendation

    Comments: The Department of Health and Human Services (HHS) concurred with this recommendation to the Centers for Medicare and Medicaid Services (CMS). HHS stated that CMS has developed a Standard Operating Procedure (SOP) based on the Grants Policy Administration Manual (GPAM) issued December 31, 2015. The SOP is currently under review and will be implemented after approval and signature by CMS leadership. The SOP includes provisions for following up with entities that have delinquent audits. We will assess these efforts once completed.
    Recommendation: The Secretary of Health and Human Services should direct the Administrator of the Centers for Medicare and Medicaid Services to revise its policies and procedures to reasonably assure that management decisions contain the required elements and are issued timely in accordance with OMB guidance.

    Agency: Department of Health and Human Services
    Status: Open
    Priority recommendation

    Comments: The Department of Health and Human Services (HHS) concurred with this recommendation to the Centers for Medicare and Medicaid Services (CMS). HHS stated that it has developed a Standard Operating Procedure (SOP) based on the Grants Policy Administration Manual (GPAM) issued on December 31, 2015, and the draft Management Decision Letter (MDL) HHS guidelines document. In April 2017, HHS informed us that the SOP is under review and will be implemented after approval and signature by CMS leadership. The SOP includes management decision letter elements and the timely issuance of MDLs. We will assess these efforts once completed.
    Recommendation: The Secretary of Health and Human Services should direct the Administrator of the Centers for Medicare and Medicaid Services to design and implement policies and procedures for identifying and managing high-risk and recurring single audit findings using a risk-based approach.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: The Department of Health and Human Services (HHS) concurred with this recommendation to CMS. HHS stated that CMS plans to update the 1982 Health Care Financing Administration Audit Resolution Manual and will work collaboratively with HHS to develop policies and procedures that utilize a risk-based approach for high-risk and recurring single audit findings. We will assess these efforts once completed.
    Recommendation: The Secretary of Housing and Urban Development should direct the Principal Deputy Assistant Secretary for the Office of Community Planning and Development to revise policies and procedures to reasonably assure that management decisions contain the required elements and are issued timely in accordance with OMB guidance.

    Agency: Department of Housing and Urban Development
    Status: Open
    Priority recommendation

    Comments: The Department of Housing and Urban Development's (HUD) Office of Community Planning and Development (CPD) disagreed with this recommendation, but we maintain that revisions to CPD's policies and procedures are warranted to help CPD comply with the Office of Management and Budget (OMB) guidance. CPD officials stated that it provided training on writing management decisions to all CPD field offices in March 2017 and plans to issue a reminder memorandum on management decisions to field offices. We will assess these efforts once completed.
    Recommendation: The Secretary of Housing and Urban Development should direct the Principal Deputy Assistant Secretary for the Office of Community Planning and Development to design and implement policies and procedures for identifying and managing high-risk and recurring single audit findings using a risk-based approach.

    Agency: Department of Housing and Urban Development
    Status: Open

    Comments: In April 2017, the Department of Housing and Urban Development's (HUD) Office of Community Planning and Development (CPD) stated that it planned to produce appropriate policies and procedures for risk rating single audit findings by the end of fiscal year 2017. We will assess these efforts once completed.
    Recommendation: The Secretary of Housing and Urban Development should direct the Principal Deputy Assistant Secretary for the Office of Public and Indian Housing to revise policies to reasonably assure that management decisions contain the required elements and are issued timely in accordance with OMB guidance.

    Agency: Department of Housing and Urban Development
    Status: Open
    Priority recommendation

    Comments: The Department of Housing and Urban Development's (HUD) Office of Public and Indian Housing developed policies and procedures and conducted training for field offices relating to management decisions. We reviewed these policies and procedures and noted that they did not contain all of the required elements in accordance with the Office of Management and Budget guidance relating to management decisions. HUD officials stated that they will review the policies and procures and revise, if needed, to address our concerns. We will assess these efforts once completed.
    Recommendation: The Secretary of Housing and Urban Development should direct the Principal Deputy Assistant Secretary for the Office of Public and Indian Housing to design and implement policies and procedures for identifying and managing high-risk and recurring single audit findings using a risk-based approach.

    Agency: Department of Housing and Urban Development
    Status: Open

    Comments: The Department of Housing and Urban Development's (HUD) Office of Public and Indian Housing met with GAO on July 10, 2017, to discuss the status of this recommendation. The HUD officials at this meeting said the current language in their Independent Public Accountant (IPA) auditing standards addresses the GAO recommendation. However, we explained to the HUD officials at the meeting that the current language is insufficient to close the recommendation as it does not show evidence that HUD has designed or implemented policies and procedures for how HUD is identifying and managing high-risks. The HUD officials stated that they will give this recommendation more consideration and revise the standards and provide GAO with additional support to show what HUD has done to address this recommendation. We will assess these efforts once completed.
    Recommendation: The Secretary of Transportation should direct the Administrator of the Federal Highway Administration to revise policies and procedures to reasonably assure that management decisions contain the required elements and are issued timely in accordance with OMB guidance.

    Agency: Department of Transportation
    Status: Open
    Priority recommendation

    Comments: The Department of Transportation (DOT) agreed with this recommendation. DOT stated that it will, no later than December 31, 2017, instruct the Federal Highway Administration to design, revise, and implement procedures to comply with federal grant and financial management requirements by September 30, 2019. We will assess these efforts once completed.
    Recommendation: The Secretary of Transportation should direct the Administrator of the Federal Highway Administration to design and implement policies and procedures for identifying and managing recurring single audit findings using a risk-based approach.

    Agency: Department of Transportation
    Status: Open

    Comments: The Department of Transportation (DOT) agreed with this recommendation. DOT stated that it will, no later than December 31, 2017, instruct the Federal Highway Administration to design, revise, and implement procedures to comply with federal grant and financial management requirements by September 30, 2019. We will assess these efforts once completed.
    Recommendation: The Secretary of Transportation should direct the Administrator of the Federal Transit Administration to design policies and procedures to reasonably assure that all award recipients required to submit single audit reports do so in accordance with OMB guidance.

    Agency: Department of Transportation
    Status: Open
    Priority recommendation

    Comments: The Department of Transportation (DOT) agreed with this recommendation. DOT stated that it will, no later than December 31, 2017, instruct the Federal Transit Administration to design, revise, and implement procedures to comply with federal grant and financial management requirements by September 30, 2019. We will assess these efforts once completed. We will assess these efforts once completed.
    Recommendation: The Secretary of Transportation should direct the Administrator of the Federal Transit Administration to revise policies and procedures to reasonably assure that management decisions contain the required elements and are issued timely in accordance with OMB guidance.

    Agency: Department of Transportation
    Status: Open
    Priority recommendation

    Comments: The Department of Transportation (DOT) agreed with our recommendations. DOT stated that it will, no later than December 31, 2017, instruct the Federal Transit Administration to design, revise, and implement procedures to comply with federal grant and financial management requirements by September 30, 2019. We will assess these efforts once completed.
    Recommendation: The Secretary of Transportation should direct the Administrator of the Federal Transit Administration to design and implement policies and procedures for identifying and managing recurring single audit findings using a risk-based approach.

    Agency: Department of Transportation
    Status: Open

    Comments: The Department of Transportation (DOT) agreed with this recommendation. DOT stated that it will, no later than December 31, 2017, instruct the Federal Transit Administration to design, revise, and implement procedures to comply with federal grant and financial management requirements by September 30, 2019. We will assess these efforts once completed.
    Director: Heather Krause
    Phone: (202) 512-6806

    3 open recommendations
    Recommendation: To help ensure that FLETC builds and maintains capacity to achieve its mission with existing levels of resources over the longer-term, the Secretary of Homeland Security should direct the Director of FLETC to complete a revised strategic plan that encompasses the agency's long-term goals and objectives to address emerging challenges.

    Agency: Department of Homeland Security
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To help ensure that FLETC builds and maintains capacity to achieve its mission with existing levels of resources over the longer-term, as part of its strategic planning process, the Secretary of Homeland Security should direct the Director of FLETC to finalize the plan, including the steps and time frames, needed to further implement its Online Campus initiative.

    Agency: Department of Homeland Security
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To help ensure that ETA continues to have the capacity to achieve its mission and manage changes in demand for services resulting from changes in the broader economy, the Secretary of Labor should direct the Administrator of ETA to systematically gather and evaluate information on the challenges that states faced administering the unemployment insurance program during the recession that began in 2007--such as rapidly ramping up staffing at the start of the recession and ramping down as the economy recovered--and identify and build upon any lessons learned from this experience that could be broadly shared to help the program respond to any changes in workload during a future economic downturn.

    Agency: Department of Labor
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: Beryl H. Davis
    Phone: (202) 512-2623

    11 open recommendations
    Recommendation: To improve the design of internal controls over the indirect cost rate-setting process, the Director of CAS should develop a standardized checklist and document procedures in its internal guidance instructing negotiators to use the checklist during negotiation.

    Agency: Department of Health and Human Services: Division of Cost Allocation
    Status: Open

    Comments: HHS concurred with this recommendation. In response, HHS stated that its Cost Allocation Services (CAS) will update and complete standardized checklists and that staff will be instructed to use these checklists by December 31, 2016. We are currently reviewing support received from HHS to determine if we can close the recommendation.
    Recommendation: To improve the design of internal controls over the indirect cost rate-setting process, the Director of CAS should develop detailed internal guidance for the completion and documentation of supervisory review of the indirect cost rate negotiation process to provide reasonable assurance that key control activities have been performed by the negotiators.

    Agency: Department of Health and Human Services: Division of Cost Allocation
    Status: Open

    Comments: HHS concurred with this recommendation. In response, HHS stated that by December 31, 2016, its Cost Allocation Services (CAS) will establish a document outlining standardized review procedures for supervisory review of workpapers and rate agreements. We are currently reviewing support received from HHS to determine if we can close the recommendation.
    Recommendation: To improve the design of internal controls over the indirect cost rate-setting process, the Director of CAS should develop internal guidance for negotiating indirect cost rates with all types of research organizations, including hospitals, as well as universities using the simplified method.

    Agency: Department of Health and Human Services: Division of Cost Allocation
    Status: Open

    Comments: HHS concurred with this recommendation. In response, HHS stated that its Cost Allocation Services (CAS) will update internal guidance for negotiating indirect cost rates with universities using the simplified method by December 31, 2016. This guidance will include an example under the two types of direct cost bases, a salary and wage base and a modified total direct cost base. CAS will develop internal guidance for negotiating with hospitals as soon as possible. We are currently reviewing support received from HHS to determine if we can close the recommendation.
    Recommendation: As NIH-DFAS begins formalizing its internal guidance, the Director of NIH-DFAS should update internal guidance to include key characteristics, such as policy number, purpose of the policy, effective date, and approving official, that are normally included in formal policy and procedures.

    Agency: Department of Health and Human Services: Public Health Service: National Institutes of Health: Office of Management: Office of Acquisition and Logistics Management: Office of Acquisition Management and Policy: Division of Financial Advisory Services
    Status: Open

    Comments: HHS concurred with this recommendation. In response, HHS stated that by December 31, 2016, National Institute of Health's Division of Financial Advisory Services (DFAS) will update internal guidance to include key characteristics that are normally included in formal policy and procedures. NIH-DFAS has finalized three of the five polices, which are effective as of July 1, 2017. The remaining two policies will be finalized by August 31st, 2017. We will continue to monitor the status of this recommendation.
    Recommendation: As NIH-DFAS begins formalizing its internal guidance, the Director of NIH-DFAS should develop detailed procedures for the completion and documentation of supervisory review of the indirect cost rate negotiation process to provide reasonable assurance that key control activities have been performed by the negotiator.

    Agency: Department of Health and Human Services: Public Health Service: National Institutes of Health: Office of Management: Office of Acquisition and Logistics Management: Office of Acquisition Management and Policy: Division of Financial Advisory Services
    Status: Open

    Comments: HHS concurred with this recommendation. In response, HHS stated that the National Institute of Health's Division of Financial Advisory Services (DFAS), will develop detailed procedures for the completion and documentation of supervisory review of the indirect cost rate negotiations process. NIH-DFAS has developed draft internal guidance to address the supervisory review of the indirect cost negotiation process. NIH-DFAS plans to finalize these procedures by August 31, 2017. We will continue to monitor the status of this recommendation.
    Recommendation: As NIH-DFAS begins formalizing its internal guidance, the Director of NIH-DFAS should establish a mechanism for tracking key milestones in the indirect cost rate-setting process, such as when indirect cost rate proposals are due.

    Agency: Department of Health and Human Services: Public Health Service: National Institutes of Health: Office of Management: Office of Acquisition and Logistics Management: Office of Acquisition Management and Policy: Division of Financial Advisory Services
    Status: Open

    Comments: HHS concurred with this recommendations. In response, HHS stated that National Institute of Health's Division of Financial Advisory Services (DFAS) will establish a mechanism for tracking key milestones in the indirect cost rate-setting process. NIH-DFAS has initiatives underway that include moving from paper to electronic submissions of indirect cost proposals and developing a replacement to its Commercial Rate Agreement Distribution Services website. DFAS is looking into the feasibility of incorporating key milestones into these two major initiatives. NIH-DFAS is currently working with a contractor to develop a web based system that will establish a tracking system to account for when indirect cost proposal are due from organizations. The original initiative to enable the electronic submission of indirect cost proposals was modified to incorporate this new requirement. NIH-DFAS anticipates the planned date for implementation of this system to be October 1, 2017. We will continue to monitor the status of this recommendation.
    Recommendation: To improve the design of internal controls over the indirect cost rate-setting process, the Director of ONR should implement the May 2014 policy requiring an annual review of guidance so that internal guidance is updated when changes are made to applicable regulations and procedures to reasonably assure that the guidance reflects current requirements.

    Agency: Department of Defense: Department of the Navy: Office of Naval Research
    Status: Open

    Comments: DOD concurred with this recommendation. In response, DOD stated that the Office of Naval Research (ONR) will comply with its requirement for an annual review of its internal policy on negotiating indirect costs. As of June 15, 2017, no updated information has been provided by the Department of Defense. We will continue to monitor the status of this recommendation.
    Recommendation: To improve the design of internal controls over the indirect cost rate-setting process, the Director of ONR should include in its internal guidance acceptable Defense Contract Audit Agency (DCAA) audit completion time frames and identify supplemental procedures to be performed by negotiators if DCAA cannot perform its audits timely or if DCAA issues a qualified opinion or rescinds one of its previously issued audit opinions, to reasonably assure that the indirect cost rate proposal has been adequately reviewed and the negotiated rate complies with applicable regulations.

    Agency: Department of Defense: Department of the Navy: Office of Naval Research
    Status: Open

    Comments: DOD concurred with this recommendation. In response, DOD stated that the Office of Naval Research's (ONR) internal guidance will be updated to provide more realistic audit report due dates and will include general procedures to be performed by negotiators in the case of untimely audits, qualified opinions, or rescinded opinions. As of June 15, 2017, no updated information has been provided by the Department of Defense. We will continue to monitor the status of this recommendation.
    Recommendation: To improve the design of internal controls over the indirect cost rate-setting process, the Director of ONR should develop detailed procedures for the completion and documentation of supervisory review of the indirect cost rate negotiation process to provide reasonable assurance that required certifications and assurances are obtained and follow-up with the research organization is documented.

    Agency: Department of Defense: Department of the Navy: Office of Naval Research
    Status: Open

    Comments: DOD partially concurred with this recommendation. DOD did not agree that the Office of Naval Research (ONR) lacks procedures to ensure supervisors confirm that negotiators adequately performed and documented key controls. DOD noted that both the primary and secondary supervisors are required to review and approve the Business Clearance Memorandum, which records steps performed by the negotiator. While we agree that the Business Clearance Memorandum documents steps performed by the negotiator, these steps are documented at a high level and do not include detailed procedures for supervisors to follow to reasonably assure that the negotiator has performed and documented all key control activities, such as obtaining all required certifications and assurances. DOD agreed in its response that ONR's Business Clearance Memorandum can be improved and stated that ONR will update it to require the negotiator to cross-reference the review steps to the proposal to facilitate the supervisor's review process. However, it is not clear whether the planned Business Clearance Memorandum revisions will include providing detailed procedures for supervisory review as we recommended. As of June 15, 2017, no updated information has been provided by the Department of Defense. We will continue to monitor the status of this recommendation.
    Recommendation: To improve the design of internal controls over the indirect cost rate-setting process, the Director of ONR should finalize and issue internal guidance for negotiating indirect cost rates with universities and nonprofit organizations, including establishing a time frame for issuance of the internal guidance, to help ensure that the procedures are implemented in a timely manner.

    Agency: Department of Defense: Department of the Navy: Office of Naval Research
    Status: Open

    Comments: DOD concurred with this recommendation. In response, DOD stated that the Office of Naval Research (ONR) is currently updating its internal guidance and currently plans to issue this guidance by December 31, 2016. As of June 15, 2017, no updated information has been provided by the Department of Defense. We will continue to monitor the status of this recommendation.
    Recommendation: To improve the design of internal controls over the indirect cost rate-setting process, the Director of ONR should update ONR's existing process for tracking key milestones in the indirect cost rate-setting process to include information such as when indirect cost rate proposals are overdue and when DCAA's audit reports are due.

    Agency: Department of Defense: Department of the Navy: Office of Naval Research
    Status: Open

    Comments: DOD concurred with this recommendation. In response, DOD stated that the Office of Naval Research will update its existing processes for tracking key milestones to include information such as due dates for rate proposals and DCAA audit reports. As of June 15, 2017, no updated information has been provided by the Department of Defense. We will continue to monitor the status of this recommendation.
    Director: Asif A. Khan
    Phone: (202) 512-9869

    7 open recommendations
    Recommendation: To improve the Navy's implementation of the FIAR Guidance for its General Fund FBWT FIP and facilitate efforts to achieve SBR auditability, the Secretary of the Navy should direct the Assistant Secretary of the Navy, Financial Management and Comptroller, to prepare a level I quantitative drilldown in accordance with the FIAR Guidance.

    Agency: Department of Defense: Department of the Navy
    Status: Open

    Comments: The Navy concurred with this recommendation and stated that it has actions planned, taken, or under way to prepare a quantitative drilldown. In August 2017 we contacted the Navy POC and requested an update on the status of this recommendation.
    Recommendation: To improve the Navy's implementation of the FIAR Guidance for its General Fund FBWT FIP and facilitate efforts to achieve SBR auditability, the Secretary of the Navy should direct the Assistant Secretary of the Navy, Financial Management and Comptroller, to prioritize audit readiness efforts for the key FBWT systems, prepare an audit strategy that identifies for each system (1) the Navy's plan for assessing the system to gain assurance that the system can be relied on; (2) the assessment types, including prioritizing the assessments based on qualitative and quantitative factors for each system; and (3) planned start and completion dates of these assessments for each system.

    Agency: Department of Defense: Department of the Navy
    Status: Open

    Comments: The Navy concurred with this recommendation and stated that it has actions planned, taken, or under way to prioritize audit readiness efforts for key FBWT systems. In August 2017 we contacted the Navy POC and requested an update on the status of this recommendation.
    Recommendation: To improve the Navy's implementation of the FIAR Guidance for its General Fund FBWT FIP and facilitate efforts to achieve SBR auditability, the Secretary of the Navy should direct the Assistant Secretary of the Navy, Financial Management and Comptroller, to prepare, in accordance with FIAR Guidance, the documentation of control activities and information technology general computer controls for significant systems; system certifications or accreditations; system, end user, and systems documentation locations; and hardware, software, and interfaces.

    Agency: Department of Defense: Department of the Navy
    Status: Open

    Comments: The Navy concurred with this recommendation and stated that it has actions planned, taken, or under way to document control activities, information technology general computer controls for significant systems, systems documentation locations, and hardware, software, and interfaces. In August 2017 we contacted the Navy POC and requested an update on the status of this recommendation.
    Recommendation: To improve the Navy's implementation of the FIAR Guidance for its General Fund FBWT FIP and facilitate efforts to achieve SBR auditability, the Secretary of the Navy should direct the Assistant Secretary of the Navy, Financial Management and Comptroller, to prepare an internal control assessment document for each assessable unit, summarizing control activities that are appropriately designed and in place.

    Agency: Department of Defense: Department of the Navy
    Status: Open

    Comments: The Navy concurred with this recommendation and stated that it has actions planned, taken, or under way to prepare an internal control assessment document. In August 2017 we contacted the Navy POC and requested an update on the status of this recommendation.
    Recommendation: To improve the Navy's implementation of the FIAR Guidance for its General Fund FBWT FIP and facilitate efforts to achieve SBR auditability, the Secretary of the Navy should direct the Assistant Secretary of the Navy, Financial Management and Comptroller, to perform sufficient testing for supporting documentation to reasonably determine whether such documentation, including that for key reconciliations, is available in a sustainable manner for future audit efforts.

    Agency: Department of Defense: Department of the Navy
    Status: Open

    Comments: The Navy concurred with this recommendation and stated that it has actions planned, taken, or under way to test the effectiveness of Fund Balance with Treasury controls, which includes assessing the availability of supporting documentation. In August 2017 we contacted the Navy POC and requested an update on the status of this recommendation.
    Recommendation: To improve the Navy's implementation of the FIAR Guidance for its General Fund FBWT FIP and facilitate efforts to achieve SBR auditability, the Secretary of the Navy should direct the Assistant Secretary of the Navy, Financial Management and Comptroller, to, for each fiscal year expected to be under audit, identify and address unusual and invalid transactions, abnormal balances, and missing data fields in the universe of collection and disbursement transactions.

    Agency: Department of Defense: Department of the Navy
    Status: Open

    Comments: The Navy concurred with this recommendation and stated that it has actions planned, taken, or under way to obtain monthly data from Defense Finance and Accounting Service on invalid Fund Balance with Treasury transactions. In August 2017 we contacted the Navy POC and requested an update on the status of this recommendation.
    Recommendation: To improve the Navy's implementation of the FIAR Guidance for its General Fund FBWT FIP and facilitate efforts to achieve SBR auditability, the Secretary of the Navy should direct the Assistant Secretary of the Navy, Financial Management and Comptroller, to update FBWT data flowcharts and narratives to fully describe the flow of data from the Navy's receipt of collection and disbursement transaction information through the financial statement line items, including the reversal of general ledger trial balance data generated by the automated system and other entries made within Defense Departmental Reporting System - Budgetary.

    Agency: Department of Defense: Department of the Navy
    Status: Open

    Comments: The Navy concurred with this recommendations and stated that it has actions planned, taken, or under way to develop procedures and documentation that describe the processes associated with the flow of data. In August 2017 we contacted the Navy POC and requested an update on the status of this recommendation.
    Director: Dawn B. Simpson
    Phone: (202) 512-3406

    1 open recommendations
    including 1 priority recommendation
    Recommendation: The Secretary of the Treasury should direct the Fiscal Assistant Secretary to develop and implement procedures to determine whether user accounts already exist before establishing or recertifying user accounts in the Governmentwide Treasury Account Symbol Adjusted Trial Balance System or Governmentwide Financial Report System.

    Agency: Department of the Treasury
    Status: Open
    Priority recommendation

    Comments: As of the completion of our fiscal year 2016 consolidated financial statements (CFS) audit, Treasury agreed that this recommendation remained open. Treasury plans to implement processes to validate new users who do not already have an existing account in the Governmentwide Treasury Account Symbol Adjusted Trial Balance System (GTAS) or the Governmentwide Financial Report System (GFRS); and to ensure that users do not have conflicting roles or privileges. We will follow-up on progress made by Treasury as part of our fiscal year 2017 CFS audit, which is ongoing as of March 2017.
    Director: Andrew Sherrill
    Phone: (202) 512-7215

    2 open recommendations
    Recommendation: To enhance consistency with DOL policy and procedures in adjudicating EEOICPA Part E claims, the Secretary of Labor should strengthen internal controls by requiring district offices to take steps to ensure that all claimant correspondence for Recommended and Final Decisions receives supervisory review.

    Agency: Department of Labor
    Status: Open

    Comments: The Department of Labor agreed with our recommendation that a second level review will provide a higher degree of internal quality control. However, upon evaluating our recommendation, Labor determined that given its current staffing levels it would not be possible to conduct a supervisory review of all Recommended and Final Decisions without having an adverse impact on the issuance of timely decisions for claimants. Instead, Labor is implementing a process to review a sample of decision letters - initially 10 percent - and make procedural adjustments based on the results of those reviews. We will revisit the status of this recommendation pending the results of Labor's supervisory reviews of selected decision letters.
    Recommendation: To enhance consistency with DOL policy and procedures in adjudicating EEOICPA Part E claims, the Secretary of Labor should strengthen internal controls by requiring district offices to document that the SEM was checked for updates just prior to issuing a Recommended Decision to deny a claim in cases in which the date of the last SEM update has not changed since the claims examiner's prior check.

    Agency: Department of Labor
    Status: Open

    Comments: The Department of Labor agreed with our recommendation pertaining to documenting searches of the Site Exposure Matrix during claims processing. Labor stated that it has implemented the recommendation by updating relevant guidance in the Federal EEOICPA Procedure Manual. We will update the status of this recommendation pending verification that the Procedure Manual was revised to require claims examiners to document that, before denying a claim they checked the Site Exposure Matrix to ensure pertinent information had not changed since the examiner's prior check.
    Director: Asif A. Khan
    Phone: (202) 512-9869

    1 open recommendations
    including 1 priority recommendation
    Recommendation: To help meet its financial management improvement and audit readiness goals, the Secretary of Defense should direct the Under Secretary of Defense (Comptroller) to reconsider the status of the three panel recommendations that DOD classified as met that we determined were partially met and take the necessary actions to reasonably assure that these recommendations have been met.

    Agency: Department of Defense
    Status: Open
    Priority recommendation

    Comments: In September 2015, we reported that DOD had completed action on 6 of the Committee Panel's 29 recommendations. However, we disagreed with DOD's reported status of met for 3 other recommendations related to (1) attestations on audit readiness to be included in each of the Financial Improvement and Audit Readiness (FIAR) Plan Status Reports; (2) inclusion of FIAR-related goals in Senior Executive Service performance plans, and rewarding and evaluating performances over time based on those goals; and (3) the review of audit readiness assertions by component senior executive committees. In response to our recommendation, in its November 2015 FIAR Plan Status Report, DOD revised the implementation status for these three recommendations from met to partially met and gave further consideration to actions needed to reasonably assure whether the recommendations had been met. In its May 2016 FIAR Plan Status Report DOD stated that it had completed corrective action on one of these three Committee Panel recommendations and reported actions on the other two recommendations as partially met. As of May 2017, DOD reported that its actions for all three Congressional Panel recommendations met those recommendations. However, DOD had not yet identified a method to reward executives based on evaluated performance on FIAR-related goals. In addition, DOD needs to continue to state in each FIAR Plan Status Report whether DOD is on track to be audit ready as of September 30, 2017. Therefore, as of August 30, 2017, this recommendation was still open.
    Director: Asif A. Khan
    Phone: (202) 512-9869

    1 open recommendations
    Recommendation: To improve the quality of DOD's financial statement audits and ensure that corrective actions to address audit recommendations are fully and effectively implemented prior to their closure, the Department of Defense Inspector General should ensure that Marine Corps corrective actions fully address audit recommendations and document auditor review of the actions taken before closing the related recommendations.

    Agency: Department of Defense: Office of the Inspector General
    Status: Open

    Comments: Our follow up in fiscal year 2015 was limited to a request for a documented process the DOD-IG may have developed and implemented to ensure all control issues detailed in the NFRs have been fully resolved; related corrective action plans were relevant and reviewed consistently and adequately; and the IPA/DOD-IG reviews were documented as part of the NFR review process. DOD-IG was not able to provide such documentation to support the statement provided in its response to our recommendation at the time the report was issued. Consequently, there was no documentation for us to review. In August 2017, we contacted the DOD-IG and requested an update on the status of efforts to address this recommendation. Also, per the contract with an IPA for the USMC's fiscal year 2017 financial statement audit, the IPA is to follow up on status of efforts to address prior year recommendations.
    Director: David C. Trimble
    Phone: (202) 512-3841

    5 open recommendations
    Recommendation: To help improve its ability to assess the risk of improper payments and make more effective use of DOE and contractor resources, the Secretary of Energy should direct the department's Chief Financial Officer to revise the department's IPERA guidance and direct field office sites with responsibility for non-M&O contractor risk assessments to address risk factors as they relate to those sites and take steps to ensure sites implement it.

    Agency: Department of Energy
    Status: Open

    Comments: As of May 2017, DOE had revised its fiscal year 2015 and 2016 improper payments guidance. The revised guidance directs field office sites with responsibility for non-M&O contractor risk assessments to address risk factors as they relate to those sites. The guidance further requires each site Chief Financial Officer to certify to the accuracy of improper payments and risk rating. We will continue to monitor DOE's efforts to ensure sites implement this new guidance.
    Recommendation: To help improve its ability to assess the risk of improper payments and make more effective use of DOE and contractor resources, the Secretary of Energy should direct the department's Chief Financial Officer to revise the department's IPERA guidance and clarify how payment sites are to address risk factors and document the basis for their risk rating determinations and take steps to ensure sites implement it.

    Agency: Department of Energy
    Status: Open

    Comments: As of May 2017, DOE had revised its fiscal years 2015 and 2016 improper payments guidance requiring sites to prepare risk assessments using a new risk assessment format. The guidance states that the new format was developed to improve consistency among the sites and improve documentation supporting the risk ratings. In the new format, each risk factor includes a description of the risk factor, rating criteria and/or questions to consider during the evaluation to assist sites in determining a risk rating by payment type. The guidance also requires all sites to maintain supporting documentation for their risk assessment. We will continue to monitor DOE's efforts to ensure sites implement this new guidance.
    Recommendation: To help improve its ability to assess the risk of improper payments and make more effective use of DOE and contractor resources, the Secretary of Energy should direct the department's Chief Financial Officer to revise the department's IPERA guidance and clarify who is responsible at DOE for reviewing and approving risk assessments for consistency across sites and take steps to ensure those entities implement it.

    Agency: Department of Energy
    Status: Open

    Comments: As of May 2017, DOE had revised its fiscal years 2015 and 2016 improper payments guidance to require site Chief Financial Officers and the Director of Risk Management of the Loan Programs Office to provide a signed certification to DOE's Director of the Office of Finance and Accounting certifying to the accuracy of improper payments and the risk assessment and rating submitted. The guidance provides templates for these certifications. We will continue to monitor DOE's efforts to ensure sites implement this new guidance.
    Recommendation: To help improve its ability to assess the risk of improper payments and make more effective use of DOE and contractor resources, the Secretary of Energy should direct the department's Chief Financial Officer to revise the department's IPERA guidance and provide specific examples of other risk factors that present inherent risks likely to contribute to significant improper payments, in addition to the eight risk factors, direct payment sites to consider those when performing their improper payment risk assessments, and take steps to ensure sites implement it.

    Agency: Department of Energy
    Status: Open

    Comments: As of May 2017, DOE had revised its fiscal year 2015 and 2016 improper payments guidance. In addition to the required OMB risk factors, the guidance added the following additional risk factors to be included in the risk assessments: (1) contractor payment processing oversight and (2) segregation of duties. The guidance states these factors have been added to ensure that inherently high-risk areas that can contribute to a site's susceptibility to significant improper payments are properly evaluated. We will continue to monitor DOE's efforts to ensure sites implement this new guidance.
    Recommendation: To provide better transparency regarding its total known improper payments reported under IPERA, the Secretary of Energy should direct the department's Chief Financial Officer to improve public reporting on the amount of total known improper payments by disclosing additional information regarding this amount and the extent to which improper payments could be occurring.

    Agency: Department of Energy
    Status: Open

    Comments: As of May 2017, DOE had added supplemental information to its fiscal year 2016 Agency Financial Report. We will continue to gather additional information from DOE to determine the extent to which this information addresses the amount of total known improper payments.
    Director: Chris P. Currie
    Phone: (404) 679-1875

    1 open recommendations
    Recommendation: To enhance the Secretary of Homeland Security's ability to assess national preparedness and provide management oversight of federal interagency efforts to close previously identified capability gaps, the Secretary of Homeland Security should direct the Administrator of FEMA--in coordination and collaboration with the National Security Council Staff and other federal departments and agencies--to collect information on and regularly report to the Secretary the status of federal interagency implementation of corrective actions identified (1) through prior national-level exercises and (2) following real-world incidents, specifically major disasters.

    Agency: Department of Homeland Security
    Status: Open

    Comments: In November 2016, FEMA officials reported that the agency had developed an approach for collecting and reporting on the status of federal interagency corrective actions from Level I disasters to add to the current practice of reporting on national level exercises. According to officials, the proposed approach was under review and the agency plans to coordinate with the other federal departments and agencies before submitting their proposal to DHS for final approval. In August 2017, FEMA's National Preparedness Directorate reported an expected completion date of December 29, 2017. Pending completion of this effort, this recommendation remains open.
    Director: Cary B Russell
    Phone: (202) 512-5431

    1 open recommendations
    Recommendation: To help DOD to improve the overall management of shipping containers for current and future contingencies, and to more fully incorporate recommendations into its policy and guidance and to ensure that improvements to container management will be sustained for future contingencies, the Secretary of Defense should develop a comprehensive list of recommendations made by DOD agencies and other organizations, and make the information available for policymakers to incorporate, as appropriate, into new or existing container-management policy and guidance. DOD could use our work as a starting point for this assessment.

    Agency: Department of Defense
    Status: Open

    Comments: DOD concurred with our recommendation and requested that GAO provide a listing of the recommendations we identified during this review to use as a starting point for its assessment. After we provided the listing of 95 recommendations, DOD added an additional 7 recommendations DOD identified through an independent assessment from the Institute for Defense Analysis. DOD then reviewed each of the recommendations for Departmental-level policy and guidance implications. As a result, after we completed our review in 2014, the Department has been making improvements in container management. For example, according to a DOD official, the department is revising DOD Instruction 4500.57, "Transportation and Traffic Management" to include specific container management responsibilities for combatant commanders, provisions for use of intermodal containers during contingency operations, container management definitions, and policy on use of the Joint Container Management System. Additionally, the Campaign Plan for Global Distribution 9033 is being revised to require each geographic combatant command to publish a Theater Distribution Plan and provides a standardized template to promote uniformity. Finally, according to DOD officials, the Universal Services Contract for sealift includes provisions for container detention and buyouts that are more favorable to the Government in reducing detention costs. As of September 2017, DOD has made progress toward implementation. For example, the department revised DOD Instruction 4500.57 "Transportation and Traffic Management" in March 2017 and included specific container management responsibilities for combatant commanders, provisions for use of intermodal containers during contingency operations, container management definitions, and policy on use of the Joint Container Management System. Also, DOD updated the Universal Services Contract 8 in January 2016 with provisions such as lower container buyout costs that are more favorable to the government in reducing costs than the contract from the prior year. Currently, the department's draft global campaign plan that includes commanders' responsibilities for managing containers is awaiting final approval. GAO is awaiting additional information from DOD such as other provisions in the container management contract that will assist the government in reducing costs, and final approval of DOD's plan.
    Director: Malenich, J Lawrence
    Phone: (202) 512-3406

    2 open recommendations
    Recommendation: The CFPB should direct the Chief Financial Officer to design and implement control procedures that require coordination between the Office of Procurement and other program offices at the time of capitalization to ensure that property and equipment costs, including costs associated with internal-use software, are properly capitalized or expensed as appropriate.

    Agency: Consumer Financial Protection Bureau
    Status: Open

    Comments: Although CFPB took actions to attempt to address this recommendation, as of September 30, 2016, it was still in the process of implementing additional corrective actions. In addition, our fiscal year 2016 audit continued to identify deficiencies over the recording of property, equipment, and software costs. We will continue to evaluate CFPB's actions to address this recommendation during our fiscal year 2017 financial statement audit.
    Recommendation: The CFPB should direct the Chief Financial Officer to strengthen the design and implementation of control procedures to require, as part of the Office of the Chief Financial Officer's quarterly review procedures, review of underlying supporting documents, including tracking schedules, invoices, and obligating documents, to ensure that property and equipment transactions are properly identified and capitalized or expensed as appropriate.

    Agency: Consumer Financial Protection Bureau
    Status: Open

    Comments: As of September 30, 2016, we continued to find that the Office of the Chief Financial Officer's review was not always effective in timely detecting and correcting classification errors between costs that should be capitalized and costs that should be expensed. We will continue to evaluate CFPB's actions to address this recommendation during our fiscal year 2017 financial statement audit.
    Director: Khan, Asif A
    Phone: (202) 512-9869

    2 open recommendations
    Recommendation: The Secretary of Defense should direct the Under Secretary of Defense, in his capacity as the Chief Management Officer and in consultation with the Under Secretary of Defense (Comptroller), to design and implement department-level policies and detailed procedures for FIAR Plan risk management that incorporate the five guiding principles for effective risk management. The following are examples of key features of each of the guiding principles that DOD should, at a minimum, address in its policies and procedures. (1) Identify risks. Generate a comprehensive and continuously updated list of risks that includes the root cause of each risk, audit area(s) each risk will affect, and the potential consequences if a risk is not effectively mitigated. (2) Analyze risks. Consult with key stakeholders, including program managers; use analytical techniques, such as risk categorization, risk urgency assessment, or sensitivity analysis; and determine the impact of the identified risks on individual DOD components' abilities to achieve audit readiness. (3) Plan for risk mitigation. Assign responsibility or ownership of the risk mitigation actions, define roles and responsibilities in executing mitigation plans, establish deadlines or milestones for individual mitigation actions, and estimate resource needs. (4) Implement risk mitigation plan. Document the implementation of mitigation actions, develop appropriate metrics that allow for tracking of progress, and validate reported metrics. (5) Monitor risks. Track identified risks and assess the effectiveness of implemented mitigation actions on a continuous basis, including identifying and planning for new risks.

    Agency: Department of Defense
    Status: Open

    Comments: DOD partially concurred with our recommendation. While DOD did concur with our assessment that they did not have a risk management policy and procedures related to implementing the FIAR guidance. They did not concur with our assessment of the overall environment of DOD's risk management of the FIAR initiative. DOD has taken steps to address our recommendation including implementing an NFR tracker and standard operating procedures designed to track DOD component material weaknesses. DOD has also documented a critical path and milestones in Appendix F of their FIAR Guidance; military component tasks and milestones in appendix G of the FIAR Guidance; and audit readiness deal breakers, now referred to as critical capabilities. However, while these are positive actions, they do not address our recommendation for DOD to implement risk management policies and procedures for FIAR implementation. Further, DOD has not provided GAO with evidence of planned actions it summarized in its agency comments. Specifically, DOD has not provided documentation related to (1) improving risk management documentation, (2) reinstating the DOD probability and impact matrix, and (3) re-evaluation of metrics to monitor progress and risk of audit readiness. Lastly, DOD's tracking of military component material weaknesses does not identify risks to audit readiness, or the agencies capabilities to manage risks to audit readiness. According to the May 2017 FIAR Status Update for the HASC Panel Recommendations, DOD has reinforced the importance of internal controls over areas of significant risk by updating the FIAR Guidance with a new chapter dedicated to internal controls. DOD has also changed how they respond to recommendation follow-up by way of the Washington Headquarters Service (WHS). We are currently waiting for a POC to be assigned. We will continue to evaluate the status of actions to address this recommendation.
    Recommendation: The Secretary of Defense should direct the Under Secretary of Defense, in his capacity as the Chief Management Officer and in consultation with the Under Secretary of Defense (Comptroller), to consider and incorporate, as appropriate, the Navy's and DLA's risk management practices in department-level policies and procedures.

    Agency: Department of Defense
    Status: Open

    Comments: DOD has changed how they respond to recommendation follow-up by way of the Washington Headquarters Service (WHS). We are currently waiting for a POC to be assigned. We will continue to evaluate the status of actions to address this recommendation.
    Director: Trimble, David C
    Phone: (202) 512-3841

    1 open recommendations
    Recommendation: To help improve its ability to oversee M&O contractor costs, including indirect costs, for its laboratories and make more effective use of DOE and contractor resources, the Secretary of Energy should take--or, as appropriate, direct the Administrator of NNSA to incorporate more specific benchmarking requirements into future laboratory contracts--similar to the benchmarking requirements used by DOE to assess and manage pension and post-retirement benefit costs--including which costs should be benchmarked, how frequently benchmarking should occur, and what process should be used to ensure corrective actions are taken, as needed.

    Agency: Department of Energy
    Status: Open

    Comments: In April 2017, the Director of NNSA Office of Policy issued guidance to NNSA Laboratory Field Office Managers to update contracts to include a new clause requiring laboratory contractors to submit a strategic plan every year in accordance with guidance. Part of the annual plan requires contractors to discuss the costs of doing business and cost-increase factors at the sites, including overhead dollars. The annual strategic plan is due to the NNSA Office of Policy by August 15 each year. This plan is expected to allow NNSA to conduct the benchmarking activities recommended by our report, which can then be considered in current and future laboratory contracts.
    Director: Goldstein, Mark L
    Phone: (202)512-3000

    3 open recommendations
    Recommendation: To improve internal controls over the E-rate program, the Federal Communications Commission should, based on the findings of the risk assessment, conduct a thorough examination of the overall design of E-rate's internal control structure to ensure that the procedures and administrative resources related to internal controls are aligned to provide reasonable assurance that program risks are appropriately targeted and addressed.

    Agency: Federal Communications Commission
    Status: Open

    Comments: In April 2014, FCC approved USAC's hiring of a contractor to conduct a risk assessment of the E-rate program. FCC plans to implement this recommendation after the risk assessment is completed and the results of the risk assessment can be used to inform the examination of the internal control structure.
    Recommendation: To improve internal controls over the E-rate program, the Federal Communications Commission should implement a systematic approach to assess internal controls that appropriately considers the results of beneficiary audits and that is supported by a documented and approved set of policies and procedures.

    Agency: Federal Communications Commission
    Status: Open

    Comments: In April 2014, FCC approved the hiring of a contractor to conduct a risk assessment of the E-rate program. In July 2014, an FCC official said that the agency planning to take action on this recommendation before the risk assessment is completed.
    Recommendation: To improve internal controls over the E-rate program, the Federal Communications Commission should develop policies and procedures to periodically monitor the internal control structure of the E-rate program, including evaluating the costs and benefits of internal controls, to provide continued reasonable assurance that program risks are targeted and addressed.

    Agency: Federal Communications Commission
    Status: Open

    Comments: In April 2014, FCC approved the hiring of a contractor to conduct a risk assessment of the E-rate program. In July 2014, an FCC official said that the agency planning to take action on this recommendation before the risk assessment is completed.
    Director: Clark, Cheryl E
    Phone: (202)512-9521

    1 open recommendations
    Recommendation: The Commissioner of IRS should direct the appropriate IRS officials to, once IRS identifies the control weaknesses that result in inaccuracies or errors that affect the financial reporting of unpaid tax assessments, implement control procedures to routinely prevent, or to detect and correct, such errors.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: IRS created a long-term corrective action plan that contains specific actions to improve control procedures to prevent or detect errors. While IRS completed some actions during fiscal year 2016, it has not completed most of the actions in the plan or documented milestones or target completion dates for these remaining actions. In addition, during fiscal year 2016, GAO and IRS continued to identify misclassified unpaid assessments that resulted from inaccuracies or errors in taxpayer accounts. Thus, IRS's actions to date have not been effective at fully addressing the issues that continue to cause a lack of transaction traceability and material inaccuracies produced by the subsidiary ledger. We will continue to evaluate IRS's actions to address this recommendation during our fiscal year 2017 audit.
    Director: Engel, Gary T
    Phone: (202)512-8815

    1 open recommendations
    including 1 priority recommendation
    Recommendation: The Secretary of the Treasury should direct the Fiscal Assistant Secretary, working in coordination with the Controller of OMB's Office of Federal Financial Management, to establish effective processes and procedures to ensure that appropriate information regarding litigation and claims is included in the governmentwide legal representation letter.

    Agency: Department of the Treasury
    Status: Open
    Priority recommendation

    Comments: As of the completion of our fiscal year 2016 consolidated financial statements (CFS) audit, Treasury and OMB agreed that this recommendation remained open. Treasury and OMB plan to leverage the existing schedules to the legal representation letters to perform analytics on the items below the threshold to determine the materiality at the aggregate level. We will follow-up on progress made by Treasury and OMB as part of our fiscal year 2017 CFS audit, which is ongoing as of March 2017.