Federal Reports

Our Objective(s)To determine whether (1) Charles E. Harris & Associates, Inc.’s (CEH) audit work complied with the Single Audit Act of 1984, as amended, the Office of Management and Budget's Uniform Guidance and the extent to which we could rely on the auditor's work on the U.S. Department of Transportation’s (DOT) major program, and (2) the Greater Dayton Regional Transit Authority’s (Authority) reporting package complied with the reporting requirements of the Uniform Guidance.About This ReportDuring the fiscal year that ended on December 31, 2022, the Authority expended approximately $39 million from DOT programs. CEH determined DOT’s major program was FTA’s Federal Transit Cluster. We performed a quality control review on the single audit conducted by CEH to ensure compliance with all Federal laws and regulations.What We FoundReview of Audit WorkCEH complied with the requirements of the Single Audit Act, the Office of Management and Budget's Uniform Guidance, and DOT’s major program.We found nothing to indicate that CEH's opinion on DOT's major program was inappropriate or unreliable.We identified deficiencies in CEH’s audit work that require correction in future audits.Review of Reporting PackageWe did not identify any deficiencies that required correction and resubmission.QCR RatingWe assigned CEH an overall rating of Pass with Deficiencies.

The SBIR and STTR Extension Act of 2022 reauthorized the Small Business Innovation Research (SBIR) and the Small Business Technology Transfer (STTR) programs. The Inspector General of a Federal agency that participates in the SBIR or STTR programs must submit an annual report to Congress describing its investigations involving those programs (15 U.S.C. Section 638b(c). Information in this report presents the OIG investigative information related to SBIR for FY 2024.

We summarized what we have determined to be the most significant management and performance challenges facing DOI for FY 2024.

The Federal Information Security Modernization Act of 2014 (FISMA) directs Inspectors General to conduct an annual evaluation of the agency information security program. FISMA, Department of Homeland Security (DHS), Office of Management and Budget (OMB) and National Institute of Standards and Technology (NIST) establish information technology (IT) security guidance and standards for Federal agencies. We conducted this evaluation to assess the overall effectiveness of the Department of Housing and Urban Development’s information security (InfoSec) program, assess their compliance with Federal guidance, and respond to OMB reporting questions for the fiscal year 2024 annual assessment. HUD continued to take positive steps to improve its IT security posture. HUD improved its InfoSec program to maturity level 3, consistently implemented. However, at this level HUD’s InfoSec program is not considered effective. HUD’s InfoSec program scored a 3.08 for the core metrics and a 3.30 for the FY 2024 supplemental metrics, both of which were at maturity level 3, consistently implemented. HUD increased in maturity for 22 metrics and maintained the same maturity for the remaining 15 metrics. Notably, not only did HUD achieve maturity level 4, managed and measurable, for the first time and it did so in 14 metrics.

The CFTC OIG contracted with the independent public accounting firm of Williams, Adley & Company, LLP (Williams Adley) to audit the financial statements of the CFTC Customer Protection Fund (CPF) as of and for the fiscal years ended September 30, 2023, and 2024, to provide a report on internal control over financial reporting, report on compliance with laws and other matters, and provide an opinion on whether CFTC’s CPF financial management systems complied substantially with the requirements of the Federal Financial Management Improvement Act of 1996 (FFMIA).