Office of Inspector General

Semiannual Report to Congress

October 1, 2013-March 31, 2014

OIG VISION

Agents Igniting Change and Fostering Accountability, Effectiveness, and Efficiency in Government.

OIG MISSION

The OIG's mission is to detect and prevent waste, fraud and abuse and to promote economy, efficiency, and effectiveness in Agency programs and operations

Milton A. Mayo Jr.
Inspector General

 

---

CONTENTS

A Message from the Inspector General

Executive Summary

Introduction

The Audit and Evaluation Program
Completed Projects
New and Ongoing Audit and Evaluation Projects
Audit Follow-Up

The Investigation Program
Investigative Inquiries
Completed Investigative Activities
Ongoing Investigative Activities

Other OIG Program Activities

Appendixes
Appendix I. Final Office of Inspector General Audit and Evaluation Reports
Appendix II. Index of Reporting Requirements
Appendix III. Single Audit Act Reports

A MESSAGE FROM THE INSPECTOR GENERAL

In accordance with the Inspector General Act of 1978, as amended, I herewith submit the semiannual report for the period October 1, 2013, through March 31, 2014, which summarizes the major activities of our office for the reporting period. Section 5 of the Inspector General Act requires the Chair to transmit this report to the appropriate committees or subcommittees of Congress within 30 days of its receipt.

During this period, the Office of Inspector General (OIG) issued five final audit/evaluation reports, completed one investigation, and received 284 investigative inquiries, of which 114 were charge processing issues, 124 were Title VII complaints, and 46 were other investigative allegations.

The OIG staff remains resolute in our commitment to our mission and the U.S. Equal Employment Opportunity Commission's efforts to achieve justice and equality in the workplace.

As always, we appreciate the support and cooperation of Chair Jacqueline A. Berrien, the Commissioners, and employees of the Commission.

Respectfully,

Milton A. Mayo Jr.
Inspector General
April 30, 2014

EXECUTIVE SUMMARY

This semiannual report is issued by the Equal Employment Opportunity Commission's (EEOC's) Office of Inspector General (OIG) pursuant to the Inspector General Act of 1978, as amended. It summarizes the OIG's activities and accomplishments for the period October 1, 2013, through March 31, 2014.

During this period, the OIG issued five final audit/evaluation reports, completed one investigation, and received 284 hotline inquiries, of which 114 were charge processing issues, 124 were Title VII complaints, and 46 were investigative allegations.

The OIG's completed, newly initiated, and ongoing audit, evaluation, and investigative projects include the following:

• In connection with the FY 2013 financial statement audit, HRK issued a management letter that identified several areas where internal controls should be strengthened. The Management Letter Report was issued on January 31, 2014.
• Brown & Company completed the OIG's independent evaluation of the Agency's information technology security program and compliance with the Federal Information Security Management Act of 2002 (FISMA) for FY 2013. Brown & Company concluded that the Agency has made positive strides over the last year in addressing information security weaknesses and continues to make progress in becoming fully FISMA compliant. However, the Agency still faces challenges in fully implementing information security requirements.
• The OIG reported to the Office of Management and Budget (OMB) on the Agency's progress in implementing recommendations relating to the Agency's charge card program. In accordance with the audit and reporting requirements of the Charge Card Abuse Prevention Act of 2012 (Charge Card Act), the OIG noted that none of the 10 recommendations from the FY 2013 performance audit of the charge card program had been implemented.
• HRK began the FY 2014 financial statement audit of the EEOC. An entrance conference was held on March 6, 2014. This year represents the final option year of the OIG's contract with HRK, and the OIG is preparing a new request for proposals to obtain bids to conduct the 2015 financial statement audit.
• The OIG carried out a performance audit of the Agency's personnel security program to ensure that EEOC has implemented personnel security policies and procedures that are in accordance with Office of Personnel Management guidelines and the Code of Federal Regulations.
• Ongoing investigations continue in several field offices involving ethics violations, conflicts of interest, fraud, mismanagement, falsification of government records, and impersonation of a Federal official, misuse of travel and purchase cards, and theft.

INTRODUCTION

The Equal Employment Opportunity Commission

The Equal Employment Opportunity Commission (EEOC) is the Federal agency responsible for enforcement of Title VII of the Civil Rights Act of 1964, as amended; the Equal Pay Act of 1963; the Age Discrimination in Employment Act of 1967; Section 501 of the Rehabilitation Act of 1973 (in the Federal sector only); Title I of the Americans with Disabilities Act of 1990 and Americans with Disabilities Act Amendments Act of 2008; the Civil Rights Act of 1991; the Lilly Ledbetter Fair Pay Act of 2009; and the Genetic Information Nondiscrimination Act of 2008 (P.L. 110-233 Stat 881), also referred to as GINA. These statutes prohibit employment discrimination based on race, sex, color, religion, national origin, age, disability, or genetic information.

The EEOC is also responsible for carrying out Executive Order 12067, which promotes coordination and minimizes conflict and duplication among Federal agencies that administer statutes or regulations involving employment discrimination.

The EEOC is a bipartisan commission composed of five presidentially appointed members, including a Chair, a Vice Chair, and three Commissioners. The Chair is responsible for the administration and implementation of policy and for the financial management and organizational development of the Commission. The Vice Chair and the Commissioners equally participate in the development and approval of the policies of the EEOC, issue charges of discrimination where appropriate, and authorize the filing of lawsuits. Additionally, the President appoints a General Counsel, who is responsible for conducting litigation under the laws enforced by the Commission.

The Office of Inspector General

The U.S. Congress established the Office of Inspector General (OIG) at the EEOC through the 1988 amendments to the Inspector General Act of 1978, which expanded the authority of designated Federal entities to create independent and objective OIGs. Under the direction of the Inspector General (IG), the OIG meets this statutory responsibility by conducting and supervising audits, evaluations, and investigations relating to the programs and operations of the Agency; providing leadership and coordination; and recommending policies for activities designed to promote economy, efficiency, and effectiveness in the administration of programs and operations.

In October 2008, Congress passed the Inspector General Reform Act of 2008, which generally buttressed the independence of IGs, increased their resources, and held them more accountable for their performance. The OIG is under the supervision of the IG, an independent EEOC official subject to the general supervision of the Chair. The IG must not be prevented or prohibited by the Chair or any other EEOC official from initiating, carrying out, or completing any audit, investigation, evaluation, or other inquiry or from issuing any report.

The IG provides overall direction, coordination, and leadership to the OIG; is the principal advisor to the Chair in connection with all audit and investigative matters relating to the prevention, identification, and elimination of waste in any EEOC program or operation; and recommends the proper boundaries of audit and investigation jurisdiction between the OIG and other EEOC organizations. The IG also develops a separate and independent annual budget for the OIG; responds directly to inquiries from the public, Congress, or the news media; and prepares press releases, statements, and other information about the OIG's activities.

The Deputy Inspector General (DIG) serves as the alter ego of the IG and participates fully in policy development and in management of the diverse audit, investigation, evaluation, and support operations of the OIG.

The Counsel to the Inspector General (CIG) is the sole legal advisor in the OIG. The CIG provides day-to-day guidance to the OIG's investigation team and is the primary liaison with Agency legal components and the Department of Justice.

In addition to these positions, the OIG staff includes a chief technology officer, an evaluator, two auditors, two criminal investigators, an administrative specialist, and a confidential support assistant.

The OIG was recently granted authority to hire and is currently recruiting to fill the positions of the DIG and a staff auditor. It is anticipated that these positions will be filled during the third quarter of FY 2014.

During this reporting period, the OIG continued updating its information technology infrastructure. All aspects of our infrastructure development are documented in our Information Technology Work Plan (ITWP). The ITWP links directly with the office's Information Technology Strategic Plan. The ITWP will guide OIG efforts in planning future IT evaluation and audit projects as well as internal OIG IT infrastructure initiatives.

The OIG strategically incorporates technology to improve its business processes, practices, planning, collaboration, and products rather than adopting new and emerging technologies simply because they are deemed to be on the leading edge.

Work currently under way includes the following:

• The OIG's newly designed website is in the final phase of development. The new website will be used as a mechanism to provide: (1) greater transparency in the operations of the OIG by enhancing access to audit and evaluation reports and other public documents; (2) an improved electronic portal for the public to use in reporting fraud, waste, and abuse; and (3) a medium to implement the use of social media to enhance our ability to reach and inform our stakeholders about the OIG's vision, mission, and operations. The website is currently under final design review and testing. The launch of the new website is scheduled for the fourth quarter of FY 2014.
• The OIG is transferring its information systems into a Federal Risk and Authorization Management Program (FedRAMP)-approved cloud. We are in the initial phases of choosing a contractor to migrate our systems to the cloud. Planning for this endeavor is scheduled to be completed by June 2014, and full implementation should be completed by the first quarter of fiscal year 2015.
• Work on the implementation of OIG's automated audit tracking system (AutoAudit) has been put on hold until OIG completes its infrastructure migration.

THE AUDIT AND EVALUATION PROGRAM

The Audit and Evaluation Program supports the OIG's strategic goal to improve the economy, efficiency, and effectiveness of EEOC programs, operations, and activities.

 

 

 

COMPLETED PROJECTS

Audit of the EEOC's Fiscal Year 2013 Financial Statements (OIG Report No. 2013-FIN-01)

The independent certified public accounting firm of Harper, Rains, Knight & Company, P.A. (HRK), audited the financial statements of the EEOC for FY 2013. HRK issued an unmodified opinion on EEOC's FY 2013 financial statements. In the firm's Report on Internal Control over Financial Reporting, HRK noted one area involving internal control and its operation that was considered to be a significant deficiency. This included the lack of sufficient controls over supporting documentation for personnel expenses. In the Report on Compliance with Applicable Laws and Regulations, HRK noted no instances of noncompliance with laws and regulations applicable to the Agency. The report was issued by the OIG on December 16, 2013.

Management Letter Report for FY 2013 Financial Statement Audit (OIG Report No. 2013-02-FIN)

On January 31, 2014, the OIG issued the Management Letter Report for the FY 2013 financial statement audit prepared by Harper, Rains, Knight & Company, P.A. (HRK). Internal control weaknesses were identified in the following areas:

• Lack of sufficient controls over supporting documentation for personnel expenses
• Inaccurate reconciliation of data
• Inaccurate recording of depreciation
• Lack of documented management review
• Budget object class misclassifications
• Inaccurate and incomplete property information
• Deficiencies in EEOC's charge card policies and procedures and internal controls

HRK recommended the following:

• EEOC should update its controls over the maintenance of its official personnel files. Additionally, management should perform a thorough review of employees' personnel files to ensure that documentation is current and complete.
• EEOC should work toward prompt resolution of these differences, as this is an essential component of financial data integrity, and its absence compromises the integrity of the financial reporting.
• EEOC should update the FCS software to calculate depreciation on a monthly basis.
• EEOC management should consistently review and approve all documents as prescribed by its policies and procedures.
• EEOC should discontinue its use of a "zero" object class when recording transactions.
• EEOC should ensure that its property records contain accurate and complete property information. A review should be conducted at least annually, but preferably semiannually.
• EEOC should determine controls to prevent waste, fraud, and misuse in the credit card program. On an annual basis, EEOC should review and update the Charge Card Program Guide for substantial changes. Additionally, EEOC should monitor the controls to ensure that they are working effectively.

Management agreed with the findings and recommendations. HRK will perform procedures in FY 2014 to determine whether EEOC's corrective action plans adequately address the recommendations.

Independent Evaluation of EEOC's Compliance with the Provisions of the Federal Information Security Management Act of 2002

For FY 2013, the EEOC OIG contracted with Brown & Company CPAs, PLLC, to conduct an independent evaluation of EEOC's compliance with the provisions of the Federal Information Security Management Act of 2002 (FISMA). FISMA requires agencies to develop, document, and implement an agency-wide information security program to protect the information and information systems that support the operations and assets of the agency, including those provided or managed by another agency, contractor, or other source.
Based on the results of its evaluation, Brown & Company concluded that the Agency has made positive strides over the last year in addressing information security weaknesses and continues to make progress in becoming fully FISMA compliant. However, the Agency still faces challenges in fully implementing information security requirements as stipulated in various federal guidelines and mandates. Brown & Company listed in its report the following areas of concern:

• Implementation of a continuous monitoring policy and procedures
• Improvement to the physical access security controls for headquarters and the alternate telecom site
• Improvement to the configuration management policies and procedures
• Implementation of multifactor authentication for physical and logical access
• Resolution of internal vulnerability assessment results

Agency Compliance with the Federal Managers' Financial Integrity Act

Agency policy directive EEOC Order 195.001 Management Accountability and Controls requires the OIG to annually provide a written advisory to the head of the Agency regarding whether the management control evaluation process complied with OMB guidelines. The OIG issued its annual report to the Chair on December 11, 2013, validating the Agency's compliance with the Federal Managers' Financial Integrity Act (FMFIA). To make this determination, the OIG reviewed the following:

• Assurance statements submitted by headquarters and district office directors attesting that their systems of management accountability and control were effective and that use of resources under their control was consistent with the Agency's mission and in compliance with the laws and regulations set out in FMFIA
• All functional area summary tables and functional area reports submitted by headquarters and field offices
• The Office of Research, Information and Planning's (ORIP's) FY 2013 FMFIAAssurance Statement and Assurance Statement Letter, with supporting documents

The OIG concluded that the Agency's management control evaluation was conducted in accordance with OMB's standards and concurred with ORIP's assertion that the Agency had no material weaknesses during the reporting cycle.

Report on Agency Progress in Implementing Charge Card Abuse Prevention Act of 2012

In accordance with the audit and reporting requirements of the Charge Card Abuse Prevention Act of 2012 (Charge Card Act), on January 30, 2014, the OIG reported to OMB that none of the 10 recommendations from OIG's performance audit of the charge card program (Report No. 2012-08-PURCH) had been closed. The OIG intends to conduct additional testing during the FY 2014 financial statement audit and work with the Agency's audit follow-up official to address these recommendations.

NEW AND ONGOING AUDIT AND EVALUATION PROJECTS

FY 2014 Audit of the Consolidated EEOC Financial Statements

The OIG contracted with Harper, Rains, Knight & Company, P.A., to perform the 2014 financial statement audit of EEOC, which is required by the Accountability of Tax Dollars Act of 2002. An entrance conference was held on March 6, 2014. Fieldwork is ongoing, and issuance of the audit opinion is expected by November 15, 2014, to meet OMB's deadline and be included in the Agency's 2014 Performance and Accountability Report. Additionally, the auditor will issue a Management Letter Report identifying any internal control weaknesses shortly thereafter.

Improper Payments Reporting for FY 2013

The OIG has requested information from EEOC management to assist in identifying and reporting erroneous or improper payments relating to FY 2013. The Improper Payment Information Act (IPIA) of 2002, as amended by the Improper Payments Elimination and Recovery Act (IPERA) of 2010, requires agencies to estimate and report on improper payments, and agency actions to reduce them, to the President and Congress. This year, IPERA requires the OIG to determine and report, by April 15, 2014, whether the Agency is in compliance with IPIA.

Cooperative Audit Resolution and Oversight Initiative

The OIG continued work on its Cooperative Audit Resolution and Oversight Initiative (CAROI), launched in 2012, and continues to achieve improvements in its relationship with the auditees and Agency audit follow-up officials. These improvements have resulted in the closure of a number of unresolved audit recommendations, better communication among participants in the Audit Follow-up Program, improved accuracy in audit follow-up reporting, and better overall implementation of the audit follow-up process. An advisory report on CAROI, originally scheduled for the third quarter of FY 2013, is now planned for the third quarter of FY 2014.

Open Government and Transparency Progress Review

On December 8, 2009, OMB issued Memorandum M10-06, known as the "Open Government Directive" (OGD). It requires executive agencies to take specific actions to implement the three principles of transparency, participation, and collaboration that form the cornerstone of open government set forth by the President. On July 15, 2011, the OIG issued a management advisory on EEOC's Open Government activities. The OIG's progress review focuses on EEOC Open Government and related activities from July 16, 2011, to the present. During September 2013, EEOC circulated, within the Agency, a draft update to its Open Government Plan. Once the OIG has reviewed the final plan, we will issue our progress report.

Evaluation of Outreach and Education

The objective of this evaluation is to assess the efficiency and effectiveness of EEOC's Outreach and Education program. The OIG met with key headquarters personnel who are knowledgeable about Outreach and Education and gathered background information about the program. The OIG will award a contract for the evaluation, with work to commence the fourth quarter of FY 2014.

Performance Audit of the Agency's Personnel Security Program.
The OIG is conducting  a performance audit of the Agency's personnel security program. The objective of this audit is to ensure that EEOC has implemented a personnel security program that adheres to the policies and procedures required by the Office of Personnel Management and the Code of Federal Regulations. The OIG contracted with Williams Adley & Company-DC, LLP, to conduct the performance audit, and a final report will be issued during the fourth quarter of FY 2014.

Windows XP Security and Desktop Migration

Microsoft Windows XP is the official operating system for the Agency's computers. On April 8, 2014, Microsoft will discontinue its support of XP. Entities still using Windows XP after that date will no longer receive support from Microsoft for security updates that protect computers from unauthorized attacks, harmful viruses, etc. The EEOC plans to continue using Windows XP until the fall 2014, at which time it is scheduled to complete its migration to the Windows 7 operating system, which is supported by Microsoft. During the interim, the Agency's Office of Information Technology (OIT) plans to implement compensating security controls to minimize the risk of the Agency's continued use of the Windows XP operating system. The OIG is conducting a review of the OIT's progress associated with the migration to Windows 7, and the implementation of those compensating security controls for Windows XP.

AUDIT FOLLOW-UP

Audit follow-up is an integral part of good management and is a shared responsibility of Agency management officials and auditors. Corrective action taken by management to resolve findings and recommendations is essential to improving the effectiveness and efficiency of Agency operations.

Section 5(a)(1) of the Inspector General Act of 1978, as amended, requires that semiannual reports include a summary description of significant problems, abuses, and deficiencies relating to the Agency's administration of programs and operations disclosed by the OIG during the reporting period. Five new reports were issued during this reporting period (October 1, 2013-March 31, 2014); three of those reports contained findings.

Reports Issued During This Reporting Period

Fiscal Year	Report Number	Report Title	Date Issued
2013	2013-FIN-01	FY 2013 Financial Statement Audit of the EEOC	12/16/2013
2013	2013-02-FIN	FY 2013 Management Letter Report	01/31/2014
2013	2013-05-FISMA	FY 2013 FISMA Report	12/05/2013
2013	2014-01-CARD	Report to OMB on Agency Progress in Implementing Charge Card Abuse Prevention Act of 2012	01/30/2014
2013	2013-07-AIC	Agency Compliance with the Federal Managers' Financial Integrity Act (FMFIA)	12/11/2013

As required by Section 5(a)(3) of the Inspector General Act of 1978, as amended, semiannual reports shall provide an identification of each significant recommendation described in previous semiannual reports on which corrective action has not been completed. OIG staff met with Agency follow-up officials in March 2014. The OIG is reporting a total of 13 reviews with a total of 37 open recommendations for this reporting period. The following table shows those recommendations for which corrective actions have not been completed.

 Recommendations for Which Corrective Actions Have Not Been Completed

Fiscal year	Report number	Report title	Date issued
2013	2012-09-REV	Review of Evaluations	04/09/2013
Open Recommendations: EEOC should further standardize intake procedures across field offices. EEOC should document criteria for determining Category C charges. EEOC should continue efforts to develop a national approach for addressing systemic discrimination. EEOC should continue to review the range of information obtained during intake interviews and how it is stored in IMS. EEOC should investigate the merits of expanding the information it obtains related to hiring and terminations.

 

Fiscal year	Report number	Report title	Date issued
2013	2012-01-FIN	FY 2012 Financial Statement Audit Report	11/16/2012
Open Recommendations: EEOC should update controls over maintenance of personnel files and perform a thorough review of employees' personnel files to insure that documentation is current and complete. EEOC should document and monitor implementation of all complementary user control considerations. EEOC should implement stringent reconciliation and resolution procedures for the reconciliation of management reports and sub-ledgers to FCS general ledger data.

 

Fiscal year	Report number	Report title	Date issued
2013	2012-03-FISMA	FY 2012 Federal Information Security Management Act Report	11/14/2012
Open Recommendations: EEOC should implement multifactor authentication for network access to non-privileged and privileged accounts. EEOC management should ensure that all network users have read and signed acknowledgment of receipt of the Information Security Responsibilities of EEOC System Users and that forms are managed in a centralized location. EEOC management should revise the Agency's policy to correctly reflect the entire severity rating list published by the United States Computer Emergency Readiness Team (US-CERT).

 

Fiscal year	Report number	Report title	Date issued
2013	2012-02-FIN	FY 2012 Financial Statement Management Letter Report	12/19/2012
Open Recommendations: EEOC should document and monitor implementation of all complementary user control considerations. EEOC should implement stringent reconciliation and resolution procedures for reconciliation of management reports and sub-ledgers to FCS general ledger data. EEOC should calculate and record depreciation in FCS on a monthly basis.

 

Fiscal year	Report number	Report title	Date issued
2013	2012-10-PMEV	Evaluation of EEOC's Performance Measures	03/21/2013
Open Recommendations: EEOC should expand the new Strategic Enforcement Plan (SEP) requirement for quarterly reviews to include not only SEP progress reflected in the latest EEOC performance reports. EEOC management would likely benefit considerably from the implementation of quarterly data-driven reviews such as those required by large Federal agencies. EEOC should provide Commissioners and managers with easy access to relevant disaggregation of outcome values. Outcome data would be broken out by such characteristics as priority level, industry, and key characteristics of charging parties.

 

Fiscal year	Report number	Report title	Date issued
2013	2012-08-PURCH	Performance Audit of EEOC Charge Card Program	03/28/2013
Open Recommendations: EEOC should perform further analysis on the government charge card operations to identify all the controls that should be implemented per OMB directives, including the identification of procedures performed using the new accounting system (FCS) as well as the current duties of personnel interacting with the system. Specifically, EEOC should meet with all process lead personnel to determine what controls are or should be in place to ensure that fraud, waste, abuse, and misuse are not present in the charge card program; identify all requirements in OMB Circular A-123, Appendix B, and determine the procedures necessary to comply with the requirements; and ensure that policies and procedures are reviewed on an annual basis, or more frequently if substantial changes have occurred in EEOC's systems or laws and regulations have been issued, to ensure that policies and procedures are appropriate for the current environment. EEOC should develop a system to (1) identify and track all charge card activity, including open accounts, closed accounts, cardholder approver levels, and cardholder training; (2) perform an evaluation of service providers' controls over the charge card program to ensure that controls are appropriate and operating effectively; and (3) monitor all controls, whether performed at EEOC or at a service provider, at least annually, to ensure that controls remain adequate and continue to operate effectively. EEOC should develop policies and procedures to identify and track all cardholder-required training. Documentation should be maintained following National Archives and Records Administration (NARA) requirements for cardholders who have successfully completed training requirements. EEOC should develop controls over the retention of application documents for charge card accounts. EEOC should monitor controls over transaction approval, whether performed at EEOC or at a service provider. EEOC should implement policies and procedures regarding record retention for purchase and travel card transactions. EEOC should improve controls over the closure of charge card accounts. The Purchase Card Program Manager should maintain documentation of all account closures, electronically or in hard copy, including the name of the DRM or the Agency's Organizational Program Coordinators who received the employee's charge card, the date the card was turned in, the date of card destruction, and the date confirmation of account closure was received from the charge card vendor. EEOC should develop and implement policies to require reviews of total cardholder activity to ensure compliance with monthly spending authority for all cardholders. Documentation of authority to exceed cardholders' spending limits should be maintained by management. Penalties for exceeding authorized spending limits should be established and enforced. EEOC should develop and implement policies and procedures to use data mining to monitor charge card activity. EEOC should consider supplementing the listing of disallowed merchant category codes used by the charge card vendor with additional disallowed codes based on EEOC's policies on purchase and travel expenses.

 

Fiscal year	Report number	Report title	Date issued
2012	2011-05-FISMA	Federal Information Security Management Act Report	11/17/2011
Open Recommendations: EEOC should implement multifactor authentication for network access to non-privileged and privileged accounts.

 

Fiscal year	Report number	Report title	Date issued
2010	2010-04-FIN	FY 2010 Financial Statement Audit Management Letter Report	02/07/2011
Open Recommendations: EEOC should implement and document the implementation of all applicable client control considerations provided by the service provider. The documentation should be readily available for review and shared with all relevant EEOC offices.

 

Fiscal year	Report number	Report title	Date issued
2010	2010-07-FISMA	Federal Information Security Management Act Report	11/01/2010
Open Recommendations: EEOC should implement multifactor authentication.

 

Fiscal year	Report number	Report title	Date issued
2009	2009-05-FIN	FY 2009 Financial Statement Audit Management Letter Report	01/12/2010
EEOC should ensure that all users' accounts are assigned to a unique individual; ensure that all data network and e-mail accounts are created and authorized in accordance with EEOC policies and procedures; disable network and e-mail accounts that have not been used within 30 days, as mandated by the Office of Information Technology's (OIT's) controls for creating, changing, and terminating system accounts policy; ensure that all offices comply with the required annual user account confirmation procedures listing within the EEOC OIT policy on creating, changing, and terminating system accounts. (Finding repeated in FY 2010 management letter.) EEOC should update the network vulnerability scan policies and procedures to ensure that the volume of medium- and high-risk vulnerabilities identified as a result of scanning is in accordance with industry standards. (Finding repeated in FY 2010 management letter.) EEOC management should develop and implement policies and procedures for outsourced applications to ensure that application security violations are appropriately reviewed and reported. (Finding repeated in FY 2010 management letter.)

 

Fiscal year	Report number	Report title	Date issued
2008	2008-12-AEP	FY 2008 Independent Audit of EEOC Privacy Program	09/30/2008
Open Recommendations: EEOC should continue with the planned action to implement two-factor authentication together with the implementation of badges per Homeland Security Presidential Directive 12.

 

Fiscal year	Report number	Report title	Date issued
2008	2008-03-AMR	Oversight of Federal Agency Reporting Management Directive 715 (MD-715) and Related Topics	09/26/2008
Open Recommendations: EEOC should require Federal agencies to submit Part G of their Equal Employment Opportunity assessment with their annual MD-715 submissions.

 

Fiscal year	Report number	Report title	Date issued
2008	2007-11-RFPERF	Performance Audit of the Equal Employment Opportunity Commission's Education, Training, and Technical Assistance Program Revolving Fund	08/26/2008
Open Recommendations: EEOC should approve the establishment of the EEOC Training Institute Steering Committee. EEOC should update the Revolving Fund Business Plan to reflect the Agency's strategic direction, vision, and goals over the next three to five years. EEOC should seek professional assistance to develop a more effective budgeting method to project financial information in order to plan training events and monitor goals.

As required by Section 5(a) (10) of the Inspector General Act of 1978, as amended, semiannual reports shall include a summary of each audit report issued before the start of the reporting period for which no management decision has been made by the end of the reporting period. The OIG has no audit or evaluation reports that were issued before the reporting period began for which no management decision has been made.

 

THE INVESTIGATION PROGRAM

The Investigation Program supports the OIG's strategic goal to focus limited investigative resources on issues that represent the greatest risk and offer the maximum opportunity to detect and prevent fraud, waste, and abuse in EEOC programs and operations.

 

INVESTIGATIVE INQUIRIES

COMPLETED INVESTIGATIVE ACTIVITES

Purchase Card Fraud

The OIG completed the investigation of an employee who made personal purchases using a government Citibank purchase card. During the investigation, the OIG found that beginning on or about November 23, 2011, and continuing through August 28, 2013, the employee, while acting in her official capacity, purchased American Express Gift Cards with the government purchase card under the pretence of paying for authorized Agency litigation services. The employee used fraudulent obligation documents, invoices, and receipts to cover up a scheme to defraud EEOC of $59,000. Over the course of the employee's scheme, she used government funds to purchase a total of 23 American Express Gift Cards, which were used to make payments on a timeshare, vacations, a car, phone service, and storage, as well as numerous local retail purchases.

The employee has been charged with theft/embezzlement of $59,000 from the EEOC purchase card program. The employee is awaiting arraignment, indictment, and trial. The OIG is referring this matter to the EEOC's Office of General Counsel (OGC) for civil remedies to recover the funds.

ONGOING INVESTIGATIVE ACTIVITES

The OIG has ongoing investigations in several field offices involving ethics violations, conflicts of interest, fraud, mismanagement, falsification of government records, impersonation of a Federal official, misuse of travel and purchase cards, theft of government property, misuse of computers, and threats against the Agency.

OTHER OIG PROGRAM ACTIVITIES

Peer Review of EEOC Audit Organization

The National Labor Relations Board (NLRB) Office of Inspector General completed a peer review of the audit organization of the EEOC OIG for the three-year period ended March 31, 2011. The EEOC OIG received a rating of "pass,"which is the highest peer-review rating, signifying that the EEOC OIG's system of quality control was suitably designed to provide reasonable assurance of performing and reporting in conformity with applicable professional standards. A copy of the NLRB system review report is available on our Website at http://www.eeoc.gov/eeoc/oig//peer_review.cfm. The audit organization of the EEOC OIG will be undergoing its next peer review during the third quarter of FY 2014. The review will be conducted by the U.S. Postal Regulatory Commission.

 

APPENDIX I. FINAL OFFICE OF INSPECTOR GENERAL AUDIT AND EVALUATION REPORTS

Report Title	Date Issued	Questioned Costs	Funds Put to Better Use	Unsupported Costs
FY 2013 FISMA Report	12/05/13	$0	$0	$0
Agency Compliance with the Federal Managers' Financial Integrity Act (FMFIA)	12/11/13	$0	$0	$0
FY '13 Financial Statement Audit of the EEOC	12/16/13	$0	$0	$0
Report to OMB on Agency Progress in Implementing Charge Card Abuse Prevention Act of 2012	1/30/2014	$0	$0	$0
FY '13 Management Letter Report	1/31/2014	$0	$0	$0

---

APPENDIX II. INDEX OF REPORTING REQUIREMENTS

Inspector General Act citation	Reporting requirements	Page
Section 4(a)(2)	Review of Legislation and Regulations	N/A
Section 5(a)(1)	Significant Problems, Abuses, and Deficiencies	10-24
Section 5(a)(2)	Recommendations with Respect to Significant Problems, Abuses, and Deficiencies	10-13
Section 5(a)(3)	Significant Recommendations Included in Previous Reports on Which Corrective Action Has Not Been Completed	16-21
Section 5(a)(4)	Matters Referred to Prosecutorial Authorities	N/A
Section 5(a)(5)	Summary of Instances Where Information Was Refused	N/A
Section 5(a)(6)	List of Audit Reports	25
Section 5(a)(7)	Summary of Significant Reports	10-13
Section 5(a)(8)	Questioned and Unsupported Costs	25
Section 5(a)(9)	Recommendations That Funds Be Put to Better Use	25
Section 5(a)(10)	Summary of Audit Reports Issued Before the Commencement of the Reporting Period for Which No Management Decision Has Been Made	22
Section 5(a)(11)	Significant Management Decisions That Were Revised During the Reporting Period	N/A
Section 5(a)(12)	Significant Management Decisions with Which the Office of Inspector General Disagreed	N/A

---

APPENDIX III. SINGLE AUDIT ACT REPORTS

The Single Audit Act of 1984 requires recipients of Federal funds to arrange for audits of their activities. Federal agencies that award these funds must receive annual audit reports to determine whether prompt and appropriate corrective action has been taken in response to audit findings. During the reporting period, the OIG reviewed three audit reports issued by public accounting firms concerning Fair Employment Practice Agencies (FEPAs) that have work-sharing agreements with EEOC. There were no audit findings for the FEPAs that involved EEOC funds.

SINGLE AUDIT ACT REPORTS

State of Colorado (Revised), June 30, 2012	State of Wisconsin, June 30, 2012
State of Alaska (Revised), June 30, 2012

 

---

EEOC-OI The Hotline

The EEOC Hotline Program was established for Agency employees, other Government employees, contractors, and the general public to report fraud, waste, abuse, or wrongdoing by phone, e-mail, or by mail.

What Should you Report

You should report any concern you may have over a situation in which EEOC is the potential victim of fraudulent acts by employees, contractors, or others. It includes any violations of laws, rules, regulations, gross mismanagement, gross waste or misappropriation of funds, and abuses of authority.

OIG Hotline Contact Information

Call:
EEOC-OIG Hotline
Toll-free 1-800-849-4230

E-Mail:
E-Mail address INSPECTOR.GENEREL@EEOC.GOV

Write:
Equal Employment Opportunity Commission
Office of Inspector General
PO Box 77067
Washington, DC 20013-7067

Identities of Writers, E-mailers, and Callers are always Fully Protected