OIG Ongoing Work Status
(Updated as needed)
Inspection of FCC’s Management of the COVID-19 Telehealth Program (Project No. 24-INSP-09-01)
Project start date: June 28, 2024
The FCC OIG Office of Audits initiated an inspection to assess FCC’s management of the COVID-19 Telehealth Program. The Telehealth Program was established with the intent to help health care providers (HCPs) afford connected care services in response to the COVID-19 pandemic. The scope of this work will include the review of the rollover disbursements from Round 1 COVID-19 Telehealth Program and all Round 2 disbursements as of June 2024, administered by USAC.
The overall objective of this inspection is to determine whether the FCC effectively managed the COVID-19 Telehealth Program to ensure that telehealth funding was disbursed and used in accordance with applicable program enacting legislation and FCC orders. We will examine the FCC’s and USAC’s compliance with applicable orders and legislation related to the management and administration of the Telehealth program.
Audit of FCC’s Secure and Trusted Network/ Supply Chain Reimbursement Program (Project No. 24-AUD-06-02)
Project start date: May 17, 2024
The FCC OIG Office of Audits initiated an audit of FCC’s Secure and Trusted Network/Supply Chain Reimbursement Program (SCRP). SCRP was developed in accordance with the Secure and Trusted Communications Networks Act of 2019 to achieve the goal of replacing covered communications equipment and services that pose a threat to national security. The audit covers activities from the inception of the program from December 2021 through June 2024. The audit is being conducted in accordance with Government Auditing Standards.
The objectives are to: 1) determine whether the SCRP is effectively designed to comply with requirements of the Secure and Trusted Communications Networks Act of 2019; 2) determine whether implementation of the SCRP effectively ensures eligible program participants remove, replace, and dispose of the covered communications equipment and services that pose a threat to the nation’s communications network; and 3) determine whether performance measures for the SCRP are developed and monitored in accordance with the Government Performance and Results Act.
FY 2024 FCC Information Technology (IT) and Operational Technology (OT) Asset Management Evaluation (Project No. 24-EVAL-07-02)
Project start date: April 26, 2024
The FCC OIG Office of Audits contracted with an independent auditing firm to perform an evaluation of the FCC’s processes and controls for managing Information Technology (IT) and Operational Technology (OT) hardware and software assets. The Office of Management and Budget Memorandum M-24-04 (OMB M-24-04), Fiscal Year 2024 Guidance on Federal Information Security and Privacy Management Requirements, requires agencies to have a clear understanding of the devices connected within their information systems to gauge cybersecurity risk to their mission and operations.
The objectives are to: 1) determine if the FCC’s key processes and internal controls for identifying, tracking, prioritizing, and reporting IT and OT hardware and software assets are effective; and 2) assess whether the FCC’s IT and OT asset management practices comply with OMB M-24-04 and other applicable federal laws, regulations, and guidelines.
High Cost Universal Broadband (HUBB) Portal Data Audit, (Project No. 24-AUD-04-02)
Project start date: April 3, 2024
The FCC OIG Office of Audits contracted with an independent auditing firm to perform an audit on FCC’s administration of the High Cost Universal Broadband (HUBB) Portal Data. Since 2017, telecommunication carriers have been required to submit geo-located broadband data through the HUBB portal. The FCC and USAC utilize the data submitted to ensure that participating carriers are meeting broadband deployment obligations in accordance with FCC rules. The scope of audit work will include testing of broadband deployment data submitted in the HUBB Portal from inception through 2023.
The objectives are to determine: 1) the appropriateness of Universal Service Administrative Company (USAC’s) verification reviews of carriers participating in Connect America Fund (CAF) programs with defined broadband deployment obligations; and 2) the appropriateness of USAC’s performance measures testing to ensure compliance with the FCC’s Performance Measures Testing Framework.
FY 2024 Financial Statement Audit (Project No. 24-AUD-06-01) (Mandatory)
Project start date: February 28, 2024
The FCC OIG Office of Audits contracted with an independent auditing firm to conduct FCC’s FY 2024 Financial Statements Audit, due by November 15, 2024. This audit is required by the Accountability of Tax Dollars Act (ATDA) of 2002 (Public Law 107-289), and OMB Bulletin 24-01, Audit Requirements for Federal Financial Statements.
The objectives are to: 1) express an opinion on whether FCC’s fiscal year 2024 consolidated financial statements are presented fairly in all material respects in accordance with the generally accepted accounting principles; 2) assess the effectiveness of internal controls over financial reporting and compliance with laws and regulations; and 3) provide a basis for the Government Accountability Office (GAO) to determine the extent to which it can use this audit work in support of the GAO's annual audit of the U.S. Government-wide Financial Statements, of which the FCC is a component.
FY 2024 Federal Information Security Modernization Act Evaluation (Project No. 24-EVAL-05-01) (Mandatory)
Project start date: February 23, 2024
The FCC OIG Office of Audits contracted with an independent auditing firm to conduct the FY 2024 FISMA evaluation in accordance with the Federal Information Security Modernization Act (FISMA) (Public Law 113-283) and OMB M-24-04, FY 2024 Guidance on Federal Information Security and Privacy Management Requirements. The FY 2024 FISMA evaluation’s due date for the IG reporting metrics is July 31, 2024.
The objectives are to: 1) determine the effectiveness of information security policies, procedures, and practices for a representative subset of the Commission’s information systems; 2) determine compliance with FISMA and applicable Office of Management and Budget and National Institute of Standards and Technology guidance; 3) assess FCC’s responses to the Department of Homeland Security’s FY 2024 Inspector General FISMA Reporting Metrics; and 4) follow-up on findings and recommendations reported in previous FISMA evaluations.