oversight

before the Subcommittee on Labor, Health and Human Services, Education and Related Agencies, Committee on Appropriations, US House of Representatives, on the FY 2001 budget request for the OIG on March 28, 2000 PDF

Published by the Department of Education, Office of Inspector General on 2000-03-28.

Below is a raw (and likely hideous) rendition of the original report. (PDF)

            Statement of


         LORRAINE LEWIS


       INSPECTOR GENERAL
U.S. DEPARTMENT OF EDUCATION




              Before the
    SUBCOMMITTEE ON LABOR,
  HEALTH AND HUMAN SERVICES
          AND EDUCATION


     Committee on Appropriations
United States House of Representatives


              Regarding


  PROPOSED FISCAL YEAR 2001
         BUDGET REQUEST
          MARCH 28, 2000
Mr. Chairman and Members of the Committee:

      Thank you for the opportunity to discuss our Fiscal Year (FY) 2001 budget

request to support salaries and expenses of the Department of Education's Office of

Inspector General.

I would like to submit my statement for the record and present a short summary of it to

the Subcommittee.

                             PURPOSE OF OPERATIONS

      The Office of Inspector General (OIG) was created under the Inspector General

Act of 1978, as amended, to prevent and detect fraud, waste and abuse and improve

the economy, efficiency and effectiveness of Education Department (ED) programs and

operations. As the Inspector General I am statutorily responsible for the work of the

OIG, including the audits of the Department-wide financial statements and the separate

financial statements of the performance-based organization, Student Financial

Assistance (SFA). These responsibilities are carried out by staff in headquarters and in

regional offices and under contracts administered by the OIG staff.

                             FY 2001 BUDGET REQUEST

      ED’s FY 2001 budget request for the OIG is $36.5 million, a net increase of $2.5

million above the 2000 appropriation. The request supports 285 full-time equivalent

positions, the same staffing level as 2000. Approximately $1.2 million of the increase

will support personnel costs, including annualization of the 2000 pay raise averaging 4.8

percent, the proposed 3.7 percent government-wide 2001 pay raise, and increased

employee benefits. The remaining increase balance of $1.3 million will cover primarily

the increased cost to contract for the audits of the Department-wide financial statements

and the separate SFA financial statements and our increased share of the Department’s

                                            1
overhead costs for services such as rent, ADP processing, contracts and

communications.

                          SIGNIFICANT ACCOMPLISHMENTS

    I would like to highlight a few examples of the significant accomplishments of this

office to demonstrate the type of efforts we have undertaken and plan to continue to

take with the appropriation the Congress provides.

•   We issued the audit reports on the Department’s FY 1999 consolidated financial

    statements and the SFA financial statements by the March 1 statutory reporting

    date. I am committed to achieving the March first deadline in the future for the

    audits of both sets of financial statements. Ernst & Young, LLP (E&Y) conducted the

    audits under contract with ED OIG. E&Y issued a qualified opinion for both the

    Department and SFA on the balance sheet, statement of net cost, statement of

    changes in net position, and statement of budgetary resources. E&Y disclaimed an

    opinion for both the Department and SFA on the statement of financing. A qualified

    opinion on four of the statements is an important improvement over FY 1998, which

    were disclaimers of opinion on all five of the statements. For FY 1999, there were

    four material weaknesses and four reportable conditions included in the auditor’s

    report on the Department’s internal controls and four material weaknesses and three

    reportable conditions in the report on SFA’s internal controls.

•   In February 2000 we issued an audit report on the Department’s security policies

    and plans for its mission-critical systems. Our review revealed that the Department

    has significant control weaknesses including a lack of security plans and reviews for

    six mission-critical systems, no process to ensure resolution of identified security

    deficiencies and a lack of technical security training for many employees responsible

                                             2
    for overseeing the Department’s computer security. The Department agreed with

    our findings and is making progress on taking corrective action. We are now

    conducting a follow-up audit to determine the adequacy of security reviews

    performed on eight mission-critical systems and we are evaluating the public,

    internal and privileged access vulnerabilities of the Department's EDNET

    communication infrastructure. We plan additional reviews of security controls for

    other systems in the future.

•   On March 6, in an investigation that is continuing, one individual pled guilty to a one-

    count information of conspiracy to misapply federal Pell Grant funds. The loss

    resulting from the conspiracy is approximately $1.4 million. The investigation

    revealed that employees of a trade school took part in a scheme that involved

    creating false documents for non-existent or non-eligible students. The school for

    which these individuals worked lost its eligibility to participate in the federal

    Guaranteed Student Loan program due to its high default rate.

•   Last year, we reported to you on a long and complex OIG investigation we

    conducted with several other law enforcement agencies. This investigation recently

    culminated in guilty verdicts by a Federal jury in White Plains, New York. Four

    defendants were found guilty in an 11-week trial of conspiracy, wire fraud and mail

    fraud in connection with the theft of millions of government dollars, including 11

    million dollars in Pell Grants for ineligible persons. I am proud to announce that our

    agents received government-wide recognition from the President’s Council on

    Integrity and Efficiency for their efforts on that successful investigation.

                     FY 2001 PERFORMANCE GOALS/PRIORITIES

       Let me turn now to the future. Our budget justification includes a description of

                                               3
the major initiatives we plan to undertake to support the continuous improvement in

ED’s programs and operations and to identify fraud and abuse. Our initiatives include a

mix of improvement and deterrence activities focusing on systemic improvements, up-

front assistance to ED in designing and improving its information systems, and

identifying significant instances of non-compliance. For today, I would like to focus on

three areas: management operations, the financial statement audits, and information

technology work.

           Reorganization to Intensify Focus on Management Operations

       While we will continue our efforts on the activities mentioned above, I have

decided to increase our attention on Department operations. We spend much of our

Washington-based staff audit resources on the Department’s financial statement audits

and on information technology issues. Jobs involving the Department’s day-to-day

management operations must compete with others, particularly the financial and

information technology work. Internal operations often don’t rise to the top. To help

change that, I am reorganizing the OIG to focus the activities of two new groups on

Department operations. The first group, the Analysis and Inspections Services, is

already operating. One of its major responsibilities will be to conduct quick

management reviews that do not require a traditional audit. An example of this type of

effort is one we just began where, at the Department’s request, we are reviewing

controls over the procurement of goods and certain services. This group will also be

involved in reviewing the Department’s performance in meeting the requirements under

the Government Performance and Results Act.

       The second group, which we are in the process of establishing, will be an internal

audit staff. We will use that staff to audit the Department’s management operations and

                                            4
to analyze problems that require the special expertise that auditors possess. Some

examples of these efforts may be determining over or under payment of interest,

identifying overpayments, following up on issues identified during the financial

statement audits, and determining whether corrective actions from audit

recommendations have actually been implemented.

              Increased Contract Funds for Financial Statement Audit

       The second area that I would like to mention today is the need for contract funds

to supplement my staff. We will need the full contract amount of $1.575 million

requested to complete the mandated financial statement audits, including the separate

audit of SFA’s financial statements. The legislation that created SFA also established a

new requirement for OIG to provide a separate report on SFA’s financial statements.

               Same Level Funding for Contract to Support IT Efforts

       Earlier, I mentioned an example of our information technology (IT) audit work. I

am not seeking additional funds for this work, but I do request that we receive the same

level of funds as FY 2000. Due to the complexity of the issues involved with IT, OIG

requires the assistance of experienced IT systems audit contractors. We anticipate that

our need for contractual support in this area will be ongoing, given the complexity and

speed of systems security developments and our desire to provide quality on-the-job

training for our IT audit staff. Let me briefly summarize our planned information

technology-related activity.

       OIG has designated oversight of systems development as one of its highest

priorities. It is much more efficient and effective to provide audit assistance during

systems development then to identify problems after a system is operational. We will

conduct audits and reviews of the Department’s development of information systems.

                                             5
ED oversees the delivery of approximately $40 billion per year in student financial aid

and a total $120 billion loan portfolio through the use of “legacy” information systems.

These systems are not integrated, do not share a common systems architecture, and do

not provide the timely, accurate and complete data needed to manage the SFA

programs. With the passage of the Clinger-Cohen Act and other legislation, Congress

signaled to Federal agencies the importance of improving the management of Federal

information systems.

      OIG is also planning for audits of the Department’s security for critical information

systems, including assessments of system vulnerability. Information system managers

face the dilemma of balancing the need for security controls with the need for faster

performance. Highly publicized incidents of successful hacking of government systems

raise the awareness of the need for better security over Federal information systems

and data. Security concerns are amplified as agencies provide increasing access to

systems and databases over the Internet.

       We also are participating with 16 federal agencies in a President's Council on

Integrity and Efficiency (PCIE) effort to evaluate compliance with Presidential Decision

Directive (PDD) 63. PDD 63 calls for a national effort to ensure the security of the

interconnected infrastructures of the United States. Our work focuses on the

Department's efforts to comply with the requirements of PDD 63. Additionally, we

have initiated an audit of the Department's disaster recovery planning for its mission-

critical systems.

       Our security reviews will provide an independent assessment on the adequacy of

security controls and the impact of any weaknesses on the IT environment. The reviews



                                             6
will provide risk exposure assessments for both the electronic data processing and

manual portions of the IT control environment.



                                      CONCLUSION

        I would like to close by stating that when I became the Inspector General last

June, I made a commitment to communicate with the Congress. Towards that end, the

OIG has reached out to our Appropriators, Authorizors and Oversight Committees in

both the House and Senate. This effort has focused on several areas of concern:

financial management, Year 2000 challenges, and the management challenges facing

the Department. By working within the Department and with Congress, we can work

toward solutions to long-term problems.

        Mr. Chairman and members of the Committee, this concludes my statement. I

will be happy to respond to any questions that you and the Committee members may

have.




                                             7