oversight

Semi-annual report: Oct-Mar 2015

Published by the Equal Employment Opportunity Commission, Office of Inspector General on 2015-04-30.

Below is a raw (and likely hideous) rendition of the original report. (PDF)

U.S. Equal Employment Opportunity
            Commission

    Office of Inspector General




Semiannual Report to the U.S. Congress

   October 1, 2014–March 31, 2015




           Milton A. Mayo Jr.
           Inspector General
EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT




            THIS PAGE INTENTIONALLY LEFT BLANK




                                                                             2
                                                                             Page




          OIG Semiannual Report to Congress October 1, 2014–March 31, 2015
EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT




                        OIG VISION
Effective, efficient and accountable management of Agency
            programs, operations and personnel.


                      OIG MISSION
To detect and prevent waste, fraud, and abuse, and promote
       economy, efficiency, and effectiveness in the
              programs and operations of the
      Equal Employment Opportunity Commission.




                                                                              3
                                                                              Page




           OIG Semiannual Report to Congress October 1, 2014–March 31, 2015
EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT




            THIS PAGE INTENTIONALLY LEFT BLANK




                                                                             4
                                                                             Page




          OIG Semiannual Report to Congress October 1, 2014–March 31, 2015
   EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT



CONTENTS
Message from the Inspector General ………………………………………...…6

Executive Summary …………………………………………………………….7

Introduction ……………………………………………………………………..8

The Audit and Evaluation Program ……………………………………………10

Completed Projects
New and Ongoing Audit and Evaluation Projects
Audit Follow-up

The Investigation Program …………………………………………………….25

Investigations
Ongoing Investigative Activity

Other OIG Program Activities ………………………………………….……..26


Appendixes…………………………………………………………………… 27

Appendix I. Final OIG Audit and Evaluation Reports
Appendix II. Index of Reporting Requirements
Appendix III. Single Audit Act Reports




                                                                                        5
                                                                                        Page




                     OIG Semiannual Report to Congress October 1, 2014–March 31, 2015
EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT




            THIS PAGE INTENTIONALLY LEFT BLANK




                         =MCTOR GENERAL
                                                                             6
                                                                             Page




          OIG Semiannual Report to Congress October 1, 2014–March 31, 2015
   EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT



                             Message from the Inspector General

In accordance with the Inspector General Act of 1978, as amended, I herewith submit the
semiannual report for the period October 1, 2014, through March 31, 2015, which summarizes
the major activities of our office for the reporting period. Section 5 of the Inspector General Act
requires the Chair to transmit this report to the appropriate committees or subcommittees of
Congress within 30 days of its receipt.

During this period, the Office of Inspector General (OIG) issued 4 final audit/evaluation reports,
completed 1 investigation, and received 333 investigative inquiries, of which 134 were charge
processing issues, 132 were Title VII complaints, and 30 were investigative allegations.

We remain resolute in our commitment to our mission and the U.S. Equal Employment
Opportunity Commission’s efforts to achieve justice and equality in the workplace.

We would like to take this opportunity to welcome the Honorable Charlotte A. Burrows to the
Commission. We appreciate the support and cooperation of Chair Jenny Yang, the
Commissioners, and the employees of the Commission.

Respectfully,


Milton A. Mayo Jr.
Inspector General
April 30, 2015




                                                                                                      7
                                                                                                      Page




                      OIG Semiannual Report to Congress October 1, 2014–March 31, 2015
   EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT



EXECUTIVE SUMMARY
This semiannual report is issued by the Equal Employment Opportunity Commission’s
(EEOC’s) Office of Inspector General (OIG) pursuant to the Inspector General Act of 1978, as
amended. It summarizes the OIG’s activities and accomplishments for the period October 1,
2014, through March 31, 2015.
During this period, the OIG issued 5 final audit/evaluation reports, completed 1 investigation,
and received 333 investigative inquiries, of which 134 were charge processing issues, 132 were
Title VII complaints, and 30 were investigative allegations.
The OIG’s completed, newly initiated, and ongoing audit, evaluation, and investigative projects
include the following:

       Harper, Rains, Knight & Company, P.A. (HRK), audited the financial statements of
       EEOC for fiscal year (FY) 2014 and issued an unmodified opinion on the FY 2014
       financial statements. In its Report on Internal Control over Financial Reporting, HRK
       noted two areas involving internal control that were considered to be significant
       deficiencies: (1) the lack of sufficient controls over supporting documentation for
       personnel expenses, and (2) a lack of controls over financial management.

       Brown & Company CPAs, PLLC (Brown & Company), conducted and independent
       evaluation of EEOC’s compliance with the provisions of the Federal Information
       Security Management Act of 2002 (FISMA). FISMA requires agencies to develop,
       document, and implement an agency-wide information security program to provide
       security for the information and information systems that support the operations and
       assets of the agency, including those provided or managed by another agency, contractor,
       or other source.

       Agency policy directive EEOC Order 195.001 Management Accountability and Controls
       requires the OIG to annually provide a written advisory to the head of the Agency
       regarding whether the management control evaluation process complied with OMB
       guidelines. The OIG issued its annual report to the Chair on November 14, 2014,
       validating the Agency’s compliance with the Federal Managers’ Financial Integrity Act
       of 1982 (FMFIA).

       Ongoing investigations continue in several field offices involving ethics violations,
       conflicts of interest, fraud, mismanagement, falsification of government records, and
       impersonation of a Federal official, misuse of travel and purchase cards, and theft.
                                                                                                  8
                                                                                                  Page




                     OIG Semiannual Report to Congress October 1, 2014–March 31, 2015
   EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT


INTRODUCTION


The Equal Employment Opportunity Commission
The Equal Employment Opportunity Commission (EEOC) is the Federal agency responsible for
enforcement of Title VII of the Civil Rights Act of 1964, as amended; the Equal Pay Act of
1963; the Age Discrimination in Employment Act of 1967; Section 501 of the Rehabilitation Act
of 1973 (in the Federal sector only); Title I of the Americans with Disabilities Act of 1990 and
Americans with Disabilities Act Amendments Act of 2008; the Civil Rights Act of 1991; the
Lilly Ledbetter Fair Pay Act of 2009; and the Genetic Information Nondiscrimination Act of
2008 (P.L. 110-233 Stat 881), also referred to as GINA. These statutes prohibit employment
discrimination based on race, sex, color, religion, national origin, age, disability, or genetic
information.
The EEOC is also responsible for carrying out Executive Order 12067, which promotes
coordination and minimizes conflict and duplication among Federal agencies that administer
statutes or regulations involving employment discrimination.
The EEOC is a bipartisan commission composed of five presidentially appointed members,
including a Chair, a Vice Chair, and three Commissioners. The Chair is responsible for the
administration and implementation of policy and for the financial management and
organizational development of the Commission. The Vice Chair and the Commissioners equally
participate in the development and approval of the policies of the EEOC, issue charges of
discrimination where appropriate, and authorize the filing of lawsuits. Additionally, the President
appoints a General Counsel, who is responsible for conducting litigation under the laws enforced
by the Commission.

The Office of Inspector General
The U.S. Congress established the OIG at the EEOC through the 1988 amendments to the
Inspector General Act of 1978, which expanded the authority of designated Federal entities to
create independent and objective OIGs. Under the direction of the Inspector General (IG), the
OIG meets this statutory responsibility by conducting and supervising audits, evaluations, and
investigations relating to the programs and operations of the Agency; providing leadership and
coordination; and recommending policies for activities designed to promote economy, efficiency,
and effectiveness in the administration of programs and operations.
In October 2008, Congress passed the Inspector General Reform Act of 2008, which generally
buttressed the independence of IGs, increased their resources, and held them more accountable
for their performance. The IG is an independent EEOC official, subject to the general
supervision of the Chair, who provides overall leadership for the OIG. The IG must not be
prevented or prohibited by the Chair or any other EEOC official from initiating, carrying out, or
completing any audit, investigation, evaluation, or other inquiry or from issuing any report.
                                                                                                      9
                                                                                                      Page




                      OIG Semiannual Report to Congress October 1, 2014–March 31, 2015
   EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT


The IG provides overall direction, coordination, and leadership to the OIG; is the principal
advisor to the Chair in connection with all audit and investigative matters relating to the
prevention, identification, and elimination of waste in any EEOC program or operation; and
recommends the proper boundaries of audit and investigation jurisdiction between the OIG and
other EEOC organizations. The IG also develops a separate and independent annual budget for
the OIG; responds directly to inquiries from the public, Congress, or the news media; and
prepares press releases, statements, and other information about the OIG’s activities.
The Deputy Inspector General (DIG) serves as the alter ego of the IG and participates fully in
policy development and in management of the diverse audit, investigation, evaluation, and
support operations of the OIG.
The Counsel to the Inspector General (CIG) is the sole legal advisor in the OIG. The CIG
provides day-to-day guidance to the OIG’s investigation team and is the primary liaison with
Agency legal components and the Department of Justice.
In addition to these positions, the OIG staff includes a chief technology officer, an evaluator, two
auditors, two criminal investigators, an administrative specialist, and a confidential support
assistant.
In January 2015, the Administrative Specialist retired from federal service. This brings the
total of vacant positions within the OIG to 3, including the Deputy Inspector General and Staff
Auditor positions. Efforts are underway to fill all OIG vacancies during this fiscal year.
Work currently under way includes the following:

       FY 2015 Audit of the Consolidated EEOC Financial Statements

       Evaluation of Outreach and Education

       Evaluation of Litigation

       Open Government and Transparency Progress Review

       Cooperative Audit Resolution and Oversight Initiative (CAROI)


                                                                                                       10
                                                                                                       Page




                      OIG Semiannual Report to Congress October 1, 2014–March 31, 2015
   EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT


                  THE AUDIT AND EVALUATION PROGRAM


                  The Audit and Evaluation Program supports the OIG’s strategic goal of
                  improving the economy, efficiency, and effectiveness of EEOC programs,
                  operations, and activities.




COMPLETED PROJECTS


Audit of the EEOC’s Fiscal Year 2014 Financial Statements (OIG Report No. 2014-01-FIN)
The independent certified public accounting firm of Harper, Rains, Knight & Company, P.A.
(HRK), audited the financial statements of the EEOC for FY 2014. HRK issued an unmodified
opinion on EEOC’s FY 2014 financial statements. In the firm’s Report on Internal Control over
Financial Reporting, HRK noted two areas involving internal control and its operation that were
considered to be significant deficiencies: (1) the lack of sufficient controls over supporting
documentation for personnel expenses, and (2) a lack of sufficient controls over financial
management. In the Report on Compliance with Applicable Laws and Regulations, HRK noted
no instances of noncompliance with laws and regulations applicable to the Agency. The report
was issued by the OIG on November 17, 2014.
Management Letter Report for FY 2014 Financial Statement Audit (OIG Report No. 2014-
02-FIN)
On January 13, 2015, the OIG issued the Management Letter Report for the FY 2014 financial
statement audit prepared by Harper, Rains, Knight & Company, P.A. (HRK). Internal control
weaknesses were identified in the following areas:

       Inaccurate and incomplete property information
       Capital assets policies and procedures need to be updated
       Lack of supporting documentation for charge cards
       Charge card transaction approval
       Nonpayroll expenses
       Noncompliance with OMB Circular A-136
       Zero object class transactions

HRK recommended the following:
                                                                                                  11



       EEOC should monitor and enforce its policies and procedures over sensitive property.
       EEOC should monitor these controls to ensure that the controls remain adequate and
                                                                                                  Page




       continue to operate effectively.



                     OIG Semiannual Report to Congress October 1, 2014–March 31, 2015
   EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT


       EEOC should update its policies and procedures to correctly state their current process
       for capital assets.
       EEOC should monitor and enforce its policies and procedures over record retention for
       purchase and travel card transactions. EEOC should monitor these controls to ensure that
       the controls remain adequate and continue to operate effectively. Additionally,
       management should enforce penalties, such as disciplinary action, including restitution to
       the government and/or dismissal.
       EEOC should implement and monitor controls to ensure that approving officials’ review
       and approval is documented for each purchase and travel card transaction. The policy or
       procedure should establish an appropriate period of time for retention of records,
       monitoring by the purchase card program manager, and appropriate disciplinary actions
       for noncompliance.
       EEOC should follow its guidelines for all expense transactions and develop an
       assessment of EEOC’s internal control process in order to proactively manage internal
       controls and get the most from them.
       EEOC should implement procedures to ensure that it has read and implemented all
       Federal guidance issued through the year.
Management agreed with the findings and recommendations. Audit procedures will be
performed in FY 2015 to determine whether EEOC’s corrective action plans adequately address
the recommendations.

Agency Compliance with the Federal Managers’ Financial Integrity Act

Agency policy directive EEOC Order 195.001 Management Accountability and Controls
requires the OIG to annually provide a written advisory to the head of the Agency regarding
whether the management control evaluation process complied with OMB guidelines. The OIG
issued its annual report to the Chair on November 14, 2014, validating the Agency’s compliance
with the Federal Managers’ Financial Integrity Act (FMFIA). To make this determination, the
OIG reviewed the following:

              Assurance statements submitted by headquarters and district office directors
              attesting that their systems of management accountability and control were
              effective and that use of resources under their control was consistent with the
              Agency’s mission and in compliance with the laws and regulations set out in
              FMFIA
              All functional area summary tables and functional area reports submitted by
              headquarters and field offices
              The Office of Research, Information, and Planning’s (ORIP’s) FY 2014 FMFIA
                                                                                                    12



              Assurance Statement and Assurance Statement Letter, with supporting documents
                                                                                                    Page




                     OIG Semiannual Report to Congress October 1, 2014–March 31, 2015
   EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT


The OIG concluded that the Agency’s management control evaluation was conducted in
accordance with OMB’s standards and concurred with ORIP’s assertion that the Agency had no
material weaknesses during the reporting cycle.

Report to Congress on Open and Unimplemented Inspector General Recommendations
During this reporting period, the OIG responded to congressional requests for information from
the U.S. Senate Committee on Homeland Security and Governmental Affairs and the U.S. House
of Representatives Committee on Oversight and Government Reform. Both requests related to
the number of EEOC OIG’s open and unimplemented recommendations. In our March 25, 2015,
response to the U.S. Senate Committee on Homeland Security and Governmental Affairs, we
reported a total of 49 open and unimplemented recommendations as of our latest semiannual
report dated September 30, 2014. Management agreed with our recommendations, and there
were no potential cost savings. There were no investigations involving GS-15 level or above
employees involving misconduct not previously reported on, no instances of whistleblower
retaliation, and no budgetary constraints to limit the capabilities of the IG office or instances
where the Agency resisted or objected to oversight activities or delayed access to information.
The OIG will continue to work with Agency management to resolve and close all open and
unimplemented recommendations.
Federal Information Security Management Act of 2002

For FY 2014, the EEOC OIG contracted with Brown & Company CPAs, PLLC (Brown &
Company), to conduct an independent evaluation of EEOC’s compliance with the provisions of
the Federal Information Security Management Act of 2002 (FISMA). FISMA requires agencies
to develop, document, and implement an agencywide information security program to provide
information security for the information and information systems that support the operations and
assets of the agency, including those provided or managed by another agency, contractor, or
other source.
Based on the results of the evaluation, Brown & Company concluded that the agency has made
positive strides in addressing information security weaknesses; however, the agency still faces
challenges to fully implement information security requirements as stipulated in various federal
guidelines and mandates. This report contains 19 FISMA findings with 19 recommendations
concerning issues as follows:

Development of a risk assessment at the organization and mission-business level to include
field offices

  1.    Development of a risk assessment at the organization and mission-business level to
       include field offices
  2.   Updating system-level risk assessment report
                                                                                                    13



  3.   Improvement to Bring Your Own Device (BYOD) program
                                                                                                    Page




                      OIG Semiannual Report to Congress October 1, 2014–March 31, 2015
 EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT


4.   Improvement to privacy notifications on the EEOC official website and alerts when
     visitors are directed to nongovernment websites
5.   Improvement to virtual private network configuration settings for password length
6.   Implementation of encryption to protect digital backup media during transport
7.   Updating policies and procedures to include EEOC’s response time for security alerts
8.   Updating policies and procedures to include file integrity process for detecting
     unauthorized changes to software, firmware, and information
9.   Improvement to monitoring laptops issued to employees for disaster recovery and
     ensuring that patches and updates are installed for operating systems, antivirus
     software, and other security applications
10. Implementation of background checks for student interns to ensure that international
    visas are current
11. Improvement to the security awareness training program to ensure that all personnel in
    field offices who use information systems receive annual training
12. Development of policies and procedures to properly manage physical security access
    cards
13. Implementation of full device encryption or container-based encryption for mobile
    laptops
14. Development of Continuity of Operations Plan for field offices
15. Development of a telecommuting policy that meets FISMA requirements
16. Development of policies and procedures for managing shared group accounts
17. Improvement to account management procedures that includes disabling inactive
    accounts as required
18. Improvement to physical access control to the data center and technology storage room
19. Resolution of high and medium vulnerabilities identified from the internal
    vulnerability assessment


                                                                                             14
                                                                                             Page




                   OIG Semiannual Report to Congress October 1, 2014–March 31, 2015
   EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT


NEW AND ONGOING AUDIT AND EVALUATION PROJECTS


FY 2015 Audit of the Consolidated EEOC Financial Statements
The EEOC entered into a new agreement, with a multi-year option, to engage an independent
certified public accountant to conduct the FY 2015 financial statement audit. Harper, Rains,
Knight & Co., P.A. (HRK), was selected to perform the audit for FY 2015. The financial
statement audit of the EEOC is required by the Accountability of Tax Dollars Act of 2002. HRK
will be responsible for issuing an audit opinion, which will be included in the Agency’s 2015
Performance and Accountability Report. Additionally, the auditor will issue a management letter
report identifying any internal control weaknesses shortly thereafter. Fieldwork is expected to
begin early third quarter.
Evaluation of Outreach and Education
The objective of this evaluation is to assess the efficiency and effectiveness of EEOC’s Outreach
and Education program. In this reporting period, the contractor (Urban Institute) gathered and
analyzed information and produced a draft report, which was issued for comment on March 19,
2015. The evaluation will determine ways in which the management and conduct of outreach and
education can become more effective and efficient. The evaluation will generally assess outreach
and education efforts, focusing on areas where gains in efficiency and effectiveness may be
obtained.
Key evaluation objectives are listed below in order of probable complexity:
   1. Determine how outreach and education efforts are organized and managed at EEOC.
   2. Determine the financial, human, and other resources used in EEOC’s outreach and
      education efforts. In particular, measure the financial and other resources used for
      education and for outreach efforts, and assess how this information could be useful to
      EEOC and stakeholders.
   3. Determine how EEOC establishes and accomplishes its outreach and education
      objectives, goals, and performance measures.
   4. Determine what EEOC can learn from other organizations regarding management of
      outreach and education.
   5. Determine how EEOC should improve its organization, management, and delivery of
      outreach and education.
The final report will be issued in the third quarter of FY 2015.
                                                                                                    15
                                                                                                    Page




                      OIG Semiannual Report to Congress October 1, 2014–March 31, 2015
   EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT


Evaluation of Litigation
The objective of this evaluation, to be performed by a contractor, is to identify key areas of
EEOC’s litigation planning, management, and related activities. The evaluation will summarize
litigation program efforts, recommending areas for further study that could lead to gains in
efficiency and effectiveness for the litigation program.
In this reporting period, OIG gathered background information and held the initial customer
meeting with the General Counsel. OIG briefed the General Counsel on the evaluation and
obtained input for the Statement of Work (e.g., help in determining objectives and potential areas
of focus). In the third quarter of 2015, OIG plans for its acquisition service provider to issue a
Statement of Work and award a contract. The work will be completed by the second quarter
2016.

Open Government and Transparency Progress Review
On December 8, 2009, the OMB issued Memorandum M-10-06, known as the Open Government
Directive (OGD). It requires executive agencies to take specific actions to implement the three
principles of transparency, participation, and collaboration that form the cornerstone of open
government set forth by the President. During the previous reporting period, we indicated that
we would issue a progress report on the EEOC’s Open Government activities. That report will
issue in the fourth quarter of FY 2015.

Cooperative Audit Resolution and Oversight Initiative
In this reporting period, the OIG adopted the Cooperative Audit Resolution and Oversight
Initiative (CAROI) as a permanent method to resolve outstanding audit and evaluation
recommendations. In the next reporting period, the OIG plans to report on our progress in
implementing CAROI on several open recommendations from multiple audits/evaluations that
were completed in 2014.

OIG Technology Infrastructure
The OIG has implemented its own information technology infrastructure to support its Audit,
Investigative, and Administrative information technology requirements. The infrastructure is
cloud based and is hosted by a Federal Risk and Authorization Management Program
(FedRAMP)-approved cloud provider. This is currently in the final stages of beta testing, with
plans to fully migrate to the new infrastructure during the third quarter of fiscal year 2015.

OIG Website

The OIG’s newly designed Web site (oig.eeoc.gov) was launched on March 29, 2015. This site is
a new tool for the OIG that will assist in our ability to provide (1) greater transparency in the
operations of the OIG by enhancing access to audit and evaluation reports and other public
                                                                                                     16



documents; (2) an improved electronic portal for the public to use in reporting fraud, waste, and
abuse; and (3) a medium to implement the use of social media to enhance our ability to reach and
                                                                                                     Page




inform our stakeholders about the OIG’s vision, mission, and operations.



                      OIG Semiannual Report to Congress October 1, 2014–March 31, 2015
   EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT


AUDIT FOLLOW-UP
Audit follow-up is an integral part of good management and is a shared responsibility of Agency
management officials and auditors. Corrective action taken by management to resolve findings
and recommendations is essential to improving the effectiveness and efficiency of Agency
operations.
Section 5(a)(1) of the Inspector General Act of 1978, as amended, requires that semiannual
reports include a summary description of significant problems, abuses, and deficiencies relating
to the Agency’s administration of programs and operations disclosed by the OIG during the
reporting period. Four new reports were issued during this reporting period (October 1, 2014–
March 31, 2015); three of those reports contained findings.

                        Reports Issued During This Reporting Period

  Fiscal                                                                                  Date
  Year       Report Number                          Report Title                         Issued

   2015       2014-01-FIN      Audit of the EEOC’s FY 2014 Financial Statements         11/17/14

   2015       2014-02-FIN        FY 2014 Financial Statement Audit Management           01/13/15
                                                     Letter

   2015      2014-08-EOIG      FY 2014 Federal Information Security Management          12/16/14
                                                     Act

   2015       2014-06-AIC           FY 2014 Agency Compliance with FMFIA                11/14/14




As required by Section 5(a)(3) of the Inspector General Act of 1978, as amended, semiannual
reports shall provide an identification of each significant recommendation described in previous
semiannual reports on which corrective action has not been completed. OIG staff met with
Agency follow-up officials in March 2015. The OIG is reporting 12 reviews with a total of 52
open recommendations for this reporting period. The following table shows those
recommendations for which corrective actions have not been completed.
                                                                                                   17
                                                                                                   Page




                     OIG Semiannual Report to Congress October 1, 2014–March 31, 2015
EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT


                  Recommendations Pending Corrective Actions from
                               Previous Reporting Periods

Fiscal                                                                                   Date
Year       Report Number                          Report Title                          Issued
2014        2013-08-PSA              Performance Audit of the Agency’s                  9/4/14
                                        Personnel Security Program


    Identify all headquarters and field offices where classified national security information
    is safeguarded, handled, processed, reproduced, transmitted, transported, or destroyed.
    Identify all EEOC employees with
         o current or prior access to classified national security information;
         o a current adjudicated security clearance and the sponsoring agency, if applicable;
           and
         o special access or interim clearance and the sponsoring agency, if applicable.
    Develop and implement policies and procedures to address the safeguarding, transfer,
    storage, or disposal of classified information. The policy should include the requirements
    for Memorandums of Understanding (MOUs) between agencies.
    Designate a senior agency official to direct and administer the program in accordance
    with Executive Order 13526 and 32 CFR Parts 2001 and 2003. This senior agency
    official/office must be provided the resources and authority to achieve compliance with
    the requirements associated with the Classified National Security Information program.
    Implement a formalized training program for individuals who use classified information
    as a part of their duties. If an external agency is to assume the responsibility of training
    these individuals, this agreement should be documented in an MOU.
    Perform and document an assessment/evaluation of current classified information
    practices and safeguarding at headquarters and field offices to determine any
    noncompliances. Immediate corrective action should be taken to address any
    noncompliances noted.
    Incorporate a review of controls over classified information in EEOC’s annual FMFIA
    process.
    Complete risk designations for the remaining estimated 194 EEOC covered positions.
    Complete and begin any outstanding reinvestigations as required by the CFR.
                                                                                                   18
                                                                                                   Page




                   OIG Semiannual Report to Congress October 1, 2014–March 31, 2015
EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT


  Adhere to EEOC policy and Federal requirements pertaining to reinvestigations. EEOC
  should follow their internal policy until further guidance is provided by the Office of
  Personnel Management (OPM).
  Update the policy for the Federal Personnel Payroll System with a timeline and
  implement the revised standard.
  Review all employee Electronic Official Personnel File (e-OPF)s to ensure proper
  inclusion of the employee’s Certificate of Investigation (COI) and, in instances where the
  documentation is missing, insert the COI.
  Report any outstanding EEOC adjudication decisions to the OPM, and going forward
  adhere to the 90-day timeline.
  Develop and implement a procedure to maintain relevant evidence documenting that the
  EEOC has informed OPM of the adjudication decisions it has made.
  Explore and document the decision on using alternative staffing options, such as contract
  employees or part-time employees, or obtaining an employee on detail in order to become
  current on risk designations, reinvestigations, Federal Personnel Payroll System (FPPS),
  COIs, and adjudication reporting.
  Update and implement comprehensive policies and procedures for physical security.
  These policies and procedures should include but not be limited to
     o providing training for the Financial Cloud Solutions (FSC) member or designee at
       each field office location at least annually;
     o developing and implementing a field office on-site security assessment program
       that includes performing assessments and/or spot checks of field office security
       measures by the Office of the Chief Financial Officer (OCFO) on a rotational
       basis as it relates to Interagency Security Committee requirements; and
     o assisting and ensuring field offices correct noted security weaknesses or document
       acceptance of risk where EEOC has determined corrective action will not be
       taken.
  Revise the field office self-assessment checklist to include facility security and
  credentialing information.
  Immediately correct any known weaknesses. If EEOC determines not to correct a noted
  weakness, EEOC should document this analysis and their acceptance of the associated
  risk.
  Increase coordination between OCFO and the Office of Federal Programs (OFP) to
  improve field office security posture, awareness and training to ensure compliance with
  applicable EEOC orders and guides; Facility Security Committees: An ISC Standard,
  dated January 1, 2012, second edition; and other applicable Interagency Security
                                                                                               19



  Committee Standards.
                                                                                               Page




                OIG Semiannual Report to Congress October 1, 2014–March 31, 2015
EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT


Fiscal                                                                                    Date
Year        Report Number                           Report Title                         Issued
2014          2013-FIN-01              FY 2013 Financial Statement Audit                12/16/13

                                    Open Recommendations:

         EEOC should update and revise the manner in which it controls the maintenance of its
         official personnel files. Additionally, management should perform a thorough review of
         its employees’ personnel files to ensure that documentation is current and complete.
         (Repeat finding from 2012)

Fiscal                                                                                    Date
Year        Report Number                           Report Title                         Issued
2014          2013-02-FIN          FY 2013 Financial Statement Management               1/31/14
                                                Letter Report
                                    Open Recommendations:

         EEOC should work toward prompt resolution of these differences as this is an essential
         component of financial data integrity, and its absence compromises the integrity of the
         financial reporting.
         EEOC management should consistently review and approve all documents as prescribed
         by its policies and procedures. Policies and procedures should be reviewed and updated
         to ensure they reflect the most current protocol.
         EEOC should ensure that its property records contain accurate and complete property
         information. A review of property records and property inventory should be conducted
         at least annually, but preferably semiannually.
         EEOC should establish and implement controls to prevent waste, fraud, and misuse in
         the credit card program. On an annual basis, EEOC should review and update the
         Charge Card Program Guide for substantial changes. Additionally, EEOC should
         monitor the controls to ensure that they are working effectively.
                                                                                                   20
                                                                                                   Page




                     OIG Semiannual Report to Congress October 1, 2014–March 31, 2015
EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT


Fiscal                                                                                    Date
Year        Report Number                           Report Title                         Issued
2014        2013-05-FISMA            FY 2013 Federal Information Security               12/10/13
                                           Management Act Report
                                    Open Recommendations:

         The OIG recommends that the EEOC Office of Information Technology (OIT) define
         the configuration items (hardware/software inventory) for the information system within
         the Configuration Management Plan. The OIG recommends that OIT should document
         the hardware/software inventory in the Configuration Management Plan or provide a
         direct reference to where the current hardware/software inventory lists are located.
         The OIG recommends that the EEOC Office of the Chief Financial Officer, Central
         Services Division, update EEOC Order 370-002 Security Plan to reflect consideration of
         updated authorities.
         The OIG recommends that the EEOC OIT implement multifactor authentication for
         remote access. The OIG further recommends that the EEOC use multifactor
         authentication where one of the factors is provided by a device separate from the
         computer gaining access. (Repeat finding from 2008)
         The OIG recommends that the OIT ensure all configuration change request forms are
         signed to document review and approval.
         The OIG recommends that the EEOC OIT include an option box or a check box in the
         Change Request forms for emergency changes to ensure the Change Configuration
         Board (CCB) approvers have enough information pertaining to the type of change
         request.
         The OIG recommends that the EEOC Office of Chief Human Capital Officer work with
         EEOC Headquarters’ Administrative Officers and District Directors regarding (1)
         implementing procedures to ensure compliance with EEOC Order 501.006 Clearance
         Procedures and (2) implementing procedures to ensure that all separated/terminated
         EEOC employees complete the EEOC Exit Questionnaire and EEOC Form 470,
         Contractor and Employee Clearance Record.

Fiscal                                                                                    Date
Year        Report Number                           Report Title                         Issued
2013         2012-09-REV                      Review of Evaluations                     04/09/13

                                    Open Recommendations:
                                                                                                   21



         EEOC should further standardize intake procedures across field offices.
                                                                                                   Page




         EEOC should document criteria for determining Category C charges.



                     OIG Semiannual Report to Congress October 1, 2014–March 31, 2015
EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT


         EEOC should continue efforts to develop a national approach for addressing and
         eliminating systemic discrimination.
         EEOC should continue to review the range of information obtained during intake
         interviews and review the manner in which the intake information is stored in the
         Integrated Mission System (IMS).
         EEOC should investigate the merits of expanding the information it obtains related to
         employee hiring and terminations.

Fiscal                                                                                    Date
Year        Report Number                           Report Title                         Issued
2013          2012-01-FIN          FY 2012 Financial Statement Audit Report             11/16/12

                                    Open Recommendations:

         EEOC should document and monitor implementation of all complementary user control
         considerations. (Repeat finding from 2010)

Fiscal                                                                                    Date
Year        Report Number                           Report Title                         Issued
2013        2012-03-FISMA            FY 2012 Federal Information Security               11/14/12
                                           Management Act Report
                                    Open Recommendations:

         EEOC management should revise the Agency’s policy to correctly reflect the entire
         severity rating list published by the U.S. Computer Emergency Readiness Team (US-
         CERT).

Fiscal                                                                                    Date
Year        Report Number                           Report Title                         Issued
2013          2012-02-FIN          FY 2012 Financial Statement Management               12/19/12
                                                Letter Report
                                    Open Recommendations:

         EEOC should implement stringent reconciliation and resolution procedures for
         reconciliation of management reports and subledgers to FCS general ledger data.
                                                                                                   22
                                                                                                   Page




                     OIG Semiannual Report to Congress October 1, 2014–March 31, 2015
EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT


Fiscal                                                                                    Date
Year        Report Number                           Report Title                         Issued
2013        2012-10-PMEV         Evaluation of EEOC’s Performance Measures              03/21/13

                                     Open Recommendations:

         EEOC should expand the new Strategic Enforcement Plan (SEP) requirement for
         quarterly reviews. EEOC management would likely benefit considerably from the
         implementation of quarterly data-driven reviews such as those required by large Federal
         agencies.
         EEOC should provide its Commissioners and managers with easy access to relevant
         disaggregation of outcome values. Outcome data would be broken out by such
         characteristics as priority level, industry, and key characteristics of charging parties.


Fiscal                                                                                    Date
Year        Report Number                           Report Title                         Issued
2013        2012-08-PURCH          Performance Audit of EEOC Charge Card                03/28/13
                                                 Program
                                     Open Recommendations:

         EEOC should perform further analysis on the government charge card operations to
         identify the controls to be implemented in compliance with OMB directives.
         Specifically, the EEOC must review and update the identification of procedures
         performed using the new accounting system FCS as well as the current duties of
         personnel interacting with the system. The EEOC should meet with all process lead
         personnel to determine what controls are or should be in place to ensure that fraud,
         waste, abuse, and misuse are not present in the charge card program. The EEOC should
         identify all requirements in OMB Circular A-123, Appendix B, and determine the
         procedures necessary to comply with the requirements and ensure that policies and
         procedures are reviewed on an annual basis, or more frequently if substantial changes
         have occurred in EEOC’s systems or laws and regulations have been issued. This will
         help to ensure that policies and procedures are appropriate for the current environment.
         EEOC should develop a system to (1) identify and track all charge card activity,
         including open accounts, closed accounts, cardholder approver levels, and cardholder
         training; (2) perform an evaluation of service providers’ controls over the charge card
         program to ensure that controls are appropriate and operating effectively; and (3)
         monitor all controls, whether performed at EEOC or at a service provider, at least
                                                                                                     23



         annually, to ensure that controls remain adequate and continue to operate effectively.
                                                                                                     Page




         EEOC should develop policies and procedures to identify and track all cardholder-
         required training. Documentation should be maintained following National Archives and


                     OIG Semiannual Report to Congress October 1, 2014–March 31, 2015
EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT


         Records Administration (NARA) requirements for cardholders who have successfully
         completed training requirements.
         EEOC should develop controls over the retention of application documents for charge
         card accounts.
         EEOC should monitor controls over transaction approval, whether performed at EEOC
         or at a service provider.
         EEOC should implement policies and procedures regarding record retention for
         purchase and travel card transactions.
         EEOC should develop and implement policies to require reviews of total cardholder
         activity to ensure compliance with monthly spending authority for all cardholders.
         Documentation of authority to exceed cardholders’ spending limits should be
         maintained by management. Penalties for exceeding authorized spending limits should
         be established and enforced.
         EEOC should develop and implement policies and procedures to use data mining to
         monitor charge card activity.


Fiscal                                                                                   Date
Year        Report Number                          Report Title                         Issued
2008        2008-03-AMR         Oversight of Federal Agency Reporting                  09/26/08
                             Management Directive 715 (MD-715) and Related
                                                Topics
                                   Open Recommendations:

         EEOC should require Federal agencies to submit Part G of their Equal Employment
         Opportunity assessment with their annual EEOC Management Directive MD-715
         submissions.


Fiscal                                                                                   Date
Year        Report Number                          Report Title                         Issued

2008           2007-11-        Performance Audit of the Equal Employment               08/26/08
               RFPERF         Opportunity Commission’s Education, Training,
                               and Technical Assistance Program Revolving
                                                  Fund
                                                                                                  24



                                   Open Recommendations:
                                                                                                  Page




         EEOC should approve the establishment of the EEOC Training Institute Steering



                    OIG Semiannual Report to Congress October 1, 2014–March 31, 2015
   EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT


        Committee.
        EEOC should update the Revolving Fund Business Plan to reflect the Agency’s
        strategic direction, vision, and goals over the next three to five years.
        EEOC should seek professional assistance to develop a more effective budgeting
        method to project financial information in order to plan training events and monitor
        goals.

As required by Section 5(a)(10) of the Inspector General Act of 1978, as amended, semiannual
reports shall include a summary of each audit report issued before the start of the reporting
period for which no management decision has been made by the end of the reporting period. The
OIG has no audit or evaluation reports that were issued before the reporting period began for
which no management decision has been made.




                                                                                                25
                                                                                                Page




                     OIG Semiannual Report to Congress October 1, 2014–March 31, 2015
EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT


        THE INVESTIGATION PROGRAM
        The Investigation Program supports the OIG’s strategic goal to focus limited
        investigative resources on issues that represent the greatest risk and offer the
        maximum opportunity to detect and prevent fraud, waste, and abuse in EEOC
        programs and operations.



                      Investigative Inquires Received
                      October 1, 2014–March 31, 2015

        Allegations                                       Number

        Charge Processing                                       134

        Other Statutes                                           37

        Title VII                                               132

        Mismanagement                                             1

        Ethics Violations                                         8

        Backgrounds                                               7

        Theft                                                     1

        Threats                                                   1

        Fraud                                                     3

        Other Criminal Allegations                                6

        Congressional Inquiries                                   3

        Total                                                   333
                                                                                           26
                                                                                           Page




           OIG Semiannual Report to Congress October 1, 2014–March 31, 2015
   EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT


INVESTIGATIONS
Fraudulent Settlement Agreement
The OIG investigated an allegation involving an EEOC Settlement Agreement used as a
financial instrument to obtain an advance payment on the settlement amount. The investigation
revealed that the settlement agreement document was fraudulent. The signatures of agency
employees and agency seal had been forged on the document.
Using an OIG subpoena, the investigation revealed the money ($35,000.00) obtained from the
lender was deposited into an account at JPMorgan Chase Bank in Madison, Wisconsin, into an
account under the name of Staff on Demand. Bank records established that the subject of the
investigation was the owner of the account.
Our investigation of the subject revealed a prior history of convictions for state theft charges and
federal tax code violations. Other convictions associated with this individual include mail fraud,
false statements, false claims, and bank fraud. These convictions and others involved the use of
and the creation of numerous fraudulent documents to commit the crimes.
It was determined that the subject of this investigation is currently serving time in a Federal
correction institute for three counts of Fraud with Identification Documents and one count of
Fraudulent Statements in the Application of a Passport. The subject was sentenced and is not
scheduled for release until September 2016.
The OIG referred this matter to the Federal Bureau of Investigation, the Wisconsin Field Office,
located in Milwaukee, Wisconsin.


ONGOING INVESTIGATIVE ACTIVITY
The OIG has ongoing investigations in several field offices involving ethics violations, conflicts
of interest, fraud, mismanagement, falsification of government records, impersonation of a
Federal official, misuse of travel and purchase cards, misuse of computers, misuse of position
and threats against the Agency.


OTHER OIG PROGRAM ACTIVITIES

Peer Review of EEOC OIG Audit Function
The Federal Trade Commission (FTC) OIG conducted a peer review of the system of quality
control for EEOC OIG’s audit function for FY 2014. The modified peer review report, which
was issued on December 8, 2014, noted that the EEOC OIG’s established policies and
procedures for the audit function as of March 31, 2014, were current and consistent with
                                                                                                       27



applicable professional standards as stated, and no recommendations were included.
                                                                                                       Page




                      OIG Semiannual Report to Congress October 1, 2014–March 31, 2015
   EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT


APPENDIX I. FINAL OIG AUDIT AND EVALUATION REPORTS

                                                   Questioned       Funds Put    Unsupported
         Report Title             Date Issued                        to Better
                                                     Costs                          Costs
                                                                        Use

   FY 2014 FISMA Report             12/16/14            $0             $0              $0

 Agency Compliance with the
 Federal Managers’ Financial        11/14/14            $0             $0              $0
   Integrity Act (FMFIA)

 FY 2013 Financial Statement        11/17/14            $0             $0              $0
     Audit of the EEOC
     Report on Open and
    Unimplemented OIG               3/25/15             $0             $0              $0
Recommendations to Congress

 FY 2013 Management Letter          1/13/15             $0             $0              $0
          Report

APPENDIX II. INDEX OF REPORTING REQUIREMENTS

Inspector General
                                       Reporting Requirements                           Page
   Act Citation

Section 4(a)(2)     Review of Legislation and Regulations                              N/A

Section 5(a)(1)     Significant Problems, Abuses, and Deficiencies                     10–24

                    Recommendations with Respect to Significant Problems,
Section 5(a)(2)                                                           10–13
                    Abuses, and Deficiencies

                    Significant Recommendations Included in Previous Reports
Section 5(a)(3)                                                              17–24
                    on Which Corrective Action Has Not Been Completed

Section 5(a)(4)     Matters Referred to Prosecutorial Authorities                      N/A

Section 5(a)(5)     Summary of Instances Where Information Was Refused                 N/A

Section 5(a)(6)     List of Audit Reports                                              27
                                                                                               28



Section 5(a)(7)     Summary of Significant Reports                                     10–13
                                                                                               Page




Section 5(a)(8)     Questioned and Unsupported Costs                                   27




                    OIG Semiannual Report to Congress October 1, 2014–March 31, 2015
   EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT


Section 5(a)(9)    Recommendations That Funds Be Put to Better Use                    27

                   Summary of Audit Reports Issued Before the Commencement
Section 5(a)(10)   of the Reporting Period for Which No Management Decision 16
                   Has Been Made

                   Significant Management Decisions That Were Revised
Section 5(a)(11)                                                      N/A
                   During the Reporting Period

                   Significant Management Decisions with Which the Office of
Section 5(a)(12)                                                             N/A
                   Inspector General Disagreed




                                                                                           29
                                                                                           Page




                   OIG Semiannual Report to Congress October 1, 2014–March 31, 2015
   EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT


APPENDIX III. SINGLE AUDIT ACT REPORTS


The Single Audit Act of 1984 requires recipients of Federal funds to arrange for audits of their
activities. Federal agencies that award these funds must receive annual audit reports to determine
whether prompt and appropriate corrective action has been taken in response to audit findings.
During the reporting period, the OIG received no single audit reports issued by public accounting
firms concerning Fair Employment Practice Agencies (FEPAs) that have work-sharing
agreements with EEOC. Thus, no audit findings for the FEPAs involved EEOC funds.




                                                                                                     30
                                                                                                     Page




                      OIG Semiannual Report to Congress October 1, 2014–March 31, 2015
EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT




EEOC-OIG The Hotline

The EEOC Hotline Program was established for Agency employees, other
Government employees, contractors, and the general public to report fraud, waste,
abuse, or wrongdoing by phone, e-mail, or by mail.

What Should you Report

You should report any concern you may have over a situation in which EEOC is
the potential victim of fraudulent acts by employees, contractors, or others. It
includes any violations of laws, rules, regulations, gross mismanagement, gross
waste or misappropriation of funds, and abuses of authority


OIG Hotline Contact Information


                      Call:
                      EEOC-OIG Hotline
                      Toll-free 1-800-849-4230


                     E-Mail:
                     INSPECTOR.GENERAL@EEOC.GOV



                     Write:
                     Equal Employment Opportunity Commission
                     Office of Inspector General
                     PO Box 77067
                     Washington, DC 20013-7067
                                                                                    31
                                                                                    Page




  Identities of Writers, E-mailers, and Callers are always Fully Protected




                OIG Semiannual Report to Congress October 1, 2014–March 31, 2015