U.S. Equal Employment
Opportunity Commission
Office
of
Inspector General
Semiannual Report
to the October 1, 2015–March 31, 2016
U.S. Congress
Milton A. Mayo Jr.
Inspector General
EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT
THIS PAGE INTENTIONALLY LEFT BLANK
2
OIG Semiannual Report October 1, 2015–March 31, 2016
EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT
OIG VISION
Effective, efficient, and accountable management of Agency
programs, operations, and personnel.
OIG MISSION
To detect and prevent waste, fraud, and abuse, and promote
economy, efficiency, and effectiveness in the programs and
operations of the Equal Employment Opportunity Commission.
3
OIG Semiannual Report October 1, 2015–March 31, 2016
EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT
CONTENTS
Message from the Inspector General ………………………………………….......6
Executive Summary ……………………………………………………………….7
Introduction ………………………………………………………………………..8
The Audit and Evaluation Program ………………………………………….……11
Completed Projects
New and Ongoing Audit and Evaluation Projects
Audit Follow-up
The Investigation Program …………………………………………………………28
Investigative Inquiries
Completed Investigative Activities
Ongoing Investigative Activities
Appendixes…………………………………………………………………………..30
Appendix I. Final OIG Audit and Evaluation Reports
Appendix II. Index of Reporting Requirements
Appendix III. Single Audit Act Reports
4
OIG Semiannual Report October 1, 2015–March 31, 2016
EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT
THIS PAGE INTENTIONALLY LEFT BLANK
5
OIG Semiannual Report October 1, 2015–March 31, 2016
EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT
Message from the Inspector General
In accordance with the Inspector General Act of 1978, as amended, I herewith submit the
semiannual report for the period October 1, 2015, through March 31, 2016, which summarizes
the major activities of our office for the reporting period. Section 5 of the Inspector General Act
requires the Chair to transmit this report to the appropriate committees or subcommittees of
Congress within 30 days of its receipt.
During this reporting period the OIG commenced its first formal review of the Office of General
Counsel’s (OGC) litigation program in an effort, primarily, to better understand its goals,
operations, and the culture of that office. Additionally, we seek to provide the OGC with data
that may be useful in shaping its strategic and operational planning in the near term. We plan to
report our findings in the third quarter of FY 2016.
We took note of the Agency’s efforts to implement Chair Jenny R. Yang’s vision for improving
organizational accountability through the Agency’s March 2016 three-day Senior Leadership
Summit premised on the OZ Principle. In the words of the 35th President of the United States,
John F. Kennedy: “Leadership and learning are indispensable to each other.” Additionally, we
took note of the Agency’s commitment to better utilize technology to improve organizational
performance as evidenced by the activities of its recently hired Chief Information Officer. While
we plan to evaluate these initiatives in the future, it is our opinion that a continuous sustained
commitment to the goals of improving accountability and its use of technology will likely
improve the Agency’s success in achieving its mission to Stop and Remedy Unlawful
Employment Discrimination.
During this period, the OIG issued 4 final audit/evaluation reports, completed 1 investigation,
and received 246 hotline inquiries, of which 102 were charge processing issues, 73 were Title
VII complaints, and 71 were other investigative allegations.
Among the recommendations emphasized in the audit of the EEOC’s FY 2015 Financial
Statements conducted by the certified public accounting firm of Harper, Rains, Knight &
Company, P.A. (HRK), was the need for improving the Agency’s process for compiling the
annual Performance and Accountability Report (PAR). We echo HRK’s recommendations to
ensure that all OMB submission deadlines are met and to minimize the potential for edits
required close to the final PAR submission deadline.
As always, we appreciate the support and cooperation extended to us by Chair Jenny Yang and
agency staff.
Regards,
Milton A. Mayo Jr
Inspector General
6
OIG Semiannual Report October 1, 2015–March 31, 2016
EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT
EXECUTIVE SUMMARY
This semiannual report is issued by the Equal Employment Opportunity Commission’s
(EEOC’s) Office of Inspector General (OIG) pursuant to the Inspector General Act of 1978, as
amended. It summarizes the OIG’s activities and accomplishments for October 1, 2015, through
March 31, 2016.
During this period, the OIG issued 4 final audit/evaluation reports, completed 1 investigation,
and received 246 hotline inquiries, of which 102 were charge processing issues, 73 were Title
VII complaints, and 71 were other investigative allegations.
The OIG’s completed, newly initiated, and ongoing audit, evaluation, and investigative projects
include the following:
The Government Charge Card Abuse Prevention Act of 2012 requires inspectors general
of executive agencies to conduct periodic assessments of audits of purchase card and
travel card programs to identify and analyze the risks of illegal, improper, or erroneous
purchases and payments. Based on our risk assessment, we determined that the risk of
illegal, improper, or erroneous use in the EEOC’s purchase card program is low.
The OIG received a congressional request to review a Commissioner’s charge (a charge
filed by an EEOC Commissioner against a private sector respondent). We will report our
findings in the third quarter of FY 2016.
The OIG received an allegation of someone impersonating a charging party during the
mediation of a charge of discrimination, and wrongfully accepting $5,000 from the
respondent as a settlement in the charge of discrimination. The OIG investigation
established there was no criminal intent by the party involved in the mediation hearing.
The OIG contracted with Brown & Company CPAs, PLLC (Brown & Company), to
conduct an independent evaluation of EEOC’s compliance with the provisions of the
Federal Information Security Modernization Act of 2014 (FISMA). Based on the results
of the evaluation, Brown & Company concluded that the agency has made positive
strides in addressing information security weaknesses, but that it still faces challenges to
fully implementing information security requirements as stipulated in various federal
guidelines and mandates.
7
OIG Semiannual Report October 1, 2015–March 31, 2016
EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT
INTRODUCTION
The Equal Employment Opportunity Commission
The Equal Employment Opportunity Commission (EEOC) is the Federal agency responsible for
enforcement of Title VII of the Civil Rights Act of 1964, as amended; the Equal Pay Act of
1963; the Age Discrimination in Employment Act of 1967; Sections 501 and 505 of the
Rehabilitation Act of 1973 (in the Federal sector only); Title I of the Americans with Disabilities
Act of 1990 and the Americans with Disabilities Act Amendments Act of 2008; Sections 102
and 103 of the Civil Rights Act of 1991; the Lilly Ledbetter Fair Pay Act of 2009; and the
Genetic Information Nondiscrimination Act of 2008 (P.L. 110-233 Stat. 881), also referred to as
GINA. These statutes prohibit employment discrimination based on race, sex, color, religion,
national origin, age, disability, or genetic information.
EEOC is also responsible for carrying out Executive Order 12067, which promotes coordination
and minimizes conflict and duplication among Federal agencies that administer statutes or
regulations involving employment discrimination.
EEOC is a bipartisan commission composed of five presidentially appointed members, including
a Chair, a Vice Chair, and three Commissioners. The Chair is responsible for the administration
and implementation of policy and for the Commission’s financial management and
organizational development. The Vice Chair and the Commissioners equally participate in
developing and approving EEOC policies, issuing charges of discrimination where appropriate,
and authorizing the filing of lawsuits. In addition, the President appoints a General Counsel, who
is responsible for conducting litigation under the laws enforced by the Commission.
An Accountability Driven Culture
During the reporting period, senior Agency leaders took significant steps toward achieving an
effective, efficient, and accountable environment. Accountability was the focus of a three-day
Senior Leadership Summit in March 2016 and the impetus of Chair Yang’s Agency-wide
initiative to create a culture of accountability. The overarching goal of the summit was to begin
to align the Agency’s leadership team around a culture of accountability. Partners in Leadership
facilitated the meeting, which laid out the foundation for developing a culture of accountability
across the Agency using the OZ Principle outlined in The OZ Principle, by Roger Connors, Tom
Smith, and Craig Hickman, which presents a straightforward approach to attaining individual and
organizational accountability.
The training focused on steps to accountability that employees at all levels can utilize in their
work every day. Agency leaders learned strategies for staying “above the line,” where the focus
is on reality, ownership, commitment, solutions to problems, and determined action, and also
learned how to avoid languishing “below the line,” where people employ a variety of tactics to
sidestep accountability. Leaders were tasked with committing to developing accountability plans
for themselves and their organizations. The culture-of-accountability initiative will be introduced
to the Agency workforce early in the third quarter.
8
OIG Semiannual Report October 1, 2015–March 31, 2016
EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT
Additionally, the Office of the Chief Human Capital Officer (OCHCO) made significant strides
in addressing strategic human capital management challenges previously identified by OIG and
the Office of Personnel Management in connection with the Agency’s succession planning
efforts and leadership development.
Technology and Innovation
During the semiannual reporting period, the Agency hired a new chief information officer (CIO),
Mr. Bryan Burnett. He was previously the CIO at the National Labor Relations Board.
Upon joining the EEOC, Mr. Burnett found an Agency committed to implementing digital case
processing from intake to resolution. Efforts were underway to transform the way the EEOC
serves the public by making its charge, complaint, and appeal processes transparent and
providing information to its constituents online and on demand.
During his short time with the EEOC, the new CIO has moved quickly and innovatively to
modernize Agency resources intended to increase the likelihood of success of these new and
evolving critical digital case processing initiatives. His actions include, in part:
Procuring and deploying newer enabling tools such as Office 365, Microsoft
Exchange Online, and Outlook to replace outmoded systems that the Agency
currently supports as part of its infrastructure
Procuring new digital-capable devices to replace eight-year-old laptops and further
enhance digital workflows
Planning for the deployment of enterprise wireless throughout the Agency to allow
for greater worker mobility
The CIO’s efforts in soliciting input from the EEOC stakeholders and implementing industry
best practices should position the EEOC to better capitalize on the highest and best use of 21st
century digital services.
While the OIG has not conducted any formal assessments to evaluate this technological
innovation, it is our opinion that the EEOC appears to be on the path toward addressing the
critical information technology needs and issues that have been repeatedly raised by customers,
internal stakeholders (employees), external stakeholders (the public), and the Congress.
9
OIG Semiannual Report October 1, 2015–March 31, 2016
EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT
The Office of Inspector General
The U.S. Congress established the Office of Inspector General (OIG) at EEOC through the 1988
amendments to the Inspector General Act of 1978; these amendments expanded the authority of
designated Federal entities to create independent and objective OIGs. Under the direction of the
Inspector General (IG), the OIG meets this statutory responsibility by conducting and
supervising audits, evaluations, and investigations relating to Agency programs and operations;
providing leadership and coordination; and recommending policies for activities designed to
promote economy, efficiency, and effectiveness in administering programs and operations.
In October 2008, Congress passed the Inspector General Reform Act of 2008, which generally
buttressed the independence of IGs, increased their resources, and held them more accountable
for their performance. The OIG is under the supervision of the IG, an independent EEOC official
subject to the general supervision of the Chair. The IG must not be prevented or prohibited by
the Chair or any other EEOC official from initiating, carrying out, or completing any audit,
investigation, evaluation, or other inquiry, or from issuing any report.
The IG provides overall direction, coordination, and leadership to the OIG; is the principal
advisor to the Chair in connection with all audit and investigative matters relating to the
prevention, identification, and elimination of waste in any EEOC program or operation; and
recommends the proper boundaries of audit and investigation jurisdiction between the OIG and
other EEOC organizations. The IG also develops a separate and independent annual budget for
the OIG; responds directly to inquiries from the public, Congress, or the news media; and
prepares press releases, statements, and other information about the OIG’s activities.
The Deputy Inspector General serves as the IG’s alter ego and participates fully in policy
development and in management of the OIG’s diverse audit, investigation, evaluation, and
support operations.
The Counsel to the Inspector General is the sole legal advisor in the OIG, providing day-to-day
guidance to the OIG’s investigation team, and is the primary liaison with Agency legal
components and the Department of Justice.
In addition to these positions, the OIG staff includes a chief technology officer, an evaluator, two
auditors, two criminal investigators, an administrative specialist, and a confidential support
assistant.
10
OIG Semiannual Report October 1, 2015–March 31, 2016
EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT
THE AUDIT AND EVALUATION PROGRAM
The Audit and Evaluation Program supports the OIG’s strategic goal of
improving the economy, efficiency, and effectiveness of EEOC programs,
operations, and activities.
COMPLETED PROJECTS
Independent Evaluation: FY 2015 Federal Information Security Modernization Act
For fiscal year (FY) 2015, the U.S. Equal Employment Opportunity Commission (EEOC) Office
of Inspector General (OIG) contracted with Brown & Company CPAs, PLLC (Brown &
Company), to conduct an independent evaluation of EEOC’s compliance with the provisions of
the Federal Information Security Modernization Act of 2014 (FISMA). FISMA requires agencies
to develop, document, and implement an agency-wide information security program to provide
security for the information and information systems that support the operations and assets of the
agency, including those provided or managed by another agency, contractor, or other source.
Based on the results of the evaluation, Brown & Company concluded that the agency has made
positive strides in addressing information security weaknesses, but that it still faces challenges to
fully implementing information security requirements as stipulated in various federal guidelines
and mandates.
This report contains seven FISMA findings and seven corresponding recommendations. The
findings are as follows:
1. EEOC has no organization-wide information security program that documents and enforces
implementation of common and hybrid controls among all EEOC information technology (IT)
assets.
2. EEOC has not developed an organization-wide risk management strategy and processes.
3. EEOC should strengthen its work sharing agreement with Fair Employment Practices
Agencies (FEPAs) to include a statement that requires FEPAs to implement information security
controls to ensure that data and access to data are secured.
4. EEOC should prepare special security controls for its district, field, and area offices to ensure
that information systems and information located at these offices are protected.
5. EEOC did not fully implement multifactor authentication to allow remote access to EEOC
systems.
6. The enterprise-wide IT continuity/disaster recovery program that is established and
operational at EEOC headquarters is not implemented and enforced at the EEOC field offices.
11
OIG Semiannual Report October 1, 2015–March 31, 2016
EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT
7. EEOC configuration management policy and procedures are not currently supported by
automated tools and procedures to accurately and completely detect, identify, and account for
changes to the information system component inventory.
Audit of the EEOC’s FY 2015 Financial Statements (OIG Report No. 2015-01-FIN)
The independent certified public accounting firm of Harper, Rains, Knight & Company, P.A.
(HRK), audited the financial statements of the EEOC for FY 2015 and issued an unmodified
opinion. HRK reported that EEOC’s fiscal year 2015 financial statements and notes were fairly
presented, in all material respects, in accordance with accounting principles generally accepted in
the United States of America. With regard to internal control over financial reporting, HRK
noted one (1) material weakness relating to the lack of sufficient controls over financial
management. Additionally, the lack of sufficient controls over supporting documentation for
personnel expenses was identified as a significant deficiency. HRK noted no instances of
noncompliance or other matters that were required to be reported under Government Auditing
Standards or the Office of Management and Budget (OMB) Bulletin 15-02. The report was
issued by OIG on November 16, 2015.
Management Letter Report for FY 2015 Financial Statement Audit (OIG Report
No. 2015-02-FIN)
The management letter report issued by HRK in connection with the FY 2015 financial statement
audit provides additional information about the material weakness and significant deficiency
contained in the financial statement audit report dated November 16, 2015, as well as other
identified control weaknesses. The management letter report identifies internal control
deficiencies in the following areas:
Appendix A. Material Weaknesses
Existence of expense items
Potential of noncompliance with Anti-Deficiency Act
Potential of noncompliance with Prompt Payment Act
Ineffective internal control
Missing prepared-by-client documentation
Appendix B. Significant Deficiency
Lack of sufficient controls over supporting documentation for personnel expenses
Appendix C. Control Deficiencies
Budget object class misclassifications
Internal controls over financial reporting and noncompliance with OMB Circular A-136
12
OIG Semiannual Report October 1, 2015–March 31, 2016
EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT
HRK made the following recommendations:
EEOC maintain all documentation associated with its transactions. EEOC should review
the retention procedures of its new service provider, and develop and document retention
procedures over each type of transaction entered into its financial system.
EEOC perform all assessments over their internal controls surrounding retention and
accuracy of obligating supporting documentation in order to ensure compliance with the
Anti-Deficiency Act.
EEOC perform an assessment over their internal controls surrounding payment support
retention and the payment of interest on late payments in order to comply with the
Prompt Payment Act.
Developing an assessment of EEOC’s internal control process in order to proactively
manage and update internal controls. This should minimally consist of EEOC
documenting what controls are performed by their shared service provider and what
controls are performed at EEOC to ensure management has a clear understanding of their
responsibilities.
EEOC update its controls over the maintenance of its accounting records to ensuring that
all documentation, whether held by EEOC or its shared service providers, is readily
available. EEOC should coordinate with its service providers to identify the type of
documentation that is available for each financial transaction, where that information is
located, and how long the data is available for review. This information should be clearly
documented in EEOC’s policies and procedures. Additionally, management should
perform a thorough review of its files to ensure that documentation exists, is accurate,
and is available for review.
EEOC update its controls over the maintenance of its official personnel files. The
controls currently in place are not capturing all changes to employee personnel files.
EEOC should initiate new procedures to sample and review employee personnel files at
least semi-annually to ensure that current documentation is included in the files.
The EEOC office accountable for compiling the Performance and Accountability Report
(PAR) create and enforce internal deliverable milestones to ensure tall OMB submission
deadlines are met. These internal deliverable milestones should extend to all EEOC
offices and require these offices to provide their content to EEOC’s accountable office
prior to the established milestones. Additionally, EEOC’s Office of the Chief Financial
Officer (OCFO) should thoroughly review the final draft of the PAR prior to the
submission to OMB and the auditors in order to minimize edits required close to the
PARs final submission deadline. This review should include a review of the financial
statements against various federal reporting guidelines and checklists, such as the 2020
checklist for federal reporting and disclosures found in the Government Accountability
Office’s Financial Audit Manual.
EEOC should develop a more effective internal control process over financial reporting.
This should minimally consist of EEOC documenting what controls are performed by the
various departments and contractors utilized in the preparation of the PAR, a timeline of
due dates for each department and contractor, and identification of overall responsibility
of the completed PAR.
13
OIG Semiannual Report October 1, 2015–March 31, 2016
EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT
EEOC strongly consider converting their annual reporting from a PAR to an Agency
Financial Report (AFR). This move would separate the financial reporting from the
program reporting and potentially alleviate the identified issues above.
FY 2016 audit procedures will determine whether the corrective actions have been implemented
and are operating effectively. The report was issued by the OIG on January 15, 2016.
Report to OMB on Agency Progress in Implementing the Government Charge Card
Abuse Prevention Act of 2012
In accordance with the audit and reporting requirements of the Government Charge Card Abuse
Prevention Act of 2012 (Charge Card Act), EEOC provided a status report on open purchase and
travel card audit recommendations to the OMB. To date, 8 of the 10 recommendations contained
in our March 26, 2013, report (OIG Report No. 2012-08-PURCH) remain open. These
recommendations are aimed at strengthening the Agency’s internal controls over the charge card
program. In response to these recommendations, the Agency’s Chief Financial Officer concurred
with the recommendations and provided a corrective action plan. We intend to conduct
additional testing during our FY 2016 financial statement audit and will continue to work with
our Agency’s audit follow-up official to address these remaining open recommendations. The
report was issued on February 5, 2016.
FY 2015 Risk Assessment of the EEOC’s Purchase Card Program
The Charge Card Act requires inspectors general of executive agencies to conduct periodic
assessments of audits of purchase card and travel card programs to identify and analyze the risks
of illegal, improper, or erroneous purchases and payments. OMB Memorandum M-13-21,
Implementation of the Government Charge Card Abuse Prevention Act of 2012, requires
inspectors general to conduct annual risk assessments. Based on our risk assessment, we
determined that the risk of illegal, improper, or erroneous use in the EEOC’s purchase card
program is low. As a result, we will not include an audit of the purchase card program in OIG’s
2016 annual audit plan. We issued the report to the Chair on February 4, 2016.
Agency Compliance with the Federal Managers’ Financial Integrity Act (OIG
Report No. 2015-01-FMFIA)
Agency policy directive EEOC Order 195.001 Management Accountability and Controls
requires the OIG to annually provide a written advisory to the head of the Agency regarding
whether the management control evaluation process complied with OMB guidelines. The OIG
issued its annual report to the Chair on November 13, 2015, validating the Agency’s compliance
with the Federal Managers’ Financial Integrity Act (FMFIA). To make this determination, the
OIG reviewed the following:
Assurance statements submitted by headquarters and district office directors attesting
that their systems of management accountability and control were effective and that use
of resources under their control was consistent with the Agency’s mission and in
compliance with the laws and regulations set out in FMFIA
14
OIG Semiannual Report October 1, 2015–March 31, 2016
EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT
All functional area summary tables and functional area reports submitted by headquarters
and field offices
The FY 2015 FMFIA Assurance Statement and Assurance Statement Letter, with
supporting documents, from the Office of Research, Information, and Planning (ORIP)
The OIG concluded that the Agency’s management control evaluation was conducted in
accordance with OMB’s standards and concurred with ORIP’s assertion that the Agency had one
material weakness during the reporting cycle.
NEW AND ONGOING AUDIT AND EVALUATION PROJECTS
FY 2016 Audit of the Consolidated EEOC Financial Statements
The OIG exercised the first option year of its contract with the public accounting firm of Harper,
Rains, Knight & Co., P.A. (HRK), to perform the 2016 financial statement audit of the EEOC,
which is required by the Accountability of Tax Dollars Act of 2002. To ensure that the OIG
meets its mandated reporting deadline requirements, fieldwork is underway and the audit opinion
will be included in the Agency’s 2016 Performance and Accountability Report. Shortly
thereafter, the auditor will issue a management letter report identifying any internal control
weaknesses.
Peer Review of the International Trade Commission
The EEOC OIG audit staff is conducting a Council of Inspectors General on Integrity and
Efficiency external peer review of the audit operations of the International Trade Commission
(ITC). The objectives of the external peer review are to determine whether, for the period under
review, the ITC Office of Inspector General’s system of audit quality control was suitably
designed, and whether the organization is complying with its system of quality control in order to
provide it with reasonable assurance of conforming with applicable professional standards in all
material respects. Fieldwork is expected to be completed early in the third quarter, after which a
system review report will be issued to the ITC OIG.
Improper Payments Reporting for FY 2015
The OIG has requested information from EEOC management to assist in identifying and
reporting erroneous or improper payments relating to FY 2015. The Improper Payment
Information Act (IPIA) of 2002, as amended by the Improper Payments Elimination and
Recovery Improvement Act of 2012 (IPERIA) and the Improper Payments Elimination and
Recovery Act of 2010 (IPERA), requires agencies to estimate and report on improper payments,
and agency actions to reduce them, to the President and Congress. This year, IPERIA requires
the OIG to determine and report, by May 15, 2016, whether the Agency is in compliance with
IPIA.
15
OIG Semiannual Report October 1, 2015–March 31, 2016
EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT
Evaluation of Litigation
The OIG contracted with the Urban Institute to conduct an evaluation that assesses the Agency’s
litigation program. The Urban Institute is assessing the Agency’s litigation efforts, focusing on
areas where gains in efficiency and effectiveness may be obtained. The draft and final reports
will be completed in the third quarter of FY 2016.
Congressional Request
In December 2015, we received a formal written request from a Congressional delegation to
review the EEOC’s use of a Commissioner’s charge in manner the delegation believes to be a
questionable enforcement tactic. The OIG is conducting a limited program review of
Commissioner charges and will report its findings to the delegation in the third quarter of FY
2016.
AUDIT FOLLOW-UP
Audit follow-up is an integral part of good management and is a shared responsibility of Agency
management officials and auditors. Corrective action taken by management to resolve findings
and recommendations is essential to improving the effectiveness and efficiency of Agency
operations.
Section 5(a)(1) of the Inspector General Act of 1978, as amended, requires that semiannual
reports include a summary description of significant problems, abuses, and deficiencies relating
to the Agency’s administration of programs and operations disclosed by the OIG during the
reporting period. Six new reports were issued during this reporting period (October 1, 2015–
March 31, 2016); three of those reports contained findings.
Reports Issued During This Reporting Period
Fiscal Year Report Number Report Title Date Issued
2016 2015-01-FMFIA FY 2015 Agency 11/13/15
Compliance with Federal
Managers’ Financial
Integrity Act
2016 2015-01-FIN Audit of the EEOC’s FY 11/16/15
2015 Financial Statements
2016 2015-03-EOIG FY 2015 Federal 12/16/15
Information Security
Modernization Act Report
2016 2015-02-FIN FY 2015 Financial 1/15/16
Statement Audit
Management Letter
16
OIG Semiannual Report October 1, 2015–March 31, 2016
EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT
2016 Fiscal Year 2015 Risk 2/4/16
Assessment of EEOC’s
Purchase Card Program
2016 Report to OMB on Agency 2/5/16
Progress in Implementing
the Government Charge
Card Abuse Prevention Act
of 2012
As required by Section 5(a)(3) of the Inspector General Act of 1978, as amended, semiannual
reports shall provide an identification of each significant recommendation described in previous
semiannual reports on which corrective action has not been completed. OIG staff met with
Agency follow-up officials in March 2016. The OIG is reporting a total of 15 reviews with a
total of 89 open recommendations for this reporting period. The following table shows those
recommendations for which corrective actions have not been completed.
Recommendations for Which Corrective Actions Have Not Been Completed
Fiscal
Year Report Number Report Title Date Issued
2015 2014-03-OE Evaluation of EEOC’s Outreach and 5/8/15
Education Program
EEOC should consider a more centralized operation for outreach and education.
EEOC should consider ways to alleviate the administrative workload of program
analysts.
EEOC should rely on the strengths of the Fair Employment Practices Agencies (FEPAs)
in their outreach and education efforts.
EEOC should also consider an initiative that would provide regular opportunities to
evoke news stories, also known as “earned media” opportunities that would support its
outreach goals.
EEOC’s website needs to be updated when important events occur, perhaps in
accordance with guidelines that EEOC’s Office of Communication and Legislative
Affairs sets for itself.
17
OIG Semiannual Report October 1, 2015–March 31, 2016
EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT
EEOC needs some process for obtaining feedback about what key constituents think
regarding its outreach and education effort. A brand evaluation is one way to solicit and
act on systematic feedback.
EEOC should consider creating a “clearinghouse” for outreach and education materials.
EEOC should provide analytical help to each district office to examine charge data
related to its own geographic area in order to identify potential trends, opportunities, and
priorities.
The Office of Field Programs (OFP) and Office of Federal Operations should survey (by
mail or electronically) all or samples of former participants to assess the extent to which
participants found the information provided to be useful—if so, in what way, and if not,
why not.
EEOC should regularly, perhaps quarterly, review website analytics.
EEOC and its district and field offices should routinely conduct follow-up through
surveys with partners, perhaps three months after events.
As suggested by FEPA officials, district and field offices should consider asking
complainants to identify how they heard about the agency and who recommended the
agency to them.
EEOC should provide resources for the regular analysis of OFP charges to provide
evidence of outreach and education success—both for district and field offices and
nationally.
EEOC should change the position title of “program analyst” (only for those doing
outreach and education) to something like “outreach and education coordinator.”
Fiscal
Year Report Number Report Title Date Issued
2015 2014-01-FIN FY 2014 Financial Statement Audit 11/17/14
EEOC should update its controls over the maintenance of its official personnel files.
Additionally, management should perform a thorough review of its employees’ personnel
files to ensure that documentation is current and complete.
EEOC should implement procedures to ensure that it has a complete understanding of its
service providers’ policies and procedures.
18
OIG Semiannual Report October 1, 2015–March 31, 2016
EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT
Fiscal
Year Report Number Report Title Date Issued
2015 2014-02-FIN FY 2014 Financial Statement Audit 1/13/15
Management Letter Report
EEOC should monitor and enforce its policies and procedures over sensitive property.
EEOC should monitor these controls to ensure that the controls remain adequate and
continue to operate effectively.
EEOC should update its policies and procedures to correctly state its current process.
EEOC should monitor and enforce its policies and procedures over record retention for
purchase and travel card transactions. EEOC should monitor these controls to ensure that
the controls remain adequate and continue to operate effectively. Additionally,
management should enforce penalties, such as disciplinary action, including restitution to
the government and/or dismissal.
EEOC should implement and monitor controls to ensure approving officials’ review and
approval is documented for each purchase and travel card transaction. The policy or
procedure should establish an appropriate period of time for retention of records,
monitoring by the purchase card program manager, and appropriate disciplinary actions
for noncompliance.
EEOC should follow its guidelines for all expense transactions. We also recommend
developing an assessment of EEOC’s internal control process in order to proactively
manage internal controls and get the most from them.
EEOC should implement procedures to ensure that it has read and implemented all
Federal guidance issued through the year.
EEOC should work with its service provider to implement internal controls that will
catch all transactions with a zero object class. A monthly review of expense transactions
will identify those with a zero object class.
Fiscal
Year Report Number Report Title Date Issued
2015 2014-08-EOIG FY 2014 Federal Information Security 12/16/14
Management Act Report
Development of a risk assessment at the organization and mission/business level, to
include field offices
19
OIG Semiannual Report October 1, 2015–March 31, 2016
EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT
Update to system-level risk assessment report
Improvement to Bring Your Own Device program
Improvement to privacy notifications on the EEOC official website and alerts when
visitors are directed to nongovernment websites
Improvement to virtual private network configuration settings for password length
Implementation of encryption to protect digital backup media during transport
Update to policies and procedures to include EEOC’s response time for security alerts
Update to policies and procedures to include a file integrity process for detecting
unauthorized changes to software, firmware, and information
Improved monitoring of laptops issued to employees for disaster recovery through
ensuring that patches and updates are installed for operating systems, antivirus software,
and other security applications
Implementation of background checks for student interns to ensure that international
visas are current
Improvement to the security awareness training program to ensure that all personnel in
field offices that use information systems receive annual training
Development of policies and procedures to properly manage physical security access
cards
Implementation of full device encryption or container-based encryption for mobile
laptops
Development of Continuity of Operations plans for field offices
Development of a telecommuting policy that meets the requirements of the Federal
Information Security Management Act of 2002
Development of policies and procedures for managing shared group accounts
Improvement to account management procedures, including disabling inactive accounts
as required
Improved control over physical access to the data center and technology storage room
20
OIG Semiannual Report October 1, 2015–March 31, 2016
EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT
Resolution of high and medium vulnerabilities identified in the internal vulnerability
assessment
Fiscal
Year Report Number Report Title Date Issued
2014 2013-08-PSA Performance Audit of the Agency’s 9/4/14
Personnel Security Program
Identify all headquarters and field offices where classified national security information
is safeguarded, handled, processed, reproduced, transmitted, transported, or destroyed
Identify all EEOC employees with
o current or prior access to classified national security information;
o a current adjudicated security clearance and the sponsoring agency, if applicable;
and
o special access or interim clearance and the sponsoring agency, if applicable
Develop and implement policies and procedures to address the safeguarding, transfer,
storage, or disposal of classified information. The policy should include the requirements
for memorandums of understanding (MOUs) between agencies.
Implement a formalized training program for individuals who use classified information
as a part of their duties. If an external agency is to assume the responsibility of training
these individuals, this agreement should be documented in an MOU.
Perform and document an assessment/evaluation of current classified information
practices and safeguarding at headquarters and field offices to determine any
noncompliance. Take immediate corrective action to address any noncompliance noted.
Incorporate a review of controls over classified information in EEOC’s annual FMFIA
process
Complete risk designations for the remaining estimated 194 EEOC covered positions
Complete and begin any outstanding reinvestigations as required by the Code of Federal
Regulation
21
OIG Semiannual Report October 1, 2015–March 31, 2016
EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT
Adhere to EEOC policy and federal requirements pertaining to reinvestigations. EEOC
should follow its internal policy until further guidance is provided by the Office of
Personnel Management (OPM).
Update the policy for the Federal Personnel/Payroll System (FPPS) with a timeline, and
implement the revised standard.
Review all employee electronic official personnel folders to ensure proper inclusion of
the employee’s conflict of interest (COI) disclosure, and in instances where the
documentation is missing, insert it
Report any outstanding EEOC adjudication decisions to OPM and, going forward, adhere
to the 90-day timeline
Develop and implement a procedure to maintain relevant evidence documenting that the
EEOC has informed OPM of the adjudication decisions it has made
Explore using alternative staffing options, such as contract employees, part-time
employees, or employees on detail in order to become current on risk designations,
reinvestigations, the FPPS, COIs, and adjudication reporting. Document the process of
deciding what type of employees to use for this work.
Update and implement comprehensive policies and procedures for physical security.
These policies and procedures should include but not be limited to the following:
o Providing training for the Federal Supply Class member or designee at each field
office location at least annually
o Developing and implementing an on-site field office security assessment program
that includes performing assessments and/or spot checks of field office security
measures by the OCFO on a rotational basis as it relates to Interagency Security
Committee requirements
o Assisting field offices and ensuring that they correct noted security weaknesses or
document acceptance of risk where EEOC has determined corrective action will
not be taken
Revise the field office self-assessment checklist to include facility security and
credentialing information
Immediately correct any known weaknesses. If EEOC decides not to correct a noted
weakness, it should document this analysis and its acceptance of the associated risk.
Increase coordination between OCFO and OFP to improve field office security posture,
awareness, and training to ensure compliance with applicable EEOC orders and guides;
22
OIG Semiannual Report October 1, 2015–March 31, 2016
EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT
with Facility Security Committees: An Interagency Security Committee (ISC) Standard,
second edition, dated January 1, 2012; and with other applicable ISC standards.
Fiscal
Year Report Number Report Title Date Issued
2014 2013-FIN-01 FY 2013 Financial Statement Audit 12/16/13
Open Recommendations:
EEOC should update and revise the manner in which it controls the maintenance of its official
personnel files. Additionally, management should perform a thorough review of its
employees’ personnel files to ensure that documentation is current and complete. (Repeat
finding from 2012)
Fiscal
Year Report Number Report Title Date Issued
2014 2013-02-FIN FY 2013 Financial Statement Management 1/31/14
Letter Report
Open Recommendations:
EEOC should work toward prompt resolution of these differences because this is an essential
component of financial data integrity, and its absence compromises the integrity of the
financial reporting.
EEOC management should consistently review and approve all documents as prescribed by
its policies and procedures. Policies and procedures should be reviewed and updated to ensure
they reflect the most current protocol.
EEOC should ensure that its property records contain accurate and complete property
information. A review of property records and property inventory should be conducted at least
annually, but preferably semiannually.
EEOC should establish and implement controls to prevent waste, fraud, and misuse in the
credit card program. On an annual basis, EEOC should review and update the Charge Card
Program Guide for substantial changes. Additionally, EEOC should monitor the controls to
ensure that they are working effectively.
Fiscal
Year Report Number Report Title Date Issued
2014 2013-05- FY 2013 Federal Information Security 12/10/13
FISMA Management Act Report
Open Recommendations:
23
OIG Semiannual Report October 1, 2015–March 31, 2016
EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT
The OIG recommends that the EEOC Office of Information Technology (OIT) define the
configuration items (hardware/software inventory) for the information system within the
configuration management plan. The OIG recommends that the OIT document the
hardware/software inventory in the configuration management plan or provide a direct
reference to where the current hardware/software inventory lists are located.
The OIG recommends that the EEOC OIT implement multifactor authentication for remote
access. The OIG further recommends that the multifactor authentication use one factor
provided by a device separate from the computer gaining access. (Repeat finding from 2008)
The OIG recommends that the OIT ensure that all configuration change request forms are
signed in order to document review and approval.
The OIG recommends that the EEOC OIT include in its change request forms an option box
or check box to indicate an emergency change, so that the Change Configuration Board
approvers have enough information pertaining to the type of change request.
The OIG recommends that the EEOC Office of Chief Human Capital Officer work with
EEOC headquarters’ administrative officers and district directors regarding (1) implementing
procedures to ensure compliance with EEOC Order 501.006 Clearance Procedures, and (2)
implementing procedures to ensure that all separated/terminated EEOC employees complete
the exit questionnaire and EEOC Form 470, Contractor and Employee Clearance Record.
Fiscal
Year Report Number Report Title Date Issued
2013 2012-09-REV Review of Evaluations 04/09/2013
Open Recommendations:
EEOC should further standardize intake procedures across field offices.
EEOC should document criteria for determining Category C charges.
EEOC should continue efforts to develop a national approach for addressing and eliminating
systemic discrimination.
EEOC should continue to review the range of information obtained during intake interviews
and review the manner in which the intake information is stored in the Integrated Mission
System.
EEOC should investigate the merits of expanding the information it obtains related to
employee hiring and terminations.
24
OIG Semiannual Report October 1, 2015–March 31, 2016
EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT
Fiscal
Year Report Number Report Title Date Issued
2013 2012-01-FIN FY 2012 Financial Statement Audit Report 11/16/2012
Open Recommendations:
EEOC should document and monitor implementation of all complementary user control
considerations. (Repeat finding from 2010)
Fiscal
Year Report Number Report Title Date Issued
2013 2012-03- FY 2012 Federal Information Security 11/14/2012
FISMA Management Act Report
Open Recommendations:
EEOC management should revise the Agency’s policy to correctly reflect the entire severity
rating list published by the United States Computer Emergency Readiness Team (US-CERT).
Fiscal
Year Report Number Report Title Date Issued
2013 2012-02-FIN FY 2012 Financial Statement Management 12/19/2012
Letter Report
Open Recommendations:
EEOC should implement stringent reconciliation and resolution procedures for reconciliation
of management reports and subledgers to Financial Control System (FCS) general ledger data.
Fiscal
Year Report Number Report Title Date Issued
2013 2012-10-PMEV Evaluation of EEOC’s Performance 03/21/2013
Measures
Open Recommendations:
EEOC should expand the new Strategic Enforcement Plan requirement for quarterly reviews.
EEOC management would likely benefit considerably from the implementation of quarterly
data-driven reviews such as those required by large Federal agencies.
EEOC should provide its Commissioners and managers with easy access to relevant
disaggregation of outcome values. Outcome data should be broken out by such characteristics
as priority level, industry, and key characteristics of charging parties.
25
OIG Semiannual Report October 1, 2015–March 31, 2016
EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT
Fiscal
Year Report Number Report Title Date Issued
2013 2012-08- Performance Audit of EEOC Charge Card 03/28/2013
PURCH Program
Open Recommendations:
EEOC should perform further analysis on its government charge card operations to identify
the controls to be implemented in compliance with OMB directives. Specifically, the EEOC
must review and update the identification of procedures performed using the new accounting
system (FCS) as well as the current duties of personnel interacting with the system. The
EEOC should meet with all process lead personnel to determine what controls are or should
be in place to ensure that fraud, waste, abuse, and misuse are not present in the charge card
program. The EEOC should identify all requirements in OMB Circular A-123, Appendix B,
and determine the procedures necessary to comply with the requirements and ensure that
policies and procedures are reviewed on an annual basis, or more frequently if substantial
changes have occurred in EEOC’s systems or if laws and regulations have been issued. This
will help to ensure that policies and procedures are appropriate for the current environment.
EEOC should develop a system to (1) identify and track all charge card activity, including
open accounts, closed accounts, cardholder approver levels, and cardholder training; (2)
perform an evaluation of service providers’ controls over the charge card program to ensure
that controls are appropriate and operating effectively; and (3) monitor all controls, whether
performed at EEOC or at a service provider, at least annually, to ensure that controls remain
adequate and continue to operate effectively.
EEOC should develop policies and procedures to identify and track all required training of
cardholders. Documentation should be maintained following National Archives and Records
Administration requirements for cardholders who have successfully completed training
requirements.
EEOC should develop controls over the retention of application documents for charge card
accounts.
EEOC should monitor controls over transaction approval, whether performed at EEOC or at a
service provider.
EEOC should implement policies and procedures regarding record retention for purchase and
travel card transactions.
EEOC should develop and implement policies to require reviews of total cardholder activity
to ensure compliance with monthly spending authority for all cardholders. Management
should maintain documentation of authority to exceed cardholders’ spending limits. Penalties
for exceeding authorized spending limits should be established and enforced.
26
OIG Semiannual Report October 1, 2015–March 31, 2016
EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT
EEOC should develop and implement policies and procedures to use data mining to monitor
charge card activity.
Fiscal Report
Year Number Report Title Date Issued
2008 2008-03-AMR Oversight of Federal Agency Reporting 09/26/2008
Management Directive 715 (MD-715) and
Related Topics
Open Recommendations:
EEOC should require Federal agencies to submit Part G of their Equal Employment
Opportunity assessment with their annual EEOC Management Directive MD-715
submissions.
As required by Section 5(a)(10) of the Inspector General Act of 1978, as amended, semiannual
reports must include a summary of each audit report issued before the start of the reporting
period for which no management decision has been made by the end of the reporting period. The
OIG has no audit or evaluation reports that were issued before the reporting period began for
which no management decision has been made.
27
OIG Semiannual Report October 1, 2015–March 31, 2016
EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT
THE INVESTIGATION PROGRAM
The Investigation Program supports the OIG’s strategic goal to focus
limited investigative resources on issues that represent the greatest risk
and offer the maximum opportunity to detect and prevent fraud, waste,
and abuse in EEOC programs and operations.
INVESTIGATIVE INQUIRIES
Investigative Inquires Received
October 1, 2015–March 31, 2016
Allegations Number
102
Charge processing
Other statutes 46
Title VII 73
Mismanagement 8
Ethics violations 5
Backgrounds 7
Theft 0
Threats 1
Fraud 2
Other criminal allegations 1
Congressional inquiries 1
Total 246
28
OIG Semiannual Report October 1, 2015–March 31, 2016
EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT
COMPLETED INVESTIGATIVE ACTIVITIES
Fraud/Theft
The OIG investigated an allegation of fraud involving a respondent employer who, based upon
information provided by a mediator under contract with the EEOC, issued a settlement payment
of $5,000 to the wrong person.
The investigation disclosed that the contract mediator (mediator) conducted a telephonic
mediation with the parties in an effort to resolve the allegations of discrimination contained in
the complaint brought by the charging party. The mediator had not received written authorization
to conduct the telephonic mediation. Further, he failed to exercise appropriate due diligence by
confirming the identity of the individual he believed to be the charging party.
The evidence establishes the two people with the same last name both had discrimination charges
with the EEOC against the respondent employer. As a result of the mediator’s failure to confirm
the identity of the charging party, he conducted the mediation with the wrong charging party.
The mediation resulted in a resolution of the charges that included a payment in the amount of
$5000. Subsequent to the settlement, the respondent’s counsel, who participated in the
mediation, discovered the discrepancy and alleged that fraudulent activity had occurred in the
mediation.
There is no evidence of any criminal intent on the part of the individual who received the
payment, and no evidence of any collusion between the mediator and the recipient of the
payment. No further action was warranted by the OIG and the matter was closed.
ONGOING INVESTIGATIVE ACTIVITIES
The OIG has ongoing investigations in several field offices involving ethics violations, conflicts
of interest, fraud, falsification of government records, misuse of travel and purchase cards,
misuse of position, and threats against the Agency.
29
OIG Semiannual Report October 1, 2015–March 31, 2016
EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT
APPENDIX I. FINAL OIG AUDIT AND EVALUATION REPORTS
Funds
Questioned Put to Unsupported
Report Title Date Issued
Costs Better Costs
Use
FY 2015 Agency Compliance
with the Federal Managers’ 11/13/15 $0 $0 $0
Financial Integrity Act
Audit of the EEOC’s FY 2015
Financial Statements 11/16/15 $0 $0 $0
FY 2015 Federal Information
Security Modernization Act 12/16/15 $0 $0 $0
Report
FY 2015 Financial Statement
Audit Management Letter 1/15/16 $0 $0 $0
Report
FY 2015 Risk Assessment of
EEOC’s Purchase Card 2/4/16 $0 $0 $0
Program
Report to OMB on Agency
Progress in Implementing the 2/5/16 $0 $0 $0
Government Charge Card
Abuse Prevention Act of 2012
30
OIG Semiannual Report October 1, 2015–March 31, 2016
EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT
APPENDIX II. INDEX OF REPORTING REQUIREMENTS
Inspector
General Act Reporting Requirements Page
Citation
Section 4(a)(2) Review of legislation and regulations N/A
Section 5(a)(1) Significant problems, abuses, and deficiencies 11–29
Recommendations with respect to significant problems,
Section 5(a)(2) 11-15
abuses, and deficiencies
Significant recommendations included in previous reports
Section 5(a)(3) 17–27
on which corrective action has not been completed
Section 5(a)(4) Matters referred to prosecutorial authorities N/A
Section 5(a)(5) Summary of instances where information was refused N/A
Section 5(a)(6) List of audit reports 16-17
Section 5(a)(7) Summary of significant reports 11–15
Section 5(a)(8) Questioned and unsupported costs 30
Section 5(a)(9) Recommendations that funds be put to better use 30
Summary of audit reports issued before the commencement
Section 5(a)(10) of the reporting period for which no management decision 27
has been made
Significant management decisions that were revised during
Section 5(a)(11) N/A
the reporting period
Significant management decisions with which the office of
Section 5(a)(12) N/A
inspector general disagreed
31
OIG Semiannual Report October 1, 2015–March 31, 2016
EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT
APPENDIX III. SINGLE AUDIT ACT REPORTS
The Single Audit Act of 1984 requires recipients of Federal funds to arrange for audits of
their activities. Federal agencies that award these funds must receive annual audit reports
to determine whether prompt and appropriate corrective action has been taken in response
to audit findings. During the reporting period, the OIG received one audit report issued
by a public accounting firm concerning a Fair Employment Practice Agency (FEPA) that
has a work-sharing agreement with EEOC. Thus, no audit findings for the FEPA
involved EEOC funds.
32
OIG Semiannual Report October 1, 2015–March 31, 2016
EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT
33
OIG Semiannual Report October 1, 2015–March 31, 2016
Semiannual Report: Oct-Mar 2016
Published by the Equal Employment Opportunity Commission, Office of Inspector General on 2016-05-01.
Below is a raw (and likely hideous) rendition of the original report. (PDF)