oversight

Semiannual Report: Oct-Mar 2017

Published by the Equal Employment Opportunity Commission, Office of Inspector General on 2017-06-13.

Below is a raw (and likely hideous) rendition of the original report. (PDF)

    U.S. Equal Employment Opportunity Commission




                     Office of Inspector General

                 Semiannual Report to the U.S. Congress
                  




                       October 1, 2016 - March 31, 2017
 

 

                              Milton A. Mayo Jr.

                               Inspector General
                         OIG VISION

Effective, efficient and accountable oversight of Agency programs,
                      operations, and personnel.




                        OIG MISSION

   To detect and prevent waste, fraud, and abuse and promote
   economy, efficiency, and effectiveness in the programs and
 operations of the Equal Employment Opportunity Commission.
     EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT	

Contents
Message from the Inspector General …………………………………………...                       3

Executive Summary ……………………………………………………………                                    4

Introduction ……………………………………………………………………                                      5

The Audit and Evaluation Program ……………………………………………                           7

Completed Projects
New and Ongoing Audit and Evaluation Projects
Proposed Projects
Cooperative Audit Resolution Oversight Initiative
Audit Follow-up

The Investigation Program …………………………………………………….                              22

Investigative Inquiries
Completed Investigative Activities
Ongoing Investigative Activities

Appendices …………………………………………………………………….                                     24
Appendix I.    Final OIG Audit, Evaluation, and Review Reports
Appendix II.   Investigative Statistical Report
Appendix III.  Report on each investigation conducted by the Office involving a senior
               government employee where allegations of misconduct were substantiated
Appendix IV.   A detailed description of any instance of whistleblower retaliation
Appendix V.    A detailed description of any attempt by the establishment to interfere with the
               independence of the Office
Appendix VI.   Detailed description of the particular circumstance
Appendix VII.  Index of Reporting Requirements
Appendix VIII. Single Audit Act Reports
Appendix IX.   Peer Review Reporting




                                                                                                  1
            OIG Semiannual Report                   October 1, 2016–March 31, 2017
EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT	




             THIS PAGE INTENTIONALLY LEFT BLANK




                                                               2
   OIG Semiannual Report      October 1, 2016–March 31, 2017
     EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT	

Message from the Inspector General

In accordance with the Inspector General Act of 1978, as amended, I am pleased to submit this
Semiannual Report to Congress summarizing activities of the U.S. Equal Employment Opportunity
Commission’s (EEOC), Office of Inspector General (OIG), for the 6-month period that ended March
31, 2017. The OIG is a multidisciplinary organization that provides independent, objective oversight for
the EEOC programs, operations, and personnel. Section 5 of the Inspector General Act of 1978, as
amended, requires the Agency Head to transmit this semiannual report to the appropriate committees or
subcommittees, of the U.S. Congress within 30 days of its receipt. Also, as requested, we are providing
a copy of our semiannual report to Chairmen Grassley and Johnson.

On December 16, 2016, President Obama signed into law H.R. 6450, the Inspector General
Empowerment Act of 2016, (IG Empowerment Act). The IG Empowerment Act strengthens federal
Inspectors’ General ability to have timely and complete access to Agency data, information, and
materials needed to identify and address Agency fraud, waste, and abuse related to agency programs
and operations. The passage of this law enhances our ability to fully carry out our mandate to
independently and objectively conduct and supervise audits, evaluations, inspections, and
investigations; prevent and detect fraud, waste, and abuse; and promote economy, effectiveness, and
efficiency in programs and operations.

During the reporting period, President Donald J. Trump appointed Commissioner Victoria A. Lipnic to
serve as Acting Chair of the Agency, taking the place of Chair Jenny R. Yang. We would like to thank
Chair Yang for her dedicated service and leadership during her tenure as Chair. We look forward to
working with Acting Chair Lipnic, Agency senior leadership, the Commissioners, and the EEOC
community at-large as we continue to perform our mission of detecting and preventing waste, fraud, and
abuse and promoting economy, efficiency, and effectiveness in the programs and operations of the Equal
Employment Opportunity Commission.


Respectfully submitted,




Milton A. Mayo Jr.
Inspector General




                                                                                                      3
            OIG Semiannual Report                    October 1, 2016–March 31, 2017
       EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT	

Executive Summary
This semiannual report is issued by the Equal Employment Opportunity Commission’s (EEOC’s),
Office of Inspector General (OIG) pursuant to the Inspector General Act of 1978, as amended. It
summarizes our activities and accomplishments for the period October 1, 2016 through March 31, 2017.

During this period, our office issued three final audit/evaluation reports, and two reviews. Our office
received 360 hotline inquiries: of which 129 were charge processing; 124 were complaints related to
Title VII of the Civil Rights Act of 1964, as amended; and 107 were other investigative allegations.

Our completed, newly initiated, ongoing, and preliminary survey projects include the following:

Completed

       Harper, Rains, Knight & Company, P.A. (HRK), audited the financial statements of the EEOC
        for FY 2016 and issued an unmodified opinion;
       HRK issued the Management Letter Report for FY 2016 Financial Statement Audit. The
        Management Letter Report, prepared by HRK, provides additional information regarding a
        significant deficiency contained in the Financial Statement Audit;
       Brown & Company CPAs and Management Consultants, PLLC (Brown & Company) conducted
        an independent evaluation of EEOC’s information security program for FY 2016. Based on this
        evaluation, the EEOC continued to make positive strides in addressing information security
        weaknesses. However, the Agency still faces challenges to fully implement information security
        requirements as stipulated in various federal guidelines and mandates;
       Our annual report to the Chair validated the Agency’s compliance with the Federal Managers’
        Financial Integrity Act (FMFIA). We concluded that the Agency’s management control
        evaluation was conducted in accordance with FMFIA and applicable OMB regulations; and
       Our Digital Accountability and Transparency Act (DATA Act) Readiness Review concluded
        that the EEOC was on schedule to comply with DATA Act reporting requirements.

Ongoing, Newly Initiated and Proposed Projects

       We have contracted with the public accounting firm of Harper, Rains, Knight & Co. (HRK),
        P.A., to perform the FY 2017, EEOC Financial Statement Audit. Work is currently ongoing.
       We are conducting our periodic risk assessment of the EEOC purchase card program, including
        convenience checks and travel cards, to determine the frequency and scope of future audits.
       Evaluation of EEOC’s Use of Data Analytics.
       Evaluation of EEOC’s Interagency Agreements.
       FY 2017 Independent Evaluation of EEOC’s Compliance with the Federal Information Security
        Modernization Act of 2014.
       Our office has ongoing investigations in several field offices involving such matters as: ethics
        violations, conflicts of interest, misuse of position, mismanagement, false statements, and
        falsification of government records.




                                                                                                      4
             OIG Semiannual Report                   October 1, 2016–March 31, 2017
     EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT	

Introduction
The Equal Employment Opportunity Commission
The Equal Employment Opportunity Commission (EEOC) is the Federal agency responsible for
enforcement of Title VII of the Civil Rights Act of 1964, as amended, the Equal Pay Act of 1963, the
Age Discrimination in Employment Act of 1967, Sections 501 and 505 of the Rehabilitation Act of 1973
(in the Federal sector only), Title I of the Americans with Disabilities Act of 1990 and the Americans
with Disabilities Act Amendments Act of 2008, Sections 102 and 103 of the Civil Rights Act of 1991,
the Lilly Ledbetter Fair Pay Act of 2009, and the Genetic Information Nondiscrimination Act of 2008.
These statutes prohibit employment discrimination based on race, sex, color, religion, national origin,
age, disability, and genetic information.
EEOC is also responsible for carrying out Executive Order 12067, which promotes coordination and
minimizes conflict and duplication among Federal agencies that administer statutes or regulations
involving employment discrimination.
EEOC is a bipartisan commission composed of five presidentially-appointed members, which include a
Chair, a Vice Chair, and three Commissioners. The Chair is responsible for the administration and
implementation of policy and for the Commission’s financial management and organizational
development. The Vice Chair and the Commissioners equally participate in developing and approving
EEOC policies, issuing charges of discrimination where appropriate, and authorizing the filing of
lawsuits. In addition, the President appoints a General Counsel who is responsible for conducting
litigation under the laws enforced by the Commission.
Currently, the Agency has an Acting Chair and three presidentially-appointed Commissioners. The
General Counsel position is vacant.

The Office of Inspector General
The U.S. Congress established the Office of Inspector General at EEOC through the 1988 amendments
to the Inspector General Act of 1978. These amendments expanded the authority of designated Federal
entities to create independent and objective OIGs. Under the direction of the Inspector General (IG), the
OIG meets this statutory responsibility by conducting and supervising audits, evaluations, and
investigations relating to Agency programs and operations. The OIG provides leadership, coordination
and recommendations concerning policies for activities designed to promote economy, efficiency, and
effectiveness in administering programs and operations.
The Inspector General Reform Act of 2008 (Public Law No.110-409) strengthened the independence of
IGs, increased their resources and held them more accountable for their performance. The OIG is under
the supervision of the IG, an independent EEOC official subject to general supervision by the Chair.
The IG must not be prevented or prohibited by the Chair or any other EEOC official from initiating,
carrying out, and/or completing any audit, investigation, evaluation, or other inquiry or from issuing any
report.
The Inspector General Empowerment Act of 2016 (Public Law No. 114-317) further strengthened the
independence of the IG. The Empowerment Act enhances the IG’s ability to fight waste, fraud, abuse,
and misconduct, protects whistleblowers who share information with an IG, increases government

                                                                                                        5
             OIG Semiannual Report                    October 1, 2016–March 31, 2017
     EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT	

transparency, and bolsters the public’s confidence in the independence of IGs. The Empowerment Act
also ensures the IG has “timely access to all records, reports, audits, reviews, documents, papers,
recommendations, or other materials” that are related to the oversight of their respective agency’s
programs and operations.
The IG provides overall direction, coordination, and leadership to the OIG. The IG is the principal
advisor to the Chair regarding all audit, evaluation, and investigative matters relating to the prevention,
identification, and elimination of fraud, waste, and abuse in any EEOC program or operation. The IG
strives to ensure effectiveness and efficiency of Agency programs and operations and recommends the
proper boundaries of audit and investigative jurisdiction between the OIG and other EEOC
organizations. The IG also develops a separate and independent annual budget for the OIG, responds
directly to inquiries from the public, Congress, or the news media, and prepares press releases,
statements, and other information about the OIG’s activities.
The Deputy Inspector General serves as the IG’s alter ego and participates fully in policy development
and has primary responsibility for the management of the OIG’s audit, evaluation, investigation, and
support operations. Since January 2010, the Counsel to the IG has served and continues to serve as the
Acting Deputy Inspector General.
The Counsel to the Inspector General is the sole legal advisor in the OIG, providing day-to-day oversight
of the OIG’s investigative work, and is the primary liaison with Agency legal components and the
Department of Justice.
In addition to these positions, the OIG staff includes a chief technology officer, an evaluator, two
auditors, two criminal investigators, and an administrative specialist.
As mentioned in the previous Semiannual Report, the Deputy Inspector General and Confidential
Support Assistant positions remain vacant. The OIG anticipates that the position of Senior Auditor will
become vacant during the third quarter of this fiscal year.




                                                                                                         6
             OIG Semiannual Report                    October 1, 2016–March 31, 2017
     EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT	

                  The Audit and Evaluation Program
                  The Audit and Evaluation Program supports the OIG’s strategic goal of improving
                  the economy, efficiency, and effectiveness of EEOC programs, operations, and
                  activities.




Completed Audits, Evaluations, and Reviews
Audit of the EEOC’s Fiscal Year 2016 Financial Statements (OIG Report
No. 2016-01-AOIG)

On November 15, 2016, our office issued its Fiscal Year (FY) 2016 Financial Statements Audit of the
EEOC. The independent public accounting firm of Harper, Rains, Knight & Company, P.A. (HRK),
audited the financial statements of the EEOC for FY 2016 and issued an unmodified opinion. HRK
reported that the EEOC’s FY 2016 financial statements and notes were fairly presented in all material
aspects and in accordance with generally accepted accounting principles. As reported previously, the
lack of sufficient controls regarding supporting documentation for payroll expenses continues to be an
Agency significant deficiency. HRK noted no instances of noncompliance or other matters that were
required to be reported under Government Auditing Standards or the Office of Management and Budget
(OMB) Bulletin 15-02, Audit Requirements for Federal Financial Statements.
Management Letter Report for FY 2016 Financial Statements Audit (OIG Report No. 2016-02-
AOIG)

On January 17, 2017, our office issued the Management Letter Report for the FY 2016 Financial
Statements Audit. The Management Letter Report prepared by HRK provided additional information
about the significant deficiency contained in the Financial Statements Audit Report. This report also
identified other control weaknesses. The Management Letter Report identified internal control
deficiencies in the following areas:

Appendix A-I Identified Deficiencies:
    Standard Operating Procedures
    Noncompliance with Requirements of Federal Managers’ Financial Integrity Act (FMFIA)
    Internal Control over Central Accounting and Reporting System (CARS)
    Management Review and Approval
    Internal Control over Financial Reporting

Appendix A-II Significant Deficiency:
    Lack of Sufficient Controls Over Supporting Documentation for Payroll Expenses

Agency senior management concurred with all findings and recommendations.



                                                                                                    7
            OIG Semiannual Report                   October 1, 2016–March 31, 2017
       EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT	

Independent Evaluation of the U.S. Equal Employment Opportunity Commission’s Compliance
with Provisions of the Federal Information Security Modernization Act of 2014 (FISMA) (OIG
Report No. 2016-08-EOIG)

On January 7, 2017, our office issued its Independent Evaluation of EEOC’s Compliance with
Provisions of the Federal Information Security Modernization Act of 2014 (FISMA). For FY 2016, we
contracted with Brown & Company CPAs and Management Consultants, PLLC (Brown & Company)
to conduct the independent evaluation. Based on the results of its independent evaluation, Brown &
Company concluded that the EEOC continued to make progress in addressing information security
weaknesses. However, the agency still faces challenges to fully implement information security
requirements as stipulated in various federal guidelines and mandates.
Agency senior management concurred with all reported findings and recommendations.

Agency Compliance with the Federal Managers’ Financial Integrity Act (OIG Report No. 2016-
08-AOIG)

On November 14, 2016, our office issued its annual report to the Chair, validating the Agency’s
compliance with the Federal Managers’ Financial Integrity Act (FMFIA). The Office of Management
and Budget Circular A-123, Management’s Responsibility for Internal Control, as implemented by
EEOC Order 195.001, Management Accountability and Controls, requires the OIG to annually provide
a written advisory to the head of the Agency that the Agency’s management control evaluation process
complied with the Office of Management and Budget (OMB) guidelines.

We concluded that the Agency’s management control evaluation was conducted in accordance with
FMFIA and applicable OMB regulations.

DATA Act Readiness Review (OIG Report No. 2017-03-AOIG)

On March 30, 2017, our office issued its Digital Accountability and Transparency Act (DATA Act)
Readiness Review. The objective of the review was to gain an understanding of the processes, systems,
and controls which the EEOC implemented or planned to implement to report Agency expenditures in
accordance with the DATA Act reporting requirements. Based on the review, our office made three
suggestions to EEOC to better implement the DATA Act. The suggestions were:

       The EEOC’s Senior Accountable Officer (SAO) should establish a workgroup in accordance
        with the DATA Act Playbook to provide oversight of the DATA Act implementation;
       The SAO should fully document the specific roles between the EEOC and its shared service
        provider, the Interior Business Center (IBC). Also, EEOC should continue to work closely with
        IBC to stay current of progress and any challenges that may arise; and
       That the EEOC should prepare an Implementation Plan in accordance with the DATA Act
        Playbook.




                                                                                                   8
             OIG Semiannual Report                 October 1, 2016–March 31, 2017
       EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT	

New and Ongoing Audit and Evaluation Projects
FY 2017 Audit of the Consolidated EEOC Financial Statements

Our office recently exercised the second option year of its contract with the public accounting firm HRK
to perform the 2017 Financial Statements Audit of the EEOC. Fieldwork is ongoing and the audit
opinion will be included in the Agency’s 2017 Performance Accountability Report (PAR). Upon
issuance of the Financial Statements Audit report, HRK will issue a Management Letter identifying
other internal control deficiencies.

Improper Payments Reporting for FY 2016

Our office requested information from EEOC management to assist in identifying and reporting
erroneous or improper payments for FY 2016. The Improper Payment Information Act (IPIA) of 2002,
as amended by the Improper Payments Elimination and Recovery Improvement Act of 2012 (IPERIA)
and the Improper Payments Elimination and Recovery Act of 2010 (IPERA), requires agencies to
estimate and report on improper payments, and agency actions to reduce them, to the President and
Congress.
Risk Assessment of EEOC Purchase Card Program

In accordance with the Government Charge Card Abuse Prevention Act of 2012 (Public Law No. 112-
194), we are conducting our periodic risk assessment of the EEOC purchase card program, including
convenience checks and travel cards, to determine the frequency and scope of future audits.
FY 2017 Independent Evaluation of the Agency’s Adherence to the Federal Information Security
Modernization Act of 2014

The public accounting firm of Brown and Company, CPAs PLLC., will perform the FY 2017
Independent Evaluation of the Agency’s adherence to the Federal Information Security Modernization
Act (FISMA) of 2014.

Proposed Projects
We conducted planning during the reporting period for two projects.
Evaluation of EEOC’s Use of Data Analytics

The overall objective is to assess EEOC’s data analytic strategies and capabilities. Planned work
includes:

       Assess the strengths and weaknesses of EEOC’s data analytics culture, strategy and tactics, and
        capabilities (people, processes, technologies, and financial resources)
       Assess EEOC’s strategies for ensuring the validity and accuracy of EEOC’s most critical
        databases (field and headquarters)
       Assess key documents that relate to EEOC’s analytical capabilities


                                                                                                      9
             OIG Semiannual Report                   October 1, 2016–March 31, 2017
       EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT	

       Assess EEOC’s strategies and capabilities regarding predictive analysis using available EEOC
        datasets
       Identify improvements, opportunities, and best practices, regarding EEOC’s data analytics
        activities and predictive analysis

Work on this project is scheduled to begin in August 2017.
Evaluation of EEOC’s Interagency Agreements

We plan to assess the business approach and management of EEOC’s memoranda of understanding and
other interagency agreements. Planned work includes:
     Identify areas of potential cost savings
     Identify areas of possible improvement regarding development, management and compliance
        with agreements.

Work regarding this evaluation is scheduled to begin in June 2017.




                                                                                                 10
             OIG Semiannual Report                  October 1, 2016–March 31, 2017
     EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT	

Audit Follow-Up
Audit follow-up is an integral part of good management and is a shared responsibility of Agency
management officials and auditors. Corrective action taken by management to resolve findings and
recommendations is essential to improving the effectiveness and efficiency of Agency operations.

Section 5(a)(1) of the Inspector General Act of 1978, as amended, requires that semiannual reports
include a summary description of significant problems, abuses, and deficiencies relating to the Agency’s
administration of programs and operations disclosed by the OIG during the reporting period. Five new
reports were issued during this reporting period (October 1, 2016–March 31, 2017). Three of those
reports contained recommendations.

                       Reports Issued During This Reporting Period


    Fiscal Year       Report Number          Report Title        Date Issued         Findings and
                                                                                   Recommendations
       2017           2016-08-AOIG             Agency             11/14/2016              No
                                          Compliance with
                                             the Federal
                                             Managers’
                                              Financial
                                           Integrity Act
       2017           2016-01-AOIG            FY 2016             11/15/2016              Yes
                                              Financial
                                          Statement Audit
                                           of the EEOC
       2017           2016-02-AOIG            FY 2016             01/17/2017              Yes
                                           Management
                                           Letter Report
       2017            2016-08-EOIG        2016 Federal           01/07/2017              Yes
                                            Information
                                               Security
                                          Management Act
                                            Independent
                                             Evaluation
       2017           2017-03-AOIG          DATA ACT              03/30/2017               No
                                              Readiness
                                               Review




                                                                                                     11
              OIG Semiannual Report                  October 1, 2016–March 31, 2017
     EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT	

As required by Section 5(a)(3) of the Inspector General Act of 1978, as amended, semiannual reports
shall provide an identification of each significant recommendation described in previous semiannual
reports on which corrective action has not been completed.

We are reporting 16 reviews with a total of 58 open recommendations for this reporting period. The
following table shows these recommendations for which corrective actions have not been completed.

Cooperative Audit Resolution Oversight Initiative (CAROI)
In FY 2012, we piloted the Cooperative Audit Resolution Oversight Initiative (CAROI) to improve
resolution of recommendations contained in OIG reports that require audit follow-up. During the
reporting period, recommendations from two projects were closed using CAROI.


       Audit, Evaluation, or Review Name                   Number of Recommendations
                                                                     Closed
    Performance Audit of EEOC Charge Card                               5
                   Program
     An Exploratory Evaluation of EEOC’s                                13
                  Litigation




                                                                                                12
            OIG Semiannual Report                 October 1, 2016–March 31, 2017
      EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT	

Recommendations for Which Corrective Actions Have Not Been Completed

  Fiscal
  Year       Report Number        Report Title                                             Date Issued

  2016       2015-01-LIT            An Exploratory Evaluation of EEOC’s                    7/8/16
                                            Litigation Activities

      Provide all Priority Charge Handling Process (PCHP) definitions and criteria for classifying
       charges in one document that also explains the relationship between “SA” classifications,
       systemic cases, and Strategic Enforcement Plan (SEP)/District Complement Plan (DCP)
       priorities.
      Provide more guidance regarding the field attorneys’ expected role in the priority charge
       handling procedures, including how systemic cases fit into operational directives.
      Emphasize the need for attorneys to explain to investigators when decisions are made whether
       to litigate or pursue another course of action, especially when the investigator had spent
       considerable time developing the case.
      Examine whether ORIP and Research and Analytic Services (RAS) should continue to be
       siloed in their efforts to provide expert statistical analysis and investigate the reported concerns
       about the timeliness and, in some cases, the substance of statistical analyses prepared during
       the investigative process.
      Investigate options for addressing the inefficiencies inherent in the rigid separation of ORIP and
       RAS statistical analytic services.
      Develop a process for tracking compliance with injunctive relief contained in consent decrees
      Reexamine the EEOC’s performance measurements.
      Examine the EEOC’s exit-interview process and the findings from these interviews to better
       understand reasons for turnover.

  Fiscal
  Year       Report Number                            Report Title                           Date Issued

   2016       2015-01-FIN             FY 2015 Financial Statement Audit                       11/16/15
      EEOC should update its controls over the maintenance of its official personnel files and perform
       a thorough review of its employees’ personnel files to ensure that documentation is current and
       complete.




                                                                                                        13
            OIG Semiannual Report                     October 1, 2016–March 31, 2017
    EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT	

Fiscal
Year       Report Number                          Report Title                         Date Issued

2015       2015-02-FIN             FY 2014 Financial Statement Audit                    1/15//16
                                      Management Letter Report

    Developing an assessment of EEOC’s internal control process in order to proactively manage
     and update internal controls. This should minimally consist of EEOC documenting what controls
     are performed by their shared services provider and what controls are performed at EEOC to
     ensure management has a clear understanding of their responsibilities.
    The EEOC office accountable for compiling the PAR creates and enforces internal deliverable
     milestones to ensure all OMB submission deadlines are met. These internal deliverable
     milestones should extend to all EEOC offices and require these offices to provide their content
     to EEOC’s accountable office prior to the established milestones. EEOC’s Office of the Chief
     Financial Officer (OCFO) should thoroughly review the final draft of the PAR prior to the
     submission to OMB and the auditors in order to minimize edits required close to the PAR’s final
     submission deadline. This review should include a review of the financial statements against
     various federal reporting guidelines and checklists, such as GAO’s FAM 2020 checklist for
     Federal Reporting Disclosures.

Fiscal
Year       Report Number                          Report Title                         Date Issued

2015          2015-03-            Independent Evaluation of Agency                      11/15/15
               EOIG              Adherence to the Federal Information
                                     Security Modernization Act

     EEOC should fully document, publish and enforce a CIO-approved organization-wide
     Information System Program Plan for common controls and hybrid controls across all systems
     and applications.
     EEOC should develop an organization-wide Information System Program Plan to include:
         o Names and contact information for the government and vendor partner personnel who
            are sharing responsibility for the definition and implementation of the EEOC common,
            hybrid, and application-specific controls.
         o An EEOC defined and approved population of common, hybrid and application controls.
         o A Memorandum of Understanding (MOU), or similar document, that acknowledges the
            government’s and vendor’s responsibility for designing and implementing their assigned
            portions of the population of EEOC National Institute of Standards and Technology
            (NIST) 800-53 Revision 4 controls.
    EEOC should complete this organization-wide security program objective by publishing its
     approved organization-wide Information Security Program Plan population of common, hybrid,
     and application controls and continuously monitoring its approved common controls and hybrid
     controls.

                                                                                                 14
          OIG Semiannual Report                  October 1, 2016–March 31, 2017
    EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT	

    EEOC should develop an organization-wide risk management strategy and processes to manage
     risk to organizational operations and assets, in accordance with NIST guidelines.
    EEOC should develop, document, and implement a policy requiring FEPAs that collect, store,
     process, use and transmit EEOC data to implement information security controls that ensure data
     and access to data are secured. For example, the work-sharing agreement should include a clause
     that requires only authorized individuals access to the IMS system and that devices are updated
     with current system security patches and antivirus signatures before users connect to the system.
    EEOC should develop special security controls for Field Offices that align with the FMFIA of
     1982. In addition, we recommend the following improvements:
         o Assess the information systems security controls at the district, field and area offices.
         o Segregation of duties – Implement policies and procedure to ensure that managers do not
             have granting and approval rights for providing access to systems.
         o Segregation of duties – Implement policies and procedure to ensure managers do not
             have rights to both receive and store equipment.
         o System monitoring – Implement policies and procedure to ensure that IT staff have
             adequate skillsets to monitor information systems. In addition, provide annual network
             training.
         o Continuity of Operation Plan (COOP) and Disaster Recovery (DR) – Provide IT staff
             COOP and DR training.
         o Confidentiality – Implement policies and procedures to ensure that the IT staff maintains
             confidentiality of sensitive data.
         o Network security – Install network monitoring devices and port security.
         o Safeguarding – Lock investigator’s office doors after hours and when the office is vacant.
         o Physical security (Baltimore) – Ensure that third-party security officer contractors
             enforce the barring notices and the ID verification procedures; and
         o Physical Security to Baltimore EEOC’s IT room – Ensure that only authorized EEOC
             personnel has access to EEOC’s field office IT facilities.
    EEOC should implement multifactor authentication for remote access. Furthermore, EEOC
     should use multifactor authentication where one of the factors is provided by a device separate
     from the computer gaining access.
    EEOC should:
         o Develop Testing, Training & Evaluation (TT&E) programs to test or exercise the EEOC
             Business Continuity Planning (BCP) and IT Disaster Recovery Plan (DRP) at the HQ
             and field office levels and determine their operational effectiveness.
         o Conduct after-action reporting that addresses issues identified during
             contingency/disaster recovery exercises and incorporates them into HQ and field office
             plan updates.
         o Coordinate the HQ OIT BCP and IT DRP TT&E programs with the 53 EEOC field
             office’s programs to ensure adequate levels of emergency preparedness and IT disaster
             recovery capability across EEOC. Develop and perform testing of system-specific
             contingency plans for the following EEOC General Support Systems and major
             applications: Domain Name System (DNS); EEO-1 Survey System; Data Management
             System (DMS); and IMS.




                                                                                                   15
          OIG Semiannual Report                   October 1, 2016–March 31, 2017
    EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT	

    EEOC build upon existing HQ configuration management policy and procedures to deploy
     automated tools and procedures that accurately and completely detect, identify, and account for
     changes to the information system component inventory.

Fiscal
Year       Report Number                           Report Title                          Date Issued

 2015       2014-03-OE            Evaluation of EEOC’s Outreach and                        5/8/15
                                          Education Program

    EEOC’s website needs to be updated when important events occur, perhaps in accordance with
     guidelines that EEOC’s Office of Communication and Legislative Affairs sets for itself
    EEOC and its district and field offices should routinely conduct follow-up through surveys with
     partners, perhaps three months after events.
    EEOC should provide resources for the regular analysis of Office of Field Programs charges to
     provide evidence of outreach and education success both for district, and field offices and
     nationally.

Fiscal
Year       Report Number                           Report Title                          Date Issued

 2015       2014-01-FIN            FY 2014 Financial Statement Audit                      11/17/14

    EEOC should update its controls over the maintenance of its official personnel files.
     Additionally, management should perform a thorough review of its employees’ personnel files
     to ensure that documentation is current and complete.
    EEOC should implement procedures to ensure that it has a complete understanding of its service
     providers’ policies and procedures.

Fiscal
Year       Report Number                           Report Title                          Date Issued

 2015       2014-02-FIN            FY 2014 Financial Statement Audit                      1/13/15
                                      Management Letter Report

    EEOC should monitor and enforce its policies and procedures over sensitive property. EEOC
     should monitor these controls to ensure that the controls remain adequate and continue to operate
     effectively.
    EEOC should update its policies and procedures to correctly state its current process.
    EEOC should monitor and enforce its policies and procedures over record retention for purchase
     and travel card transactions. EEOC should monitor these controls to ensure that the controls


                                                                                                   16
          OIG Semiannual Report                   October 1, 2016–March 31, 2017
    EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT	

     remain adequate and continue to operate effectively. Additionally, management should enforce
     penalties, such as disciplinary action, including restitution to the government and/or dismissal.
    EEOC should implement and monitor controls to ensure approving officials’ review and
     approval is documented for each purchase and travel card transaction. The policy or procedure
     should establish an appropriate period of time for retention of records, monitoring by the
     purchase card program manager, and appropriate disciplinary actions for noncompliance.
    EEOC should follow its guidelines for all expense transactions. We also recommend developing
     an assessment of EEOC’s internal control process in order to proactively manage internal
     controls and get the most from them.
    EEOC should work with its service provider to implement internal controls that will catch all
     transactions with a zero-object class. A monthly review of expense transactions will identify
     those with a zero-object class.

Fiscal
Year       Report Number                             Report Title                           Date Issued

2015           2014-08-            FY 2014 Federal Information Security                      12/16/14
                EOIG                     Management Act Report

    Implementation of background checks for student interns to ensure that international visas are
     current.
    Development of policies and procedures to properly manage physical security access cards.
    Development of Continuity of Operations plans for field offices.
    Improved control over physical access to the data center and technology storage room.

Fiscal
Year       Report Number                             Report Title                           Date Issued

2014        2013-08-PSA              Performance Audit of the Agency’s                         9/4/14
                                        Personnel Security Program

    Identify all EEOC employees with:
         o current or prior access to classified national security information;
         o a current adjudicated security clearance and the sponsoring agency, if applicable; and
         o special access or interim clearance and the sponsoring agency, if applicable.
    Develop and implement policies and procedures to address the safeguarding, transfer, storage,
     or disposal of classified information. The policy should include the requirements for
     memorandums of understanding (MOUs) between agencies.
    Implement a formalized training program for individuals who use classified information as a part
     of their duties. If an external agency is to assume the responsibility of training these individuals,
     this agreement should be documented in an MOU.




                                                                                                       17
          OIG Semiannual Report                     October 1, 2016–March 31, 2017
    EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT	

    Perform and document an assessment/evaluation of current classified information practices and
     safeguarding at headquarters and field offices to determine any noncompliance. Take immediate
     corrective action to address any noncompliance noted.
    Incorporate a review of controls over classified information in EEOC’s annual FMFIA process.
    Complete risk designations for the remaining estimated 194 EEOC covered positions.
    Review all employee electronic official personnel folders to ensure proper inclusion of the
     employee’s conflict of interest (COI) disclosure, and in instances where the documentation is
     missing, insert it.
    Explore using alternative staffing options, such as contract employees, part-time employees, or
     employees on detail in order to become current on risk designations, reinvestigations, the FPPS,
     COIs, and adjudication reporting. Document the process of deciding what type of employees to
     use for this work.
    Update and implement comprehensive policies and procedures for physical security. These
     policies and procedures should include but not be limited to the following:
          o Providing training for the Federal Supply Class member or designee at each field office
             location at least annually.
          o Developing and implementing an on-site field office security assessment program that
             includes performing assessments and/or spot checks of field office security measures by
             the OCFO on a rotational basis as it relates to Interagency Security Committee
             requirements.
          o Assisting field offices and ensuring that they correct noted security weaknesses or
             document acceptance of risk where EEOC has determined corrective action will not be
             taken.
    Revise the field office self-assessment checklist to include facility security and credentialing
     information.
    Immediately correct any known weaknesses. If EEOC decides not to correct a noted weakness,
     it should document this analysis and its acceptance of the associated risk.
    Increase coordination between OCFO and OFP to improve field office security posture,
     awareness, and training to ensure compliance with applicable EEOC orders and guides; with
     Facility Security Committees: An Interagency Security Committee (ISC) Standard, second
     edition, dated January 1, 2012; and with other applicable ISC standards.

Fiscal
Year        Report Number                          Report Title                         Date Issued

2014        2013-01-FIN-           FY 2013 Financial Statement Audit                     12/16/13

        EEOC should update and revise the manner in which it controls the maintenance of its official
         personnel files. Additionally, management should perform a thorough review of its employees’
         personnel files to ensure that documentation is current and complete. (Repeat finding from
         2012)




                                                                                                  18
           OIG Semiannual Report                  October 1, 2016–March 31, 2017
  EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT	

Fiscal
Year        Report Number                          Report Title                         Date Issued

 2014        2013-02-FIN                FY 2013 Financial Statement                       1/31/14
                                         Management Letter Report

        EEOC management should consistently review and approve all documents as prescribed by its
         policies and procedures. Policies and procedures should be reviewed and updated to ensure they
         reflect the most current protocol.
        EEOC should establish and implement controls to prevent waste, fraud, and misuse in the credit
         card program. On an annual basis, EEOC should review and update the Charge Card Program
         Guide for substantial changes. Additionally, EEOC should monitor the controls to ensure that
         they are working effectively.

Fiscal
Year        Report Number                          Report Title                         Date Issued

 2014          2013-05-           FY 2013 Federal Information Security                   12/10/13
               FISMA                    Management Act Report

        The OIG recommends that the EEOC OIT implement multifactor authentication for remote
         access. further recommends that the multifactor authentication use one factor provided by a
         device separate from the computer gaining access. (Repeat finding from 2008)

Fiscal
Year        Report Number                          Report Title                         Date Issued

 2013       2012-09-REV                     Review of Evaluations                        04/09/13

        EEOC should document criteria for determining Category C charges.
        EEOC should investigate the merits of expanding the information it obtains related to employee
         hiring and terminations.

Fiscal
Year        Report Number                          Report Title                         Date Issued

 2013       2012-01-FIN             FY 2012 Financial Statement Audit                    11/16/12
                                                 Report

        EEOC should document and monitor implementation of all complementary user control
         considerations. (Repeat finding from 2010)

                                                                                                  19
           OIG Semiannual Report                  October 1, 2016–March 31, 2017
 EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT	


Fiscal
Year          Report Number                           Report Title                      Date Issued

2013          2012-08-PUR             Performance Audit of EEOC Charge                   03/28/13
                                               Card Program

        EEOC should perform further analysis on its government charge card operations to identify the
         controls to be implemented in compliance with OMB directives. Specifically, the EEOC must
         review and update the identification of procedures performed using the new accounting system
         (FCS) as well as the current duties of personnel interacting with the system. The EEOC should
         meet with all process lead personnel to determine what controls are or should be in place to
         ensure that fraud, waste, abuse, and misuse are not present in the charge card program. The
         EEOC should identify all requirements in OMB Circular A-123, Appendix B, and determine
         the procedures necessary to comply with the requirements and ensure that policies and
         procedures are reviewed on an annual basis or more frequently if substantial changes have
         occurred in EEOC’s systems or if laws and regulations have been issued. This will help to
         ensure that policies and procedures are appropriate for the current environment.
        EEOC should monitor controls over transaction approval, whether performed at EEOC or at a
         service provider.
        EEOC should develop and implement policies to require reviews of total cardholder activity to
         ensure compliance with monthly spending authority for all cardholders. Management should
         maintain documentation of authority to exceed cardholders’ spending limits. Penalties for
         exceeding authorized spending limits should be established and enforced.

Fiscal
Year          Report Number                          Report Title                       Date Issued

2008         2008-03-AMR            Oversight of Federal Agency Reporting                09/26/08
                                     Management Directive 715 (MD-715)
                                             and Related Topics

        EEOC should require Federal agencies to submit Part G of their Equal Employment
         Opportunity assessment with their annual EEOC Management Directive MD-715 submissions.




                                                                                                 20
           OIG Semiannual Report                  October 1, 2016–March 31, 2017
     EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT	

As required by Section 5(a)(10) of the Inspector General Act of 1978, as amended, semiannual reports
must include a summary of each audit report, inspection report, and evaluation report issued before the
commencement of the reporting period for which no management decision has been made by the end of
the reporting period (including the date and title of each such report), an explanation of the reasons such
management decision has not been made, and a statement concerning the desired timetable for achieving
a management decision on each such report:

    Fiscal          Number of            Number of          Dollar Value            For which no
    Year           Reports with        Unimplemented        of Aggregate       establishment comment
                 Unimplemented        Recommendations         Potential        was returned within 60
                Recommendations                             Cost Savings        days of providing the
                 (such as report                                                     report to the
                    title, report                                                   establishment
                number, hyperlink
                  to report, etc.)
    2017                   0                   0                   0                     N/A

We have no audit, evaluation, or review reports that were issued before the reporting period began for
which no management decision has been made. We do not issue inspection reports.




                                                                                                        21
             OIG Semiannual Report                    October 1, 2016–March 31, 2017
EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT	


       The Investigation Program
       The Investigation Program supports the OIG’s strategic goal to focus limited
       investigative resources on issues that represent the greatest risk and offer the
       maximum opportunity to detect and prevent fraud, waste, and abuse in EEOC
       programs and operations


                            Investigative Inquiries
                     Investigative Inquires Received
                    October 1, 2016 – March 31, 2017

                    Allegations                Number

        Charge Processing                               129

        Other Statutes                                    84

        Title VII                                       124

        Mismanagement                                      6

        Ethics Violations                                  2

        Backgrounds                                        5

        Theft                                              2

        Threats                                            4

        Fraud                                              0

        Other Criminal Allegations                         4

        Congressional Inquiries                            0

        Total                                           360




                                                                                    22
   OIG Semiannual Report                October 1, 2016–March 31, 2017
     EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT	

Completed Investigative Activities

During the semiannual period, our office issued no final investigative reports.

Ongoing Investigative Activities

Our office has ongoing investigations in several field offices involving such matters as: ethics violations,
conflicts of interest, misuse of position, mismanagement, false statements, and falsification of
government records.




                                                                                                         23
             OIG Semiannual Report                     October 1, 2016–March 31, 2017
    EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT	

Appendices

Appendix I.

Final OIG Audit, Evaluation, and Review Reports

                                 Date      Questioned   Funds Put to   Unsupported
       Report Title
                                Issued       Costs       Better Use       Costs
  Agency Compliance with
   the Federal Managers’
                              11/14/2016      $0            $0             $0
   Financial Integrity Act
     FY 2016 Financial
   Statement Audit of the
                              11/15/2016      $0            $0             $0
           EEOC
     2016 Independent
 Evaluation of the Agency’s
    Compliance with the
                              01/07/2017      $0            $0             $0
    Federal Information
 Security Modernization Act
           of 2014
   FY 2016 Management
        Letter Report         01/17/2017      $0            $0             $0
   DATA Act Readiness
       Review Report          03/30/2017      $0            $0             $0




                                                                                     24
           OIG Semiannual Report              October 1, 2016–March 31, 2017
    EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT	

Appendix II.

Investigative Statistical Report


               Report Title                                         Number

   Total number of investigative reports
                                                                         0
  Total number of persons referred to the
     Department of Justice for criminal
                                                                         0
  prosecution during the reporting period
 Total number of persons referred to State
    and local prosecuting authorities for
 criminal prosecution during the reporting                               0
                    period
 Total number of indictments and criminal
  information during the reporting period
   that resulted from any prior referral to                              0
           prosecuting authorities

Appendix III.

A report on each investigation conducted by the Office involving a senior
government employee where allegations of misconduct were substantiated

Report Name:                        Report Number                            Date Issued

   Facts and circumstances of the       (B) the status and disposition of the matter, including-
           investigation                (i) if the matter was referred to the Department of
                                        Justice, the date of the referral; and
                                        (ii) if the Department of Justice declined the referral, the
                                        date of the declination

                N/A                                                N/A




                                                                                                  25
           OIG Semiannual Report                   October 1, 2016–March 31, 2017
    EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT	

Appendix IV.

A detailed description of any instance of whistleblower retaliation.

   Information about the official found to         Consequences the establishment imposed to
        have engaged in retaliation                      hold that official accountable


                      N/A                                            N/A


Appendix V.
A detailed description of any attempt by the establishment to interfere with the
independence of the Office.


                     Issue                                        Description


 With budget constraints designed to limit the
                                                                     N/A
          capabilities of the Office

     Incidents where the establishment has
 resisted or objected to oversight activities of
     the Office or restricted or significantly
                                                                     N/A
 delayed access to information, including the
   justification of the establishment for such
                      action




                                                                                               26
            OIG Semiannual Report                  October 1, 2016–March 31, 2017
    EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT	

Appendix VI.
Detailed descriptions of the particular circumstances.


                    Issue                                    Description

  Inspection, evaluation, and audit conducted
    by the Office that is closed and was not                    N/A
            disclosed to the public
    Investigation conducted by the Office
  involving a senior Government employee
  that is closed and was not disclosed to the                   N/A
                     public




                                                                                 27
            OIG Semiannual Report               October 1, 2016–March 31, 2017
    EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT	

Appendix VII.
Index of Reporting Requirements

 Inspector General
                                Reporting Requirements                      Page
    Act Citation

  Section 4(a)(2)    Review of Legislation and Regulations                  N/A

  Section 5(a)(1)    Significant Problems, Abuses, and Deficiencies         7-8

                     Recommendations with Respect to Significant
  Section 5(a)(2)                                                           7-8
                     Problems, Abuses, and Deficiencies


                     Significant Recommendations Included in
  Section 5(a)(3)    Previous Reports on Which Corrective Action           13-20
                     Has Not Been Completed

  Section 5(a)(4)    Matters Referred to Prosecutorial Authorities          N/A

                     Summary of Instances Where Information Was
  Section 5(a)(5)                                                           N/A
                     Refused

  Section 5(a)(6)    List of Audit Reports                                   11

  Section 5(a)(7)    Summary of Significant Reports                         7-8

  Section 5(a)(8)    Questioned and Unsupported Costs                        24

                     Recommendations That Funds Be Put to Better
  Section 5(a)(9)                                                            24
                     Use

                     Summary of each audit report, inspection
                     reports, and evaluation reports issued before the
                     commencement of the reporting period:(A) for
                     which no management decision has been made
                     by the end of the reporting period (including the
  Section 5(a)(10)   date and title of each such report), an                 21
                     explanation of the reasons such management
                     decision has not been made, and a statement
                     concerning the desired timetable for achieving a
                     management decision on each such report;




                                                                                   28
           OIG Semiannual Report                 October 1, 2016–March 31, 2017
  EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT	

                   (B) for which no establishment comment was
                   returned within 60 days of providing the report
                   to the establishment; and
                   (C) for which there are any outstanding
                   unimplemented recommendations, including the
                   aggregate potential cost savings of those
                   recommendations.


                   Significant Management Decisions That Were
Section 5(a)(11)                                                          N/A
                   Revised During the Reporting Period

                   Significant Management Decisions with Which
Section 5(a)(12)                                                          N/A
                   the Office of Inspector General Disagreed

                   Statistical tables showing:
                   (A) the total number of investigative reports
                   issued during the reporting period;
                   (B) the total number of persons referred to the
                   Department of Justice for criminal prosecution
                   during the reporting period;
                   (C) the total number of persons referred to State
                                                                           25
                   and local prosecuting authorities for criminal
Section 5(a)(17)   prosecution during the reporting period; and
                   (D) the total number of indictments and criminal
                   information during the reporting period that
                   resulted from any prior referral to prosecuting
                   authorities.

                   A report on each investigation conducted by the
                   Office involving a senior Government employee
                   where allegations of misconduct were
                   substantiated, including a detailed description
                   of:
                   (A) the facts and circumstances of the
                   investigation; and
Section 5(a)(19)                                                           25
                   (B) the status and disposition of the matter,
                   including:
                   (i) if the matter was referred to the Department
                   of Justice, the date of the referral; and
                   (ii) if the Department of Justice declined the
                   referral, the date of the declination.




                                                                                29
         OIG Semiannual Report                 October 1, 2016–March 31, 2017
  EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT	

                   A detailed description of any instance of
                   whistleblower retaliation, including information
                   about the official found to have engaged in
Section 5(a)(20)                                                            26
                   retaliation and what, if any, consequences the
                   establishment imposed to hold that official
                   accountable.
                   A detailed description of any attempt by the
                   establishment to interfere with the independence
                   of the Office, including
                   (A) with budget constraints designed to limit the
                   capabilities of the Office; and
Section 5(a)(21)                                                            26
                   (B) incidents where the establishment has
                   resisted or objected to oversight activities of the
                   Office or restricted or significantly delayed
                   access to information, including the justification
                   of the establishment for such action.
                   Detailed descriptions of the particular
                   circumstances of each:
                   (A) inspection, evaluation, and audit conducted
                   by the Office that is closed and was not
Section 5(a)(22)                                                            27
                   disclosed to the public; and
                   (B) investigation conducted by the Office
                   involving a senior Government employee that is
                   closed and was not disclosed to the public.




                                                                                 30
         OIG Semiannual Report                  October 1, 2016–March 31, 2017
     EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT	

Appendix VII.
Single Audit Act Reports
During the reporting period, our office received no audit reports issued by public accounting firms
concerning FEPAs that have work-sharing agreements with EEOC.

Appendix VIII.
Peer Review Reporting
Offices of Inspector General are required to include its peer review results as an appendix in semiannual
reports to Congress in accordance with section 989C of the Dodd-Frank Wall Street Reform and
Consumer Protection Act (P.L. 111-203).
Peer Review of the OIG Audit Function
The Federal Trade Commission (FTC), OIG conducted a peer review of the system of quality control
for our office’s audit function for the period ending March 31, 2014. Their report, which was issued
December 8, 2014, offered a modified opinion that our office has established policies and procedures
that were current and consistent with applicable professional standards. The FTC OIG gave our office a
pass rating and made no recommendations. Our next peer review will cover the period ending March
31, 2017.




                                                                                                      31
             OIG Semiannual Report                   October 1, 2016–March 31, 2017
EEOC OFFICE OF INSPECTOR GENERAL SEMIANNUAL REPORT	




                                                            32
   OIG Semiannual Report   October 1, 2016–March 31, 2017