The General Service Administration's Office of the Inspector General released its semiannual report to Congress on May 31, detailing a litany of contracts audits from the first six months of fiscal 2017.
The report tracks the OIG actions from October 2016 to March 2017, like pre-award audits for contracts worth a total of $2.2 billion, offering recommendations on how to better spend $204 million in funds.
But it's the details the investigators found in the audits that make the report a juicy read: From the exposure of personally identifiable information to health hazards in a federal office space, here are four highlights from the report:
Sensitive building information exposed on cloud computing networks, Jan. 26, 2017
In July 2014, the OIG found sensitive building information unsecured in GSA's Google cloud computing environment. The data included "sensitive information concerning child care centers, courthouses, water sources, building automation systems and security and fire alarm systems" accessible by GSA employees and contractors who were not cleared to possess the information.
Investigators felt the information was so sensitive that the OIG conducted implementation reviews of the six recommendations offered and didn't make their report public until January 2017.
Personally identifiable information exposed on cloud computing networks, Jan. 26, 2017
Investigators also found in January 2015 that the personal information of employees and contractors was accessible to GSA employees who were not cleared to see the information through the agency’s Google cloud computing environment.
After finding that breach notifications for those affected would be inadequate, the OIG offered eight recommendations to correct the problem.
An April 2015 implementation review found that GSA had yet to provide signed memorandums of understanding showing that Google site owners "accepted responsibility for operating and managing their sites in accordance with federal and GSA regulations and standards."
At the time of the report, GSA had yet to provide evidence that it had informed all of the individuals whose information was exposed.
Failure to enforce lease provisions led to health risk exposure for tenants, Jan. 27, 2017
Tipped by a fraud hotline call, investigators launched an audit of the Public Buildings Service’s maintenance of office space leased in the Kress Building in Tampa, Fla.
The OIG found that PBS had not enforced the terms of its lease at the building, which required it to hold the property owner accountable for repairs.
As a result of not seeking timely repairs from the lessor, investigators said PBS allowed employees to be exposed to "water intrusion, termites, poor ventilation, exterior deterioration" and black mold.
The OIG offered two recommendations: enforce the terms of the lease and ensure the repairs and maintenance were communicated to the lessor with an improved guidance plan.
The PBS regional commissioner concurred with both recommendations.
Inconsistencies in Professional Services contract price negotiations, March 21, 2017
Following the consolidation of professional services contracts into a single vehicle in 2015, the OIG investigated whether the price evaluations and negotiations of the converted contracts complied with federal regulations.
The investigators found that when the Federal Acquisition Service negotiated pre-existing contracts under the new Professional Services Schedule, they applied inconsistent negotiation and evaluation methods.
"In particular, FAS consolidated certain pre-existing contracts into the PSS that resulted in the award of new contracts without establishing price reasonableness, as required by the Federal Acquisition Regulation," the report said.
The OIG also found that contracting officers were using a price negotiation template that didn’t conform to FAS policy or include all the information required by FAR regulations.
The OIG offered three recommendations, including using a formal price analysis for migrated contracts, discontinue the use of unauthorized negotiation memorandum and developing guidance for documenting price analyses.
Read
.
