Office of the Inspector General (OIG)

OIG semi-Annual Report to Congress:
April 1, 2005 - September 30, 2005


Table of Contents


Foreword

The work highlighted in this, the 34th Semiannual Report to Congress speaks to the dedication and professionalism of the staff that I have the honor to represent. The outcome of their work products has, and continues to support NARA in meeting its strategic mission of providing ready access to essential evidence of our democracy. It would be remiss of me not to specifically note the support that the Archivist of the United States, Allen Weinstein, has extended to this office. In a tangible sense he has taken measures to provide sorely needed additional resources to this office, to help us meet our mission requirements. However, perhaps more importantly, he has demonstrably helped to foster a collegial and productive environment in which the work products of the Office of Inspector General (OIG) are respected and used as an agent or catalyst for positive change.

Each reporting period I take the opportunity to note how we look forward to providing our stakeholders' optimal service in future reporting periods. As such, we will continue to focus our work on security, accountability, and functionality over NARA's holdings and operations.

Again, I wish to thank my staff for their effort, and for the positive results of their work.

 

Paul Brachfeld
Inspector General

Top of Page


Executive Summary

his is the 34th Semiannual Report to the Congress summarizing the activities and accomplishments of the National Archives and Records Administration (NARA) Office of Inspector General (OIG). A summary of NARA's top challenges is provided under the section titled "Top Ten Management Challenges." The highlights of our major functions are summarized below.

Audits

In this reporting period, the Audit Division continued to examine the integrity of NARA's financial information and security of Information Technology (IT) systems and programs. This work had positive impact upon agency operations and related controls in these critical areas. We also extensively audited and evaluated NARA programs, functions, and contract issues. Recommendations directed to NARA officials will, upon adoption, translate into reduced risk for the agency and increased levels of security and control over NARA's financial assets, programs, and operations.

We issued the following audit reports during the reporting period:

  • Evaluation of NARA's Preservation Program. The Preservation Program encompasses NAR's strategic goal of ensuring that "all records are preserved in an appropriate environment for use as long as needed." NARA currently holds more than 3.6 million cubic feet of textual and non-textual records and artifacts. Thus, the challenge in meeting this goal is daunting and highly complex as the volume of records, even excluding electronic records, is huge; time and the environment are archivists' enemies; the media are diverse; there are multiple repositories across the country; and the resources needed to address this task are limited and finite. Our audit identified that, while there was a commitment and good intent on the part of NARA'staff to meet the aforementioned challenge, significant resource and reporting deficiencies currently impede NARA's best efforts. These deficiencies represent a material weakness1 that affects NARA's ability to carry out its mission of providing ready access to essential evidence. Specifically, our review noted that many items needing preservation had not been identified; budget and staffing was inadequate to address preservation needs in a timely manner; criteria for assessing preservation needs was not consistently applied; archival storage facilities were not in compliance with storage standards; and preservation performance measurement data is incorrect. (Audit Report #05-13, dated June 22, 2005.)

  • Review of Proposed Modification of the Information Technology Support Services (ITSS) Task Order Security Program Requirements. Our review, which assessed the appropriateness of a proposed modification, revealed that the modification duplicated the network security program effort required by the original task order. Therefore, we questioned the modification and all associated costs. Management, upon reviewing the contractor's Request for Quotation (RFQ) cancelled all, or most, of the inappropriate modification. Prior to the suspension of the aforementioned modification action, NARA officials had already issued a modification to the task order that inappropriately provided the contractor with $110,049 for 1,408 labor hours to provide network security from June 1, 2004, through September 30, 2004. If the proposed network security program modification to the ITSS task order for option year one (October 1, 2004, through September 30, 2005) had been issued, the agency would have incurred additional task order expenses, depending on the outcome of negotiations with the contractor, somewhere between $414,307 and $668,765,2 for network security requirements that are already required by the original task order Performance Work Statement (PWS). We applaud the position taken by NARA management on this issue and believe that it is appropriate. (Audit Memorandum #05-19, dated July 6, 2005.)

  • Review of the ITSS Contractor's Quality Assurance and Quality Control Program. We found that the contractor was not meeting contractual requirements to implement a quality control program. Responsible NARA officials were either unaware of the contractor's failure to institute a quality control program in accordance with contract requirements or did not act to address this failure. Specifically, the contractor was not performing major tasks such as (a) maintaining quality assurance and quality control metrics; (b) preparing various quality assurance reports and corrective action requests; (c) conducting process evaluations; and (d) conducting audits in accordance with their quality program. We also found that the contractor did not budget an adequate number of hours in their proposal to perform a quality program, and the Contracting Officer's Representative (COR) did not properly discharge duties of inspecting and accepting services performed. As a result, the contractor is providing service below the level provided for in the contract, NARA is paying for services the contractor has not performed, and NARA may be rewarding the contractor, via the award fee component of the contract, for performance that does not actually exceed contract thresholds. (Audit Report #05-14, dated August 12, 2005.)

  • Review of Contractor Resources Utilized on the ITSS Contract. Our audit found that the process for performing background investigations is not adequate to ensure that contractor personnel have the appropriate level of background investigation commensurate to the inherent risk assigned to the position and responsibilities they fulfill. NARA officials failed comply with internal procedures and guidance adopted to mitigate this condition. Specifically, our audit noted that position risk designation analysis for the ITSS contractors categorizing positions as high risk, moderate risk or low risk, based on the duties and responsibilities of the position as required by Interim Guidance 273-1, "Suitability Determinations for Incumbents in IT Positions," and NARA's IT Security Handbook, was not performed. Thus, approximately 96 ITSS contract employees were, by default, considered to be holding positions of low risk and given the lowest level of background review that is a National Agency Check and Inquiry (NACI). Also, our audit noted that five ITSS contractor employees had no background investigations (even the baseline NACI) performed as required by the contract, and NARA paid inappropriately $4,192 for background investigations initiated under the ITSS contract. This is not in compliance with the NARA IT Security Handbook on Operations Controls, which states that contractors will be held responsible for the costs of background investigations. (Audit Report #05-21, dated September 30, 2005.)

  • Audit of the National Historical Publication and Records Commission (NHPRC) Grants. The objectives of this assignment were to determine if the grantees were complying with the guidance found in Office of Management and Budget (OMB) and NHPRC regulations, and to determine if grant funds were used appropriately by grantees. Two grants were selected for review: a $240,741 grant and a $43,308 grant. We did not have any findings from our review of the $240,741 grant. However, for the $43,308 grant we found that the grantee did not apply the agreed-to percentage to its matching funds, resulting in $22,610 of questioned costs. The grantee agreed with our findings and issued the NHPRC a refund check in the amount of $12,378. (Audit Memorandum #05-20, dated July 29, 2005.)

  • Audit of the NARA Travel Card Program. Our review disclosed that most cardholders used their travel cards properly and promptly paid amounts owed to Citibank. However, we found several instances of misuse, and identified internal control weaknesses in the oversight of the travel program. We noted that some employees received unauthorized cash advances, some travel was authorized after the official travel date, and some non-travel expenses were charged to travel charge cards. We also noted that the Financial Services Division (NAB) is not notifying employees or the OIG of questionable charges in a timely manner. Additionally, there were also several instances of improper reimbursement of travel charges. (Audit Report #05-15, dated July 22, 2005.)

  • Audit of NARA's Compliance with the Prompt Payment Act. Our audit disclosed that NARA's financial services division (NAB) is not monitoring the causes of interest penalties. We also noted that NAB is not ensuring that the proper amount of interest is being remitted to vendors. NAB is relying on General Services Administration (GSA), NARA's accounting service provider, to ensure that payments are made in a timely manner. If the payments are not made on time, NARA relies on GSA to calculate and remit the proper interest penalty payment to the vendor. (Audit Report #05-16, dated July 22, 2005.)

We issued the following management letters during the reporting period:

  • NARA's Investment Management Decide Process. The OIG, through this management letter, brought to the Archivist's direct attention the third major instance within two years in which management has failed to comply with requirements of the Clinger-Cohen Act and NARA 801, Review of Information Technology Investments. NARA 801 was implemented as a means of ensuring that information technology (IT) investments are subject to appropriate scrutiny prior to the "go" decision in compliance with the Clinger-Cohen Act of 1996. In the two prior instances, NARA bypassed NARA 801 requirements and made the "go" decision to spend approximately $3.5 million on fiber-optic cabling for NARA's computer network, and then spent another $3.5 million to upgrade the network's operating system and electronic messaging software. In this case, NARA'signed an agreement to convert to a new, automated accounting system again without having first met the requirements of NARA 801. This action constitutes a violation of the law and NARA internal guidance. As a result, we as an agency continue to commit to significant IT investments prior to compiling demonstrated evidence that these investments are in the best interests of the agency, our customers, and the American taxpayer. (Management Letter #05-12, dated April 13, 2005.)

  • Server Vulnerability Risks. The OIG informed the Archivist through this management letter that information residing on NARA employees' private computer drives on a NARA'server was visible to a number of users with inappropriate access rights. This problem existed because certain user accounts were given inappropriate access rights. Despite management's knowledge of the problem, no clear remediation plan had been developed to ensure that user rights were corrected on the server in question. (Management Letter #05-17, dated June 16, 2005.)

  • NARA's Ability to Inspect Employee's Personal Property. Based on an allegation of employee theft at a Presidential library, the OIG learned that, absent a search warrant, NARA has no clear, entity-wide regulatory policy that allows for inspection of packages, briefcases, handbags, and other containers in the immediate possession of employees at a NARA facility. Our assessment of pertinent guidance revealed that unless NARA facilities are under GSA control, the authority to search employees' packages provided for in GSA regulations does not apply. Therefore, this situation creates a potential security risk at NARA-owned facilities and the Presidential libraries and the potential for violation of Fourth Amendment rights by NARA. As a result of these risks, we notified the Archivist of these conditions. (Management Letter #05-22, dated July 25, 2005.)

Investigations

On July 6, 2005, the Investigations staff received blanket special deputation appointments (two years) from the United States Marshals Service. The Inspector General Act of 1978, as amended, allows the OIG to conduct criminal investigations. However, the act, as amended, does not provide statutory authority to make arrests and serve search warrants. Previously, the OIG obtained special deputation appointments from the United States Marshals Service on a case-by-case basis. This deputation will give the Investigations staff full law-enforcement authority, including the ability to serve and execute arrest and search warrants. The NARA OIG is the first Executive Council on Integrity and Efficiency (ECIE) OIG to receive blanket deputation.

During this reporting period, the Investigations Division opened 15 investigations and closed 21 investigations. Investigations received 131 complaints and closed 156 complaints. We opened 15 investigations resulting from complaints, referred 71 complaints to other offices or agencies, and closed 70 complaints to file. There are 11 complaints and 12 investigations that remain open.

The Investigation Division completed investigations in the following areas:

  • Recovery of Stolen Pardons
  • Recovery of Alienated Historical Documents
  • Compromise of Case Management and Report System (CMRS) and the Presidential Electronic Records Library (PERL) Servers
  • Operating a Private Business While at Work
  • Missing File at the Ronald Reagan Presidential Library and Museum

Top of Page


Management Assistance

For our management assistance activities this reporting period, we

  • provided ongoing analysis and assistance to the NARA Office of General Counsel (NGC) on a billing matter with the Washington Suburban Sanitary Commission (WSSC) that resulted in a $63,638 savings to the Government.

  • worked with NARA management on a wide variety of issues to include meeting with the facilitators of NARA's Continuity of Operations Plan (COOP); working with the NGC on NARA's ability to inspect employees' personal property; assisting NGC in a civil matter in Federal District Court that was related to an ongoing OIG investigation; working with NARA's Designated Agency Ethics Official (DAEO) on ethics matters; working with Human Resources on an administrative action; and working with archival staff on the publication of an educational brochure intended to assist NARA and the OIG in recovering lost or stolen Federal records; and working with NARA's Congressional and Public Affairs staff on the OIG portion of the NARA web site, as well as a variety of OIG press-related matters.

  • commented on the draft policy titled "NARA 1441, Appendix 2: Research and Development (R&D) Records." We expressed our concern with how NARA can guarantee that "archival judgment," particularly where records of "general and substantial public interest because of direct association with famous or historically significant people, places, things, issues, or events," remain objective in an area that begs for subjectivity. We suggested that a process should exist to ensure that the determination of the intrinsic value of a record is the result of a pragmatic, orderly, and objective methodology that minimizes the subjectivity any given archivist brings to the table on any given day.

  • commented on the draft directive titled "NARA 1701, Loans of Holdings in NARA's Physical and Legal Custody." We suggested the need for a centralized database that would provide the current status of all loans at all times and enable appropriate oversight and security of NARA's borrowed holdings. We questioned the time allowed in the draft to report an overdue loan, as well as when the OIG should be notified that a loan of a NARA holding is past due.

  • commented on the draft revision titled "NARA 804, Information Technology (IT) Systems." We suggested that since NARA's Security Architecture (SA) and Enterprise Architecture (EA) are so heavily intertwined, that updates to the EA be announced by notices distributed agency-wide. Because this directive "further establishes the authority of the NARA IT security architecture (SA) to guide, direct, and mandate IT security activities," we believe it would be prudent to inform the NARA population of any changes to the authority of the SA.

  • commented on the new draft directive titled "NARA 1572, Security for NARA Holdings." We emphasized that in accordance with NARA Directive 1202, when a theft is suspected, NARA'staff are required to report the suspected theft to the OIG immediately. Furthermore, regarding holdings at affiliated archives, we suggested that the directive state with specificity the standards of holdings security to which an affiliated archive must comply.

  • commented on the revised directive titled "NARA 1462, Replevin of Archival Materials." We believe this directive has significant problems in terms of the relationship of the replevin process of NARA's Office of General Counsel to the criminal investigative process. With that issue in mind, we suggested postponement of issuance of the directive until completion of further discussion regarding its content.

Top of Page


Introduction

About the National Archives and Records Administration

Mission

The National Archives and Records Administration ensures, for the Citizen and the Public Servant, for the President and the Congress and the Courts, ready access to essential evidence.

Background

NARA, by preserving the nation's documentary history, serves as a public trust on which our democracy depends. It enables citizens to inspect for themselves the record of what the Government has done. It enables officials and agencies to review their actions and helps citizens hold them accountable. It ensures continuing access to essential evidence that documents the rights of American citizens, the actions of Federal officials, and the national experience.

Federal records reflect and document America's development over more than 200 years and are great in number, diverse in character, and rich in information. NARA's archival holdings amount to 3.1 million cubic feet of records. These holdings include architectural/engineering drawings, maps, and charts; moving images and sound recordings; photographic images; 543,564 artifact items; and 8.1 billion logical data records.

NARA involves millions of people in its public programs, which include exhibitions, tours, educational programs, film series, and genealogical workshops. In FY 2005, NARA hosted 2.7 million museum visitors and 193,247 public program attendees, while responding to 1.1 million written requests from the public. In addition, NARA responded to 9.9 million Federal agency reference requests, more than 24,600 Federal agency requests for appointments to review records, and provided records management training to 3,366 individuals. NARA publishes the Federal Register and other legal and reference documents that form a vital link between the Federal Government and those affected by its regulations and actions. Through the National Historical Publications and Records Commission, NARA helps to preserve and publish non-Federal historical documents that also constitute an important part of our national heritage. NARA also administers the Nixon Presidential Materials Project, and 11 Presidential libraries that preserve the papers and other historical materials of all past Presidents since Herbert Hoover.

Resources

In FY 2005, NARA was appropriated an annual budget of approximately $321 million and 2,870 Full-time Equivalents (FTEs), which included appropriations of $266 million for operations, $35 million for the Electronic Records Archive (ERA) program, $13 million for repairs and restorations of facilities, and $5 million for grants. NARA operations are spread throughout 34 facilities nationwide.

About the Office of Inspector General (OIG)

The OIG Mission

The OIG's mission is to ensure that NARA provides the American people with ready access to essential evidence by providing high-quality, objective audits and investigations, and serving as an independent, internal advocate for economy, efficiency, and effectiveness.

Background

The Inspector General Act of 1978, as amended, established the OIG's independent role and general responsibilities. The Inspector General reports to both the Archivist of the United States and the Congress. The OIG evaluates NARA's performance, makes recommendations for improvements, and follows up to ensure economical, efficient, and effective operations and compliance with laws, policies, and regulations. In particular, the OIG

  • assesses the effectiveness, efficiency, and economy of NARA programs and operations
  • recommends improvements in policies and procedures to enhance operations and correct deficiencies
  • recommends cost savings through greater efficiency and economy of operations, alternative use of resources, and collection actions
  • investigates and recommends legal and management actions to correct fraud, waste, abuse, or mismanagement

Resources

The FY 2005 OIG budget is approximately $1.8 million for operations. The OIG now has 15 FTEs. At full staffing, in addition to the Inspector General and support staff, 9 FTEs are devoted to audits, 3 to investigations, and 1 as counsel to the Inspector General. During the period, a Special Agent position was vacated and an IT audit position was filled. Currently, the OIG is in the process of hiring a Special Agent to fill the vacant position. The OIG is seeking additional audit and investigative resources to support the work of this office as defined in the current and FY 2007 budget submissions to the Archivist.

Top of Page


Office of Inspector General Activities

Involvement in the Inspector General Community

President's Counsel on Integrity and Efficiency (PCIE) and Executive Counsel on Integrity and Efficiency (ECIE) Legislation Committee.The IG served as one of two ECIE representatives to the Legislation Committee. The Legislation Committee assists the IG community in effectively carry out its duties as specified in Executive Order 12085. In particular, these responsibilities are to identify, review, and discuss areas of weakness and vulnerability in Federal programs; conduct operations to uncover fraud, waste, and abuse; and develop plans for coordinated, Government-wide activities that address these problems and promote economy and efficiency in Federal programs and operations.

Council of Counsels to Inspectors General (CCIG).The OIG legal counsel participated in meetings of the CCIG and communicated regularly with fellow members. Multiple topics were raised, discussed, and addressed including: providing Reports of Investigation to members of Congress; law-enforcement authority of OIG Special Agents; appropriateness of Garrity and Kalkines warnings in coordination with Department of Justice guidelines; pending legislation amending the IG Act; when an audit becomes an investigation and the transfer process; trading/acquiring firearms for OIG Special Agents; effectiveness of agency computer network banners; inconsistencies between the IG Act and the Presidential Records Act; various Freedom of Information Act (FOIA) and Privacy Act issues; and ethics and other training opportunities.

Federal Audit Executive Council (FAEC).The Assistant Inspector General for Audits (AIGA) continued to serve as an ECIE representative to the FAEC. During the period, the AIGA attended FAEC's meeting to discuss topics such as financial statement audit issues, revisions to the PCIE External Peer Review Guide, opinion reports on internal controls, and information security.

Response to Congressional Items

Federal Information Security Management Act (FISMA) of 2005.Together with the NARA Chief Information Officer (CIO), the OIG provided the Office of Management and Budget (OMB) the 2005 Annual Security Review report pursuant to the Federal Information Security Management Act (FISMA). FISMA requires Federal agencies to take a risk-based, cost-effective approach to secure their information and systems, identify and resolve current IT security weaknesses and risks, and protect against future vulnerabilities and threats. The act lays out a framework for annual IT security reviews, reporting, and remediation planning. Under this framework, the Federal Government is able to quantitatively determine both IT security progress and problems. This information is essential to ensuring that remediation efforts and IT resources are prioritized, resulting in the timely resolution of IT security weaknesses.

We believe, as reflected in our report, that NARA continues to make significant progress toward the development and implementation of a program that will ensure the security of NARA information systems and comply with Federal regulations. However, despite these efforts, the agency's security program still contains weaknesses that must be addressed in order for NARA to have a comprehensive and integrated security program.

Inventory of Commercial Activities

We submitted to OMB our FY 2005 inventory of commercial activities performed by OIG employees. The Federal Activities Inventory Reform Act of 1998, Pub. L. 105-270 (the FAIR Act), requires Federal agencies to prepare and submit to OMB, by June 30 of each year, inventories of their commercial activities performed by Federal employees. OMB is required to review each agency's inventory and consult with the agency regarding its content. Upon completion of the review and consultation, OMB is required to list the available inventories in the Federal Register, and the agency head must transmit a copy of the inventory to the Congress and make it available to the public.

Other Activities

Federal Audit Executive Council Annual Conference. The AIGA attended the FAEC annual conference held in Williamsburg, Virginia, on April 26 -April 27, 2005, to discuss current challenges and issues within the OIG audit community such as training, implementation of new OMB A-123, Management Accountability and Control, guidance, financial statements, peer review guidance, and FISMA.

OIG Investigations Tracking System. During the period, the OIG planned, received funding, and contracted for an OIG Investigations database tracking system. This system was needed to replace the current antiquated system and to provide the OIG with better management and tracking of investigations.

OIG Policies and Guidelines. During the period, the OIG drafted and implemented an OIG Professional Certification Policy. The policy provides for reimbursement of fees (within policy guidelines) associated with acquiring professional credentials. The purpose of the new policy was to promote continuous learning and competency development in OIG staff by encouraging staff to obtain professional certifications related to organizational goals and objectives.

Top of Page


Audits

Overview

This period, we issued

  • 5 final audit reports
  • 2 audit memorandum
  • 3 management letters

We completed fieldwork on the following assignment:

  • an audit of NARA's perimeter security to determine if the controls surrounding the boundary of the NARA computer network provide reasonable protection from external intruders
  • an audit of the appropriateness of modifications made to a contract task order awarded by NARA officials to acquire ITSS
  • an audit of the NARA loan program to assess the compliance with policies and procedures and ensure that items are adequately safeguarded when loaned
  • an audit of high-valued items to determine whether management controls are adequate to properly safeguard specially protected records and artifacts stored in secured stacks, vaults, and safes

We also continued work on the following assignments:

  • an audit of NARA Enterprise Architecture to determine if NARA has established and is managing its enterprise architecture in accordance with Federal best practices
  • an audit of NARA's System Administrator rights and controls to determine if NARA has instituted appropriate levels of controls for ensuring that NARA'systems and information are properly secured
  • an evaluation of the accuracy of Performance Measurement and Reporting System (PMRS) data to verify the validity of the data entered into the PMRS and reported to OMB

Audit Summaries

Evaluation of NARA's Preservation Program

In FY 2004 National Archives and Records Administration (NARA) Performance and Accountability Report, the former Archivist defined five strategic goals for this agency. One strategic goal was to ensure that "all records are preserved in an appropriate environment for use as long as needed." NARA currently holds more than 3.6 million cubic feet of textual and non-textual records and artifacts. Thus the challenge in meeting this goal is daunting and highly complex as the volume of records, even excluding electronic records, is huge; time and the environment are the archivists' enemies; the media are diverse; there are multiple repositories across the country; and the resources to address this task are limited and finite. Therefore, it is paramount for NARA to optimize its resources to realize the goal of preserving its holdings for as long as needed.

Our audit identified that while there is a commitment and good intent on the part of NARA'staff to meet the aforementioned challenge, there is also a need to address significant resource and reporting deficiencies that currently impede their best efforts. It is our opinion that these deficiencies represent a material weakness that affects NARA's ability to carry out its mission of providing ready access to essential evidence. Specifically, we identified that items needing preservation have not been identified; budget and staffing are inadequate to address preservation needs in a timely manner; criteria for assessing preservation needs are not consistently applied; archival storage facilities are not in compliance with storage standards; and preservation performance measurement data is incorrect.

We recommended that management refine the methodology and employ resources to survey, identify, document, and rank NARA records needing preservation; require archivists and curators to identify and report known at-risk records needing preservation on their respective lists; determine and utilize a consistent usage criterion for all NARA records; identify baseline preservation requirements in terms of budgetary resources for consideration and action on the part of the Archivist; ensure that preservation actions focus on high-risk records prior to working on low-risk records; conduct a needs analysis of each facility not meeting the archival standards, including anticipated costs to make the facilities compliant with the standards; quantify all funding requirements and ensure that all NARA archival facilities will be compliant by 2009; review the data that was utilized to generate the performance measurement data since its development in 1999; and make the necessary corrections and consider adding another performance measurement metric to capture performance on medium- and low-risk projects. Management concurred with our recommendations and initiated corrective action. (Audit Report #05-13, dated June 22, 2005)

Review of Proposed Modification of the Information Technology Support Services Task Order Security Program Requirements

This audit was performed as a direct result of a previous audit report, "Audit of the NARA'systems Security Program", report number 01-05, issued in 2001, by the OIG, which reported that NARA had not installed an intrusion detection system (IDS) to protect highly sensitive and visible holdings. In response to the OIG's concerns, the Archivist directed the Chief Information Officer (CIO) to address this vulnerability. During fiscal year 2002, NARA implemented an IDS that monitors both internal and external attempts to access NARA's network (NARANet). The overall objective of this audit was to evaluate the current IDS and determine whether adequate controls were in place to safeguard NARA's information system network and assets.

Our review disclosed that the proposed modification was inappropriate because the statement of work for the ITSS task order contained a requirement for the contractor to establish a network security program, including the implementation and maintenance of security hardware and software installed on the agency's computer network. During our review, management cancelled the inappropriate modification. If the modification had been issued, depending on the outcome of negotiations with the contractor, the agency would have incurred significant, additional task order costs of between $3.23 and $5.22 million to have the contractor continue to meet this requirement.

Because management cancelled the modification, we made no recommendations for corrective action. (Audit Memorandum #05-19, dated July 6, 2005)

Review of the Information Technology Support Services Contractor's Quality Assurance (QA) and Quality Control (QC) Program

We performed an audit of the ITSS contractor's QA and QC program to determine if (a) the contractor was providing adequate quality assurance and quality control in accordance with contract requirements, and (b) NARA officials were performing adequate oversight and monitoring of the contractor's quality assurance and quality control program. Under the ITSS contract, the contractor provides information technology support in a number of areas including program management, help desk, network infrastructure, and system development, among others. Under the terms of the contract, the contractor is also required to develop and implement a Quality Program to ensure quality control for all task order deliverables.

Our review found that the contractor was not meeting contractual requirements to implement a quality control program. Responsible NARA officials were either unaware of the contractors failure to institute a quality control program in accordance with contract requirements or did not act to address this failure. Specifically, the contractor was not performing major tasks such as (a) maintaining quality assurance and quality control metrics; (b) preparing various quality assurance reports and corrective action requests; (c) conducting process evaluations; and (d) conducting audits in accordance with their quality program. We also found that the contractor did not budget an adequate number of hours in their proposal to perform a quality program, and the Contracting Officer's Representative (COR) did not properly discharge her duties for inspecting and accepting services performed. As a result, the contractor is providing service below the level provided for in the contract, NARA is paying for services the contractor has not performed, and NARA may be rewarding the contractor, via the award fee component of the contract, for performance that does not actually exceed contract requirements.

We recommended that management: (1) require the contractor to establish and operate a quality program in accordance with the terms of the ITSS contract task order, or seek a decrease in the task order price if the contractor proposes, and NARA accepts, a diminished level of effort related to quality assurance and quality control activities; (2) direct the COR for the ITSS contract task order to review and agree to any proposed changes in the contractor's QA and QC plans ensuring that any diminished level-of-effort will continue to provide NARA with adequate quality assurance; and ensure that the task order COR develops and adheres to an adequate quality-monitoring plan that provides NARA assurance the contractor is complying with task order requirements and its Quality Program as defined by its QA and QC Plans. Management concurred with our findings and has instituted action to implement our recommendations. (Audit Report #05-14, dated August 12, 2005)

Review of Contractor Resources Utilized on the Information Technology Support Services Contract

This audit examined contractor resources utilized in the contract task order awarded by NARA to acquire Information Technology Support Services (ITSS). The objective of this review was to evaluate whether personnel employed by the ITSS contractor have the appropriate qualifications, resources, and background investigations for the positions they are assigned.

We found that the process for performing background investigations is not adequate to ensure that contractor personnel have the appropriate level of background investigation commensurate with the inherent risk assigned to the position and responsibilities they fulfill. NARA officials failed to comply with internal procedures and guidance adopted to mitigate this condition. Specifically, our audit noted that position risk designation analyses for ITSS contractors, categorizing positions as high risk, moderate risk or low risk based on the duties and responsibilities of the position as required by NARA Interim Guidance 273-1, "Suitability Determinations for Incumbents in IT Positions," and NARA's IT Security Handbook, were not performed. Thus, approximately 96 contract employees were, by default, considered to be holding positions of low risk and given the lowest level of background review, a National Agency Check and Inquiry (NACI). Also, five contractor employees had no background investigations (even the baseline NACI) performed as required by the contract, and NARA inappropriately paid $4,192 for background investigations initiated under the ITSS contract. This is not in compliance with the NARA IT Security Handbook on Operations Controls, which states that contractors will be held responsible for the cost of background investigations.

The OIG recommended that all IT positions be individually re-evaluated in terms of their risk and sensitivity levels, that appropriate background screenings and investigations be conducted based upon the newly assessed designations, and that NARA determine if any positions warrant periodic re-investigation. Additionally, we recommended that responsible IT managers and supervisors receive position risk designation training covering the Office of Personnel Management (OPM) requirements and that IT contracts include necessary language to ensure that the appropriate paperwork be submitted for IT position in order to receive the appropriate level of background screening and investigation based upon position risk and sensitivity designations. (Audit Report #05-21, dated September 30, 2005)

Review of the National Historical Publication and Records Commission (NHPRC)

The objectives of our review were to determine if recipients of grant funds were complying with the regulations found in OMB and NHPRC guidance, and to determine if grant funds were appropriately expended. We selected two grants for review: a $240,741 grant and a $43,308 grant. To accomplish our objectives, we reviewed pertinent NARA and OMB guidance pertaining to applications for and awards of grants.

Our audit disclosed no findings from our review of the $240,741 grant. However, for the other grant reviewed, we found that the grantee did not apply the agreed-to percentage to their matching funds, resulting in $22,610 of questioned costs. The grantee agreed with our findings and issued the NHPRC a refund check in the amount of $12,378.6 Because there were no recommendations from this audit, we issued management an audit memorandum disclosing our efforts. (Audit Memorandum #05-20, dated July 29, 2005)

Audit of NARA's Travel Card Program

We performed an audit of travel-related expenses for FY 2004 to determine if the travel program is operating in accordance with applicable laws, regulations, and agency polices and procedures. Specifically, we tested travel transactions to determine if new cardholders received/reviewed required documentation; procedures were in place to determine if departed employees turned in their travel cards prior to leaving NARA; employees were making inappropriate or non-travel charges; and the travel charges were related to official travel as demonstrated by the approved travel authorizations, travel vouchers, and travel receipts.

As a result of the audit, we concluded that most cardholders used their travel cards properly and promptly paid amounts owed to Citibank. However, we found several instances of misuse and identified internal control weaknesses in the oversight of the travel program. We noted that some employees received unauthorized cash advances, some travel was authorized after the official travel date, and some non-travel expenses were charged to travel charge cards. We also noted that the Financial Services Division (NAB) is not notifying employees or the OIG of questionable charges in a timely manner. There were also several instances of improper reimbursement of travel charges.

We recommended that management conduct monthly reviews of the monthly detailed reports, cash advance reports provided by Citibank, cardholders travel vouchers, and authorizations, to monitor cardholder use and to ensure that the travel card is used only for official government business travel. In addition, we recommend that NAB ensures that all travel and miscellaneous reimbursements are properly classified and accounted for, that all travel vouchers are accompanied by clear and proper supporting documentation, and that all travel is authorized prior to the travel start date. (Audit Report #05-15, dated July 22, 2005)

Audit of NARA's Compliance with the Prompt Payment Act

We performed a review of FY 2004 interest penalty payments, totaling $14,676. We judgmentally selected 30 interest penalty transactions totaling $9,409, or 64 percent of the population, and reviewed documentation to determine the reason why payments were late. We also recalculated the interest penalty amount to determine if the amount was calculated in accordance with the Prompt Payment rule. We did not calculate the same interest penalty amount as GSA calculated for 21 of the 30 transactions. At our request, GSA reviewed 8 of the transactions and agreed that NARA underpaid the interest penalty on 3 of the transactions. Whenever an invoice is paid late, GSA will enter an interest reason code into PEGASYS,7 which indicates the reason for late payment. For 24 of the 30 transactions tested, the interest reason code was the number 2, which was "finance center delay" or "error by the paying office." Thus, NARA incurred interest penalties due to GSA delays.

We noted that NARA's NAB is not monitoring the causes of the interest penalties. We also noted that NAB is not ensuring that the proper amount of interest is being remitted to vendors. NAB is relying on GSA, NARA's accounting service provider, to ensure that payments are made in a timely manner. If the payments are not made on time, then NARA is relying on GSA to calculate and remit the proper interest penalty payment to the vendor.

We recommended that NAB establish policies and procedures for monitoring disbursements being paid within the guidelines of the Prompt Payment rule. These polices should include monthly reviews of the interest payment schedule to determine the reason for late payment and to recalculate the interest penalty, to ensure that the proper amount is being paid to the vendors. (Audit Report #05-16, dated July 22, 2005)

Management Letters

NARA's Investment Management Decide Process

The OIG through this management letter brought to the Archivist's direct attention the third major instance within two years, which management has failed to comply with requirements of the Clinger-Cohen Act8 and NARA 801, Review of Information Technology Investments. NARA 801 was implemented as a means of ensuring that information technology (IT) investments are subject to appropriate scrutiny prior to the "go" decision in compliance with the Clinger-Cohen Act of 1996. In the two prior instances, NARA bypassed NARA 801 requirements and made the "go" decision to spend approximately $3.5 million on fiber-optic cabling for NARA's computer network, and then spent another $3.5 million to upgrade the network's operating system and electronic messaging software. In this case, NARA'signed an agreement to convert to a new, automated accounting system again without having first met the requirements of NARA 801. This action, once again, constitutes a violation of the law and NARA internal guidance. As a result, we as an agency continue to commit to significant IT investments prior to compiling demonstrated evidence that these investments are in the best interests of the agency and, thus, our customers and the American taxpayer.

The OIG discovered that management circumvented the NARA 801 process when making the decision to change its accounting cross service provider, including the automated system for providing accounting services. NARA currently procures accounting services from the GSA.9 Because of numerous problems with the service provided by GSA, in September 2004, management signed an agreement with the Bureau of Public Debt (BPD), Administrative Resources Center (ARC), to provide full accounting services starting in FY 2006.

When asked for the 801 documentation supporting this decision, management responded that "NH did not fully understand the timeframes in which a decision for a new provider needed to be made and NA did not fully understand the processes that needed to be followed when switching from one IT service provider to another to be in compliance with 801. When NH understood that NA had made a decision to switch to BPD, NH immediately began working with NA to develop documentation." In addition to our continuing concern that management is not complying with agency guidance for IT investments, we also consider it to be a waste of agency resources to prepare the extensive amount of documentation (e.g., Summary and Full IT Project Proposals, Analysis of Alternatives, Cost/Benefit Analysis, Risk Assessment, etc.) required to support a decision that management has already made. (Management Letter #05-12, dated April 13, 2005)

Server Vulnerability Risks

The OIG informed the Archivist through this management letter that information residing on NARA employees' private drives on a NARA'server were visible to a number of users with inappropriate access rights. This problem existed because certain user accounts were given inappropriate access rights.

The OIG received a complaint concerning inappropriate user access to "H" drives on the Washington server from a NARA'staffer. The NARA'staffer was concerned because a subordinate had informed him that she had access to all the private "H" drives on the Washington server. Additionally, the subordinate informed the NARA'staffer and the OIG that she had notified the Help Desk and a ticket was created. However, a week later the issue remained unresolved.

We learned that despite management's knowledge of the problem, no clear remediation plan had been developed to ensure that user10 rights were corrected on the Washington, DC,11 server. In fact, the contractors could not tell us the number of users with such inappropriate rights. One contractor postulated that the problem was due to the method by which user accounts were created in the past, after having noted that many of the user accounts with inappropriate rights were created several years ago. Therefore, it is our belief that users had inappropriate access to other parties "H" drives for an extended period of time. Currently, user accounts are created using a template that ensures rights are appropriately controlled. (Management Letter #05-17, dated June 16, 2005)

NARA's Ability to Inspect Employee's Personal Property

Based on an allegation of employee theft at a Presidential library, the OIG learned that absent a search warrant, NARA has no clear, entity-wide regulatory policy that allows for inspection of packages, briefcases, handbags, and other containers in the immediate possession of employees at a NARA facility. Our assessment of pertinent guidance revealed that unless NARA facilities are under GSA control, the authority to search employees' packages provided in the GSA regulations does not apply. Therefore this situation creates a potential security risk at NARA-owned facilities and the Presidential libraries and the potential for violation of Fourth Amendment rights by NARA. As a result of these risks, we notified the Archivist of these conditions through a management letter.

The inspection of personal property of visitors is authorized at the National Archives Building, the National Archives at College Park, and the Presidential libraries pursuant to Title 36 CFR Part 1280 (Public Use of NARA Facilities). Additionally, inspections of visitors' personal property at NARA facilities controlled by the GSA are authorized by reference in NARA's regulations to 41 CFR Part 102-74, Subpart C, of GSA's Facility Management Regulations.

Traditionally, NARA has also utilized GSA's Facility Management regulations as authority to search the property of its employees. We believe, however, that such reliance is partially misplaced. The GSA regulations state that "Federal agencies may . . . inspect packages, briefcases and other containers in the immediate possession of visitors, employees or other persons . . . ." 41 CFR § 102-74.370. This language at first glance appears to provide the appropriate authority to inspect employees' personal property. However, the applicability of the GSA regulation is limited to "property under the authority of the General Services Administration . . . ." 41 CFR § 102-74.365."

One possible remedy to this issue is to amend NARA's governing regulations (Title 36 of the CFR) to include language similar to that found in the GSA regulations that provide authority for NARA to search the personal property of any person at, entering, or leaving any NARA facility, including the Presidential libraries. Such language, in concert with appropriate signage, NARA Notices, and new-hire briefings would provide the greatest level of support to OIG's law-enforcement function, increase the security of NARA's holdings, and reduce the potential for a constitutional violation. (Management Letter #05-22, dated July 25, 2005)

Top of Page


Investigations

Investigative Case Summaries

Stolen Presidential Pardons

The Investigations Division was contacted by a concerned citizen in the document community about two Presidential Pardons, an Extradition Request, and a Warrant to affix a seal. The pardons were verified as being part of a previous theft from a NARA facility by a former NARA employee. The former employee was convicted of theft of Government records and sentenced to Federal prison. The Investigations Division recovered the two Presidential Pardons and returned them to NARA.

Alienated Historical Document

The Investigations Division was informed that a letter from Lt. Henry Heth, USA 6th Infantry, dated December 20, 1851, was being offered for sale on an online auction site. The owner relinquished this document but could not provide the provenance. If any leads are developed, this matter will be investigated further.

Compromise of CMRS and PERL Servers

The NARA Intrusion Detection System reported an attempt by a remote computer to exploit a known Windows vulnerability to upload an exploit to the Case Management Reporting System (CMRS-02) server. Subsequent to this attempt, the entire CMRS network was affected by the exploitation. The investigation showed that both the CMRS-02 server and the Presidential Electronic Records Library (PERL) server named "WJC-CDSS" were compromised. The exploitation gave the intruder full administrative rights and access to both of these servers and to the 11 computer workstations that were also compromised in this attack. Although direct evidence of data exfiltration from either server was not found, the level of access granted to the intruders and the trust relationships between the compromised servers and computers made circumvention of internal controls possible, so proprietary data exfiltration cannot be definitively ruled out. This case is pending a prosecutive decision.

Missing File from the John G. Roberts, Jr., Collection Entitled "Affirmative Action Correspondence" at the Ronald Reagan Presidential Library and Museum

On July 18 and 19, 2005, a White House employee and two assistants were granted special access pursuant to the Presidential Records Act to review White House Counsel's office files from 1981 to 1986 held at the Ronald Reagan Presidential Library and Museum. On July 21 or 22, 2005, while attempting to locate files contained in the above record group to respond to a Freedom of Information Act request, a file contained in the John G. Roberts, Jr., collection entitled "Affirmative Action Correspondence" was discovered missing. The Investigations Division was unable to determine whether the missing file was taken or lost. In providing the files to the researchers, NARA policies and procedures were not consistently followed.

Operating a Private Business While at Work

he Investigations Division received an allegation that a NARA employee was engaged in private business activities while at work. It was alleged the employee routinely used NARA computers to purchase items online, which the employee then sold through independent distributorship. The investigation proved the allegation, which was forwarded for appropriate action. The employee received a three-day suspension.

Investigative Case Updates

Theft of NARA Historical Documents

The Investigations Division received information that a NARA historical document was listed for auction on the Internet. The Investigations Division recovered this document and several other Civil War-era documents. On March 7, 2005, the subject pled guilty to one count of 18 U.S.C., Section 668: Theft of Major Artwork in the United States District, District of Columbia. To date, a total of 42 NARA documents have been recovered. These documents continue to be sold for significant sums of money. Update: On April 4-5, 2005, the Investigations Division and NARA archivists searched the subject's residence for additional documents per the plea agreement. No NARA original documents were found. However, library books from University of Virginia, Alderman Library were found. On May 26, 2005, the subject was sentenced to two years imprisonment to be followed by two years of supervised release. The subject was also fined $10,000. Judge James Robertson noted the need for a strong sentence to deter future theft from the National Archives and to reflect the seriousness of the crime.

Theft of Presidential Classified Documents

A former National Security Advisor to President William J. Clinton reviewed documents and materials containing classified information of the United States stored at NARA. On or about September 2, 2003, and October 2, 2003, this former National Security Advisor removed such classified material without authorization with intent to retain the material at an unauthorized location. On March 31, 2005, an information was filed in the United States District Court for the District of Columbia charging one count of 18 U.S.C. § 1924: Unauthorized Removal and Retention Of Classified Material, a Class A Misdemeanor. Update: On September 8, 2005, the former National Security Advisor was sentenced 2 years probation, 100 hours community service, fined $50,000, and denied access to classified information for a period of 3 years.



OIG HOTLINE

The OIG Hotline provides a prompt, effective, and confidential channel for reporting fraud, waste, abuse, and mismanagement to the OIG. In addition to receiving telephone calls at a toll-free Hotline number and letters to the Hotline post office box, we also accept email communication from NARA's internal network or the Internet through the Hotline email system. Walk-ins are always welcome.

The Investigative Division promptly and carefully reviews calls, letters, and e-mail to the Hotline. We investigate allegations of suspected criminal activity or civil fraud and conduct preliminary inquiries on noncriminal matters to determine the proper disposition. Where appropriate, referrals are made to the OIG Audit Staff or to NARA management.

The following table summarizes Hotline activity for this reporting period:

Cases Opened* 15
Referred Outside the OIG 71
No Action Necessary 70
Closed from Last Reporting Period 32
Pending 11
Total Hotline Complaints 131

*Cases included in investigative workload statistics.

Top of Page


Management Assistance

On May 11, 2004, the OIG issued Advisory Report #04-15, Review of NARA's Water and Sewer Billing Adjustment Charge from the Washington Suburban Sanitary Commission (WSSC) to advise the Archivist that the OIG had questioned $118,594 of $128,000 in charges levied against NARA by the WSSC for the period January 2003 through February 2004. We questioned these charges because they were determined to be unreasonable according to the Federal Acquisition Regulation (FAR) and represented a fine, penalty, or tax that, according to appropriations law, NARA is not authorized to pay.

Since the issuance of our report in May 2004, the OIG has assisted the NARA Office of General Counsel (NGC) in addressing questions and WSSC legal concerns related to the costs questioned. We met with the NGC and provided guidance in addressing legal questions and documentation requirements. As a result of NGC and OIG efforts, NARA received a refund check of $63,638 of the $128,000 originally paid from WSSC.

Top Ten Management Challenges

Under the authority of the Inspector General Act, the NARA OIG conducts and supervises independent audits, investigations, and other reviews to promote economy, efficiency, and effectiveness and prevent and detect fraud, waste, and mismanagement. To fulfill that mission and help NARA achieve its strategic goals, we have aligned our programs to focus on areas that we believe represent the agency’s most significant challenges. We have identified those areas as NARA’s top ten management challenges. These challenges are listed below.

1. Electronic Records Archives (ERA)

NARA and the Lockheed-Martin Corporation are building an Electronic Records Archives (ERA) with the goal of ensuring the preservation of, and access to, Government electronic records. The pace of technological progress makes formats in which the records are stored obsolete within a few years, threatening to make them inaccessible even if they are preserved intact. ERA is to be a comprehensive, systematic, and dynamic means of preserving virtually any kind of electronic record, free from dependence on any specific hardware or software. The ERA system is targeted to enable Federal agencies to transfer any type or format of electronic record to the National Archives, so that citizens can locate records of interest and the National Archives can deliver these materials in a usable format.

NARA's challenge is to build a system that will accommodate past, present, and future formats of electronic records. To mitigate the risks associated with development and acquisition of an advanced electronic archival system, Congress directed NARA to reassess the ERA project schedule based on estimates of the amount of work and resources required to complete each task. Beginning on October 1, 2002, NARA was required to submit to Congress a quarterly report on the status of the project's schedule, budget, and expenditures as measured against a reported baseline; a prioritization of project risks and their mitigation efforts; and corrective actions taken to manage identified schedule slippage, cost overruns, or quality problems that might occur. By September 2007, NARA plans to have initial operating capability for ERA with planned incremental improvements that will eventually result in full system capability. The challenge will be to deliver and maintain a functional ERA system that will preserve electronic records for as long as needed.

2. Electronic Records Management (ERM)

NARA directs one of 24 Government-wide initiatives, the Electronic Records Management (ERM) initiative. The ERM initiative will provide guidance to agencies in managing and transferring to NARA, in an increasing variety of data types and formats, their permanent electronic records. For many years, Federal records were created on paper and stored in files and boxes with NARA. Now, electronic records are created by Government agencies at an astounding rate, challenging NARA to find ways to manage and preserve them. NARA is a key player in e-Government and managing partner for the e-Government ERM initiative. E-Government is part of President Bush's management agenda aimed at making it easier for citizens to obtain high-quality service from the Federal Government while reducing the cost of delivering those services. NARA enlisted partner agencies, developed a detailed plan for accomplishing its objectives, and issued the first guidance on transferring e-mail records to NARA. NARA and its Government partners are challenged with trying to figure out how to manage electronic records in an electronic manner, to make ERM and e-Government work more effectively.

This year NARA collaborated with records management and enterprise information architecture stakeholders from eighteen Federal agencies, NARA'subject matter experts, and industry and academic experts to develop a set of records management activity names, a finalized set of functional requirements, and a prioritized list of component activities. These requirements serve as a baseline and starting point for the procurement and development of records management service components.

3. Improving Records Management

NARA's mission is to ensure that Federal officials and the American public have ready access to essential evidence. One way NARA addresses its mission is by assisting agencies with the management of their records from the time that those records are created. Without effective records management, records needed to document citizens' rights, actions for which Federal officials are responsible, and the historical experience of our nation will be at risk of loss, deterioration, or destruction. According to NARA's Strategic Plan, to minimize these risks, NARA will work in active partnership with the administration, Federal officials, the Congress, and Federal courts to help them create, identify, appropriately schedule, and manage record material. This will enable the Government to preserve records as long as they are needed to protect rights, ensure accountability, document the national experience, and to destroy unneeded records as soon as it is practical to do so.

NARA must work with Federal agencies to make scheduling, appraisal, and accessioning processes more effective and timely. The challenge is how best to accomplish this component of our overall mission and identify and react to agencies with critical records management needs.

4. Information Technology Security

The authenticity and reliability of our electronic records and information technology systems are only as good as our IT security infrastructure. Each year, the risks and challenges to IT security continue to evolve. NARA must ensure the security of its data and systems or risk undermining the agency's credibility and ability to carry out its mission.

IT security becomes even more critical as NARA increases its visibility through the implementation of e-Government initiatives that expand online services to the public. The more NARA increases electronic access to its services and records, the more vulnerable the agency is to intrusions, viruses, privacy violations, fraud, and other abuses of its systems. The risk related to IT security is endemic to all Federal agencies and has been identified by the Government Accountability Office (GAO) as one of its top 10 high-risk challenges.

5. Expanding Public Access to Records

In a democracy, the records of its archives belong to its citizens. NARA's challenge is to more aggressively inform and educate our customers about the services we offer and the essential evidence to which we can provide access. NARA envisions expanding opportunities for individual citizens, educational institutions, and Federal agencies to make use of those records. New technologies are making it easier to reach all users in their homes, schools, and workplaces. NARA must increase partnerships with Government agencies at all levels and with universities and corporate communities to take advantage of new means to bring the holdings of the National Archives to people no matter where they are located.

Mastering this challenge requires that NARA listen to its customers and improve access to records in ways that meet customer needs and customer service standards. This will require NARA to enhance its efforts to create comprehensive catalogs and indexes for our holdings so that users can find the records they need; make documentary material available through the Internet; improve reference service; and help Presidents at the beginning of their administrations plan for public access to their records in Presidential libraries.

6. Meeting Storage Needs of Growing Quantities of Records

NARA-promulgated regulation, 33CFR, Part 1228, "Disposition of Federal Records," Subpart K, "Facility Standards for Records Storage Facilities," requires all facilities that house Federal records to meet defined physical and environmental requirements by FY 2009.

Specifically, in January 2000, NARA revised the regulations for public and private facilities that store Federal records to (1) improve the environment and safeguards for Federal records by incorporating stricter facility standards and advances in sprinkler technology; (2) reflect building design measures that may prevent or minimize fire and water damage to records; and (3) ensure uniform facility standards for all records centers, both public and private, that store and protect Federal records. NARA's challenge is to ensure compliance with these regulations internally as well as by other agencies that house Federal records.

7. Preservation Needs of Records

The Archivist has identified preservation as a material weakness under the Federal Managers' Financial Integrity Act (FMFIA) reporting process. NARA cannot provide public access to records to support researchers' needs unless it can preserve them for as long as needed. Providing public access to records for future generations requires that NARA assess the preservation needs of the records, provide storage that retards deterioration and treat or duplicate and reformat records at high risk for deterioration. NARA must preserve paper records, motion pictures, audio recordings, videotapes, still photography, aerial photography, microfilm and other microforms, and maps and charts in a variety of formats in our holdings. NARA must ensure that its risk management program adequately identifies and addresses all records needing preservation in a timely manner.

As in the case of our national infrastructure (bridges, sewer systems, etc.), NARA holdings grow older daily and are degrading. NARA is challenged to address the following questions: are we effectively identifying those holdings that are both most at risk and most important in terms of priority. Who makes this determination, upon what criteria is it based, and is it being soundly and properly applied? Are resources and the technology available and sufficient to meet the preservation needs of these records?

8. Improving Financial Management

By inclusion under the Accountability of Tax Dollars Act of 2002, NARA is required to prepare audited financial statements in compliance with prescribed standards, subject to independent audit.

The Federal Government has a stewardship obligation to prevent fraud, waste, and abuse; to use tax dollars appropriately; and to ensure financial accountability to the President, the Congress, and the American people. Timely, accurate, and useful financial information is essential for making day-to-day operating decisions; managing the Government's operations more efficiently, effectively, and economically; meeting the goals of the Federal financial management reform legislation (Chief Financial Officers Act); supporting results-oriented management approaches; and ensuring accountability on an ongoing basis.

In identifying improved financial performance as one of its five Government-wide initiatives, the President's Management Agenda (PMA) stated that a clean financial audit is a basic prescription for any well-managed organization and recognized that "most federal agencies that obtain clean audits only do so after making extraordinary, labor-intensive assaults on financial records." Further, the PMA stated that without sound internal controls and accurate and timely financial information, it is not possible to accomplish the President's agenda to secure the best performance and highest measure of accountability for the American people.

9. Physical Security

NARA must maintain adequate levels of physical security over our facilities and holdings to ensure the safety and integrity of persons and holdings within our facilities. This is especially critical in light of the new realities that face this nation post-September 11, and the risk that our holdings may be pilfered by persons for a variety of motivations, defaced, or destroyed by fire or other natural disasters.

The Archivist has identified security of collections as a material weakness under the Financial Manager’s Financial Integrity Act (FMFIA) reporting process. Our facilities hold records that serve to document the rights of citizens, the actions of Government officials, and the national experience. They also hold a new class of records identified as Records of Concern (ROC). These are records that could be useful to individuals or entities in the planning and conduct of hostile acts against this nation.

Three primary challenges facing NARA are to (1) provide quality service to our customers while instituting reasonable internal controls to prevent theft and to maintain documentation to support recovery of disenfranchised holdings and subsequent prosecution of those who would steal from NARA, (2) take every reasonable appropriate measure possible to limit access to ROC and act expeditiously in coordinating efforts with appropriate law enforcement entities as warranted and appropriate, and (3) protect and safeguard our facilities themselves and the employees who work in our facilities and to mitigate the potential for damage and destruction through both natural and deliberately precipitated acts.

10. Strengthening Human Capital

The General Accounting Office (GAO) has identified human capital as a Government-wide high risk. Strategic human capital management should be the centerpiece of any serious change management initiative or any effort to transform the cultures of Government agencies. Serious human capital shortfalls, however, continue to erode the ability of many agencies, and threaten the ability of others, to economically, efficiently, and effectively perform their missions. According to GAO, the major problem is the lack of a consistent strategic approach to marshaling, managing, and maintaining the human capital needed to maximize Government performance and ensure its accountability. People are an agency’s most important organizational asset. An organization’s people define its character, affect its capacity to perform, and represent the knowledge base of the organization. Agencies can improve their performance by the way that they treat and manage their people, and building commitment and accountability through involving and empowering employees.

NARA’s challenge is to adequately assess its human capital needs in order to effectively recruit, retain, and train people with the technological understanding and content knowledge that NARA needs for future success. According to the NARA'strategic Plan, NARA must include preparation for training leaders for tomorrow in its plans. Further, NARA must help current staff members with traditional archival training to add skills necessary for working with new technologies. In addition, NARA must replace valuable staff members lost to retirement with staff able to deal with records in the electronic information age. Moreover, NARA must partner with universities and professional associations to determine educational requirements for the 21st century.

Top of Page


Reporting Requirements

STATISTICAL SUMMARY OF INVESTIGATIONS
Investigative Workload
Complaints received this reporting period (2 proactive cases) 131
Cases pending at the beginning of the reporting period 18

Cases opened this reporting period

15

Cases closed this reporting period

21

Cases carried forward this reporting period

12

Categories of Investigations

Fraud

5

Conflict of Interest

1

Contracting Irregularities

0

Misconduct

0

Larceny (theft)

4

Torts

0

Other

2

Investigative Results

Cases referred - Accepted for prosecution

1

Cases referred - Declined for prosecution

1

Cases referred - Pending prosecutive decision

1

Arrests

1

Indictments and information

1

Convictions

1

Fines, restitutions, and other civil and administrative recoveries

$60,000

NARA holdings recovered

3

Administrative Remedies

Employee(s) terminated

0

Employee(s) resigned in lieu of termination

0

Employee(s) suspended

1

Employee(s) given letter of reprimand/warned/counseled

0

Employees taking a reduction in grade in lieu of administrative action

0

 

Requirement 5(a)(6)
LIST OF REPORTS ISSUED
Report No. Title Date Questioned Costs Un-supported Costs Funds Put to Better Use
05-13 Evaluation of NARA's Preservation Program 06/22/2005 0 0 0
05-14 Review of the ITSS Contractor's Quality Assurance and Quality Control Program 08/12/2005 0 0 0
05-15 Audit of the NARA Travel Card Program 07/22/2005 0 0 0
05-16 Audit of NARA's Compliance with the Prompt Payment Act 07/22/2005 0 0 0
05-19 Review of the Proposed Modification of the ITSS Taks Order Security Program Requirements 07/06/2005 $414,307 0 0
05-20 Review of the National Historical Publications and Records Commission Grants 07/29/2005 $22,610 0 0
05-21 Review of Contractor Resources Utilized on the ITSS Contract 09/30/2005 0 0 0


AUDIT REPORT(S) WITH QUESTIONED COSTS

Category

Number of
Reports
DOLLAR VALUE

Questioned
Costs
Unsupported
Costs

A. For which no management decision has been made by the commencement of the reporting period

2

$354,929

$0

B. Which were issued during the reporting period

2

436,917

0

Subtotals (A + B)

4
791,846
0

C. For which a management decision has been made during the reporting period

3
555,511
0

(i) dollar value of disallowed cost

3
500,555
0

(ii) dollar value of costs not disallowed

1

54,956

0

D. For which no management decision has been made by the end of the reporting period

1
236,335
0

E. For which no management decision was made within 6 months

1

236,335

0

 

Requirement 5(a)(9)
AUDITS REPORTS WITH RECOMMENDATIONS THAT FUNDS
BE PUT TO BETTER USE
CATEGORY NUMBER
DOLLAR VALUE

A. For which no management decision has been made by the commencement of the reporting period

2 $26,501

B. Which were issued during the reporting period

0 0

Subtotals (A + B)

2
26,501

C. For which a management decision has been made during the reporting period

2
26,501

(i) dollar value of recommendations that were agreed to by management

1
4,098

Based on proposed management action

0
0

Based on proposed legislative action

0
0

(ii) dollar value of recommendations that were not agreed to by management

1
22,403

D. For which no management decision has been made by the end of the reporting period

0
0

E. For which no management decision was made within 6 months of issuance

0
0

REQUIREMENT

CATEGORY SUMMARY

5(a)(3)

Prior significant recommendations unimplemented

None

5(a)(4)

Summary of proial referrals

None

5(a)(5)

Information or assistance refused

None

5(a)(10)

Prior audit reports unresolved

None

5(a)(11)

Significant revised management decisions

None

5(a)(12)

Significant revised management decisions with which the OIG disagreed

None

Top of Page

PDF files require the free Adobe Reader.
More information on Adobe Acrobat PDF files is available on our Accessibility page.

Office of the Inspector General (OIG) >

The U.S. National Archives and Records Administration
1-86-NARA-NARA or 1-866-272-6272

.