Recommendation Dashboard

OIG makes recommendations in our reports to improve the efficiency and effectiveness of agency programs and help agencies identify questioned costs and funds that could be put to better use. The aim is to spur our audited agencies to take corrective actions, which allow us to close the recommendations.

This dashboard identifies current open recommendations along with the associated questioned costs.  Open recommendations may be resolved or unresolved:

  • A recommendation is resolved when OIG agrees with the agency's plan of action.
  • A recommendation is unresolved when the agency has yet to share a plan of action or OIG disagrees with the plan.

The dashboard below may not reflect accurate numbers due to temporarily unavailable resources. We apologize for any inconvenience. Please check back soon.

 

Total Open Recommendations (As of 9/19/24)

261

Open Financial Recommendations (As of 9/19/24)

$91,949,192


Please see an updated list of recommendations with their corresponding report below.

2024

Sep 19, 2024
NFA Transmittal
3-000-24-058-I
Recommendation
1

We recommend that USAID's Office of Acquisition and Assistance Cost, Audit and Support Division/Contract Audit Management Branch verify that Nathan Associates, Inc., corrects the one reported material
weakness in internal control detailed on pages 8 and 9 of the audit report.

Questioned Cost
0
Funds for Better Use
0
Sep 18, 2024
NFA Transmittal
4-617-24-126-R
Recommendation
1

We recommend that USAID/Uganda verify that Joint Clinical Research Center corrects the one instance of material noncompliance detailed on page 27 of the audit report.

Questioned Cost
0
Funds for Better Use
0
Sep 18, 2024
NFA Transmittal
4-617-24-127-R
Recommendation
1

We recommend that USAID/Uganda verify that Makerere University Joint AIDS Program corrects the one instance of material noncompliance detailed on page 28 of the audit report.

Questioned Cost
0
Funds for Better Use
0
Sep 16, 2024
Audit Report
A-000-24-004-P
Recommendation
2

We recommend that USAID's Chief Information Officer develop and implement a written procedure to document the Chief Information Officer's review and approval of all cloud service acquisition plans.

Questioned Cost
0
Funds for Better Use
0
Recommendation
13

We recommend that USAID's IT Operations Division Chief complete plan of action and milestones, as required. This may include documenting the "planned remediation actions" in the reports.

Questioned Cost
0
Funds for Better Use
0
Recommendation
12

We recommend that USAID's IT Operations Division Chief update the systems' continuous monitoring report to identify weaknesses with access, roles, and privileges, as required.

Questioned Cost
0
Funds for Better Use
0
Close Date
Sep 16, 2024
Recommendation
11

We recommend that USAID's Deputy Chief Human Capital Officer complete plan of action and milestone, as required. This may include documenting the "planned remediation actions" in the reports.

Questioned Cost
0
Funds for Better Use
0
Close Date
Sep 16, 2024
Recommendation
10

We recommend that USAID's Deputy Chief Human Capital Officer update the system's continuous monitoring report to identify weaknesses with access, roles, and privileges, as required.

Questioned Cost
0
Funds for Better Use
0
Close Date
Sep 16, 2024
Recommendation
9

We recommend that USAID's Chief Information Officer work with the Deputy Chief Human Capital Officer and IT Operations Division Chief to update the system security plan, as required. This may include updating the system security plan with the results of a security assessment or create a plan of actions and milestones.

Questioned Cost
0
Funds for Better Use
0
Recommendation
8

We recommend that USAID's Chief Information Officer revise Agency procedures to address how system owners should document their monitoring of cloud service providers' remediation activities.

Questioned Cost
0
Funds for Better Use
0
Recommendation
7

We recommend that USAID's Chief Information Officer develop additional procedures to hold system accountable for noncompliance with plan of action and milestones requirements. This may include actions other than denying a system authority to operate, such as a negative performance evaluation or disciplinary action.

Questioned Cost
0
Funds for Better Use
0
Recommendation
6

We recommend that USAID's Chief Information Officer develop additional procedures to hold system owners accountable for noncompliance with continuous monitoring reporting requirements. This may include actions other than denying a system authority to operate, such as a negative performance evaluation or disciplinary action.

Questioned Cost
0
Funds for Better Use
0
Recommendation
5

We recommend that USAID's Chief Information Officer revise the standard reporting template for continuous monitoring to clarify whether it applies to cloud systems.

Questioned Cost
0
Funds for Better Use
0
Close Date
Sep 16, 2024
Recommendation
3

We recommend that USAID's Chief Information Officer develop and implement a written process for defining and reviewing service level agreements to determine whether they meet Agency needs.

Questioned Cost
0
Funds for Better Use
0
Recommendation
4

We recommend that USAID's Chief Information Officer develop and implement a written policy for monitoring and documenting cloud services providers' compliance with service level agreements.

Questioned Cost
0
Funds for Better Use
0
Close Date
Sep 16, 2024
Recommendation
1

We recommend that USAID's Chief Information Officer develop and implement written guidance for performing and documenting cost-benefit and alternative analyses for cloud acquisitions before procuring cloud services.

Questioned Cost
0
Funds for Better Use
0
Sep 13, 2024
NFA Transmittal
5-367-24-050-R
Recommendation
1

USAID/Nepal determine the allowability of $45,026 in questioned costs ($39,909 ineligible, $5,117 unsupported) on pages 13 to 14 and pages 33 to 41 of the audit report and recover any amount that is unallowable.

Questioned Cost
45026
Funds for Better Use
0
Recommendation
2

USAID/Nepal verify that the Government of Nepal's Department of Health and Services and Other Implementing Government Agencies corrects the 1 material weakness in internal control detailed on pages 25 to 26 of the audit report.

Questioned Cost
0
Funds for Better Use
0
Recommendation
3

USAID/Nepal verify that the Government of Nepal's Department of Health and Services and Other Implementing Government Agencies corrects the 11 instances of material noncompliance detailed on pages 33 to 45 of the audit report.

Questioned Cost
0
Funds for Better Use
0
Aug 29, 2024
Audit Report
A-ADF-24-003-C
Recommendation
5

Chief Information Officer update the change management charter to designate in writing the responsibilities for monitoring performance metrics, conducting lessons-learned activities, and documenting routine updates and minor changes.

Questioned Cost
0
Funds for Better Use
0
Recommendation
6

Chief Information Officer update the system security plan to include the frequency for reviewing and updating the contingency plan.

Questioned Cost
0
Funds for Better Use
0
Recommendation
7

Chief Information Officer develop and implement policies and procedures to obtain feedback on the agency's specialized security training, update the training program, and request that third-party providers update their training content, as appropriate, to keep current with security practices.

Questioned Cost
0
Funds for Better Use
0
Recommendation
4

Chief Information Officer develop and implement policies and procedures for agency personnel to monitor performance metrics for information technology services provided by third parties.

Questioned Cost
0
Funds for Better Use
0
Recommendation
1

Chief Information Officer develop and implement procedures to assess whether position risk designations are reviewed for all personnel.

Questioned Cost
0
Funds for Better Use
0
Recommendation
2

Chief Information Officer develop and implement procedures to assess whether reinvestigations are performed timely for individuals who possess critical-sensitive/high-risk roles that require system access.

Questioned Cost
0
Funds for Better Use
0
Recommendation
3

Chief Information Officer develop and implement policies and procedures to periodically assess its cybersecurity workforce's knowledge, skills, and abilities to confirm that security training and development activities align with agency needs.

Questioned Cost
0
Funds for Better Use
0
Aug 29, 2024
Audit Report
E-ADF-24-001-A
Recommendation
2

To address these shortcomings, we recommend that USADF:
Develop and implement a plan within 90 days of USAID OIG publishing this advisory to schedule fraud awareness briefings with USAID OIG's Office of Investigations for all USADF staff.

Questioned Cost
0
Funds for Better Use
0
Recommendation
1

To address these shortcomings, we recommend that USADF:
Update its training within 30 days of USAID OIG publishing this advisory to incorporate information on USAID OIG oversight authorities and procedures for disclosing allegations of fraud, waste, abuse, or mismanagement, and develop and implement a plan to provide the updated training to all USADF staff.

Questioned Cost
0
Funds for Better Use
0
Recommendation
3

To address these shortcomings, we recommend that USADF:
Develop and implement a plan within 90 days of USAID OIG publishing this advisory to schedule fraud awareness briefings with USAID OIG's Office of Investigations for all USADF staff.

Questioned Cost
0
Funds for Better Use
0
Aug 28, 2024
NFA Transmittal
4-611-24-124-R
Recommendation
2

We recommend that USAID/Zambia verify that Centre for Infectious Disease Research in Zambia corrects the two instances of material noncompliance detailed on pages 67 to 69 of the audit report.

Questioned Cost
0
Funds for Better Use
0
Recommendation
1

We recommend that USAID/Zambia verify that Centre for Infectious Disease Research in Zambia corrects the one material weaknesses in internal control detailed on pages 59 to 61 of the audit report.

Questioned Cost
0
Funds for Better Use
0
Aug 27, 2024
NFA Transmittal
5-492-24-044-R
Recommendation
2

USAID/Philippines verify that AgriterraPhils Inc. corrected the two instances of material noncompliance detailed on pages 33 to 35 of the audit report.

Questioned Cost
0
Funds for Better Use
0
Recommendation
1

USAID/Philippines determine the allowability of $243,869 in questioned costs, ($12,276 of ineligible costs pertaining to USAID funds and $231,593 of unsupported costs [$164,567 pertaining to USAID funds and $67,026 pertaining to the awardee's cost sharing contributions]), as detailed on pages 21 to 30 and 36 of the audit report and recover any amount that is unallowable.

Questioned Cost
243869
Funds for Better Use
0
Aug 23, 2024
Audit Report
A-IAF-24-002-C
Recommendation
2

We recommend that IAF's chief information officer update the agency's system security plan to include controls in National Institute of Standards and Technology Special Publication 800-53, Revision 5, "Security and Privacy Controls for Information Systems and Organizations."

Questioned Cost
0
Funds for Better Use
0
Recommendation
1

We recommend that IAF's chief information officer develop and implement a plan, including tools and other resources, to remediate critical and high vulnerabilities within the timeframes specified in the agency's "Information System Security Program Standard Operating Procedures" (February 2022).

Questioned Cost
0
Funds for Better Use
0