All Reports can be searched for by key words using the box to the right, or by date range using the tool below. The list below is sorted beginning with the newest.
Audits, Evaluations and Reviews
Audits, Evaluations and Reviews
The Corporation for National and Community Service, Office of Inspector General (CNCS-OIG) issued a Management Alert to express our concerns over the following proposed regulatory changes to the Senior Corps Program, which do not appear to have undergone adequate risk assessment prior to the proposed rule-making: (1) Reducing the minimum number of volunteer service hours per week from 15 to 5; and (2) Eliminating the Direct Benefit Ratio or 80/20 Rule, which requires that at least 80 percent of the Federal grant award be expended for volunteer benefits.
CNCS-OIG’s analysis suggests that these two changes may increase certain per-volunteer costs, and simultaneously decrease significantly the service hours delivered to the served communities. CNCS has not considered these potential financial and programmatic effects, nor has it undertaken a pilot program to identify any other unintended consequences.
We made three recommendations to CNCS, focused on additional analysis and research into potential increased costs and reduction in community service hours. CNCS’s response did not address the concerns substantively, but said that it would do so as part of the rulemaking process.
The Corporation for National and Community Service, Office of Inspector General (CNCS-OIG) conducted an evaluation of the Volunteers in Service to America (VISTA) program to assess its effectiveness. CNCS-OIG’s evaluation focused on member activity, project sustainability, and member attrition.
- Documentation maintained during the execution of a project does not contain sufficient details to validate member activities are consistent with program purposes or are the same as the planned activities.
- Project activities did not build capacity or enable projects to be fully sustained following VISTA support in 12 out of 27 organizations reviewed;
- The VISTA program had an attrition rate of 16.8 percent in the time period evaluated (FY 2014 – 2015), with the primary causes of turnover identified as other employment/financial hardship (80 percent), dissatisfaction with the program (15 percent), and medical issues (5 percent).
Based upon these findings, CNCS-OIG made 11 recommendations to help CNCS VISTA:
- Enhance the existing monitoring program to provide greater insight into member activity and program effectiveness;
- Develop a standard for capturing the capacity building and measuring sustainability during and after the VISTA project is completed;
- Strengthen the VISTA member experience to improve member retention; and
- Develop and implement a strategy for improving member retention.
CNCS has taken some corrective actions since we issued the draft report. CNCS-OIG will review CNCS’s status of audit resolutions after CNCS issues its final management decision on the findings and recommendations.
The agreed-upon procedures (AUP) review of AmeriCorps grant funds to SerVermont, Vermont’s State Service Commission and two subrecipients identified questioned Federal costs totaling $122,551, questioned matching costs of $38,746, questioned Education Awards of $40,342 and compliance findings. The majority of the questioned costs were caused by deficiencies with National Service Criminal History Checks. The costs tested were incurred between April 15, 2015 and August 31, 2017.
SerVermont concurred that the auditors found noncompliant NSCHCs at the Commission and the two subrecipients but disagreed on the related questioned costs. The Corporation will resolve the report’s findings and recommendations.
The Corporation for National and Community Service, Office of Inspector General (CNCS-OIG) conducted a review to determine whether the $2.6 million NCCC member recruitment contract is structured to meet the crucial goal of annually filling the 1,200 Traditional NCCC and 1,000 FEMA Corps vacancies with members likely to successfully complete their terms of service.
CNCS-OIG found that:
- The NCCC recruitment contract places up to $2.6 million at risk;
- Although the NCCC contract requires the contractor to create and maintain a database of prospective applicants that complies with CNCS cybersecurity and privacy policies and procedures, there is no assurance that the database, in fact, meets Federal and CNCS standards;
- The contractor failed to demonstrate that it possesses the experience and proof of success specified in the solicitation and necessary for satisfactory performance; and,
- The CNCS Contracting Officer’s Representative (COR) lacks the requisite recruiting experience and has not exercised sufficient oversight.
Based upon our findings, we recommend that NCCC take the following actions:
- Decline to exercise the option to continue the recruitment contract in future years;
- Promptly undertake a new procurement, with clear objectives, statement of work, experience requirements and professional attributes and deliverables. The new contract should be structured as a performance-based contract, with metrics tied to the recruitment of applicants who meet the program criteria, meet the diversity requirements and successfully complete their terms;
- Assign a COR who has strong recruitment knowledge and experience to effectively manage and oversee this contract;
- Ensure that the selected contractor demonstrates the requisite past performance, meets all the technically acceptable evaluation criteria and has qualified personnel who all meet the Statement of Work (SOW) requirements; and
- Provide bidders with the Federal and CNCS detailed cybersecurity requirements, policies and procedures, and have the CNCS information security officer review the bidder’s cybersecurity safeguards to ensure that it has the systems in place to maintain secure databases that meet applicable cybersecurity mandates and protect Personally Identifiable Information.
The Corporation agreed to implement recommendations 1, 4 and 5. With respect to recommendation number 2, while CNCS agreed to procure a new recruitment contract, CNCS committed only to "explore pursuing a performance-based contract” (emphasis added). However, NCCC treats its recruitment strategy as quantitative—increasing the leads that may generate members—and does not intend to include outcome-based qualitative metrics tied to qualifications, diversity and the ability to successfully complete service. The lack of focus on successful enrollment of highly qualified, diverse individuals who fulfill their service obligations creates a substantial risk that the new recruiting contract will be flawed and will not produce the desired program performance outcomes, resulting in additional funds at risk. CNCS also did not concur with CNCS-OIG’s findings and recommendations pertaining to the experience and oversight of its COR.
An agreed-upon procedures (AUP) review of AmeriCorps grant funds to the New Mexico Commission for Community Volunteerism (NMCCV) and two subgrantees during the period of January 1, 2015 through March 31, 2017, identified questioned Federal costs totaling $29,627 and matching costs of $121,996, as well as compliance findings. In addition to the AmeriCorps grants, NMCCV also received a Corporation Training and Technical Assistance grant to provide training and assistance to NMCCV and subgrantee staff. The majority of the questioned costs were caused by deficiencies in subgrantees’ financial management systems and non-compliance with member living allowance requirements.
NMCCV concurred with most of the findings and recommendations, but disagreed on the finding related to member living allowances and requested an extension to determine the reason for the unsupported costs. The Corporation will resolve the report’s findings and recommendations.
Despite a continuous focus on improving its Improper Payments Elimination and Recovery Act of 2010 (IPERA) compliance program, the Corporation for National and Community Service (CNCS) remains unable to reliably estimate the amount or the rate of improper payments in the AmeriCorps State and National Program (AmeriCorps), Foster Grandparent Program (FGP), Retired and Senior Volunteer Program (RSVP), and Senior Companion Program (SCP). Specifically, we noted that the improper payments information reported in CNCS’s fiscal year (FY) 2017 Annual Management Report (AMR) is unreliable and incomplete; CNCS therefore did not comply with IPERA. As in the past, we identified flaws in multiple stages of CNCS’s improper payments assessment process; many of these flaws resulted from insufficient time and personnel to perform the FY 2017 IPERA testing.
CNCS implemented a new alternative sampling methodology in FY 2017, as well as other corrective actions to address findings noted in the FY 2015 IPERA audit report. As a result of this progress, CNCS has met an additional OMB criterion for IPERA compliance, with two prior audit findings fully resolved in FY 2017. CNCS’s efforts also reduced the severity of some the issues, which are mainly limited to the sufficiency and adequacy of documentation as of FY 2017.
However, these partial improvements did not substantially improve CNCS’s IPERA compliance, as CNCS did not meet four of the six OMB IPERA compliance criteria. Specifically, we identified the following compliance issues and other matters, all of which are recurring from the prior years:
- CNCS did not properly identify improper payments, and the published improper payment estimates are not statistically valid, complete, or accurate. Specifically, we noted significant errors in CNCS’s sampling selection for its stratified sample and found that CNCS did not always follow, or document how it followed, its OMB-approved alternative sampling methodology.
- CNCS did not fully comply with the IPERA risk assessment requirements, as it did not maintain documentation to support that it had performed additional procedures to verify that the FY 2015 risk assessment results were still valid for FY 2017.
- CNCS did not meet its annual improper payment reduction targets for AmeriCorps, as the actual improper payment error rate reported was nearly twice the reduction target rate.
- CNCS published an improper payment estimate that was greater than the acceptable threshold for IPERA compliance, or 10 percent, for three of its four programs (i.e., AmeriCorps, FGP, and SCP).
Our report also notes other matters relating to CNCS’s ability to reduce and recapture improper payments, as follows:
- CNCS did not adequately report on high-dollar over-payments, as it did not specify the risk-susceptible programs subject to high-dollar over-payments included in its report.
- CNCS did not complete a cost-benefit assessment for payment recapture audits.
- CNCS did not complete the reporting required as a result of its programs not complying with IPERA for three consecutive fiscal years.
The Mayor's Fund to Advance New York City (Mayor's Fund) served as the intermediary (i.e., the prime grantee) for a Social Innovation Fund (SIF) grant from CNCS totaling approximately $28.5 million for the period from August 1, 2010 to July 31, 2015. The Mayor's Fund divided its responsibilities among itself, the Center for Economic Opportunity (CEO) and MDRC, a non-profit, nonpartisan social and education policy research firm. Ultimately, the Mayor's Fund subawarded $25.8 million in SIF funds to 19 subgrantees.
CNCS-OIG questioned more than $4.6 million based upon an audit of the costs incurred by the Mayor's Fundand three of its subgrantees: the Children's Aid Society, the Henry Street Project, and Madison Strategies Group (Madison), for the period from July 1, 2012,to June 30, 2015. The majority of these question costs flow from two findings: (1) MDRC's failure to conduct criminal history checks for its 165 staff members who were paid with SIF funds; and (2) a decision by the Mayor's Fund to award a subgrant to Madison, an unqualified organization with a substantial conflict of interest.
CNCS was apparently unaware of either of these problems, which we detail in this report.
An agreed-upon procedures (AUP) review of AmeriCorps grant funds to the Kentucky Commission on Community Volunteerism and Service (KCCVS) and two subgrantees during the period of January 1, 2013 - September 1, 2016, identified questioned costs totaling $851,954, as well as compliance findings.
Most of the questioned costs resulted from deficiencies in the procedures used by KCCVS and its subgrantees to perform criminal history checks, including failure to perform the checks for grant-funded staff, and incomplete or insufficient criminal history checks for AmeriCorps members by subgrantees. Other deficiencies related to: (1) inadequate monitoring of subgrantees’ compliance with program requirements, to include evaluations and member service agreements; (2) unapproved remote service and service activities not in accordance with subgrant objectives; (3) Improper use of program income; and (4) inadequate support of cost share.
KCCVS concurred with most of the compliance findings but not the amounts questioned. The Corporation will resolve the report’s findings and recommendations.
CNCS has devoted significant resources to improving cybersecurity over the past few years, with meaningful progress. Although its information security program is not yet sufficiently mature, it can reach effectiveness with continued effort and investment.
Achieving effectiveness will require attention to weaknesses that pose significant risks to information security. Our 2017 evaluation found inadequacies in risk management, configuration management, identity and access management, information security continuous monitoring, and contingency planning. Enforcement of information security is inconsistent across the enterprise, with field components remaining especially vulnerable. These continuing vulnerabilities leave CNCS operations and assets at risk of unauthorized access, misuse and disruption. Our report offers 34 recommendations to address the identified weaknesses and assist CNCS in strengthening its information security program. Eight of the recommendations relate to prior findings that have not been completely addressed by CNCS.
The CNCS OIG contracted with CLA, LLP to review the controls put into place by the CNCS OIT to secure three internal web applications and associated infrastructure resulting in five recommendations. The objectives were to assess and report any risks that could lead to information technology security incidents, recommend improvements in the operations of the information systems, and identify gaps between the Corporation's current information security posture and industry best practices. CLA found critical application vulnerabilities, missing patches and unsupported software, incorrect documentation, and configuration weaknesses. CLA recommended that CNCS improve its patching effectiveness, update unsupported software, fully remediate configuration weaknesses and noted vulnerabilities, practice secure coding, and update its documentation.
We issued a disclaimer of opinion on the audit the National Service Trust Fund financial statements (Trust financial statements) as of September 30, 2017 and for the year then ended. CNCS was unable to provide adequate evidential matter to support a significant number of transactions and account balances due to inadequate processes and controls to support transactions and estimates, and incomplete records to support transactions in accordance with generally accepted accounting principles. Auditors were unable to obtain sufficient appropriate audit evidence to provide a basis for an audit opinion (disclaimer).
We issued a disclaimer of opinion on the consolidated financial statements of the Corporation for National and Community Service (CNCS) as of September 30, 2017 and for the year then ended. Key audit findings were:
- CNCS was unable to provide adequate evidential matter to support a significant number of transactions and account balances due to inadequate processes and controls to support transactions and estimates, and incomplete records to support transactions in accordance with generally accepted accounting principles. Auditors were unable to obtain sufficient appropriate audit evidence to provide a basis for an audit opinion (disclaimer);
- Four material weaknesses (Financial Reporting; Trust Fund Unpaid Obligations; Trust Service Award Liability Model; Grants Accrual Payable and Advance) and one significant deficiency (Information Technology Security Controls) in CNCS’s internal control over financial reporting;
- No instances of noncompliance with applicable provisions of laws, regulations, contracts, and grant agreements.
Had the scope of the auditors work been sufficient to enable them to express an opinion on the CNCS consolidated financial statements, other material weaknesses or significant deficiencies, or noncompliance or other matters may have been identified and reported.
CNCS did not fully comply with the DATA Act due to weaknesses in its existing financial reporting system (internal control over source systems) and internal control weaknesses within financial reporting, data management, and data reporting processes. CNCS did not submit complete, timely, quality, and accurate financial and award data for the FY 2017 second quarter. The Corporation continues to grapple with the implementation challenges previously reported in the readiness review, as well as new challenges identified by this performance audit.
Serve Washington administered $40,328,621 of AmeriCorps funds during the three years ending September 30, 2016. Serve Washington awarded subgrants to 17 organizations and was responsible for programmatic and financial oversight. No Serve Washington Commission incurred costs were questioned. An agreed-upon-procedures (AUP) did not question incurred costs by Serve Washington Commission.
However, the AUP identified improper and unsupported costs claimed by two subrecipients totaling $511,070 ($140,231 in Federal costs and $230,646 in match costs), plus an additional $136,773 in questioned education awards and $3,420 in accrued interest. The AUP also identified other deficiencies to include: (1) deficiencies with documenting claimed Federal and match costs or to ensure that the costs were allowable; (2) Failure to perform complete National Service Criminal History Checks for grant-funded staff, (3) Failure to accurately record and certify all member timesheet hours; (4) inadequate supervision of members recording teleservice and/or weekend service, and (5) non-compliance with AmeriCorps requirements for member performance evaluations.
Serve Washington concurred with some of the compliance findings. The Corporation will resolve the report’s findings and recommendations.
An agreed-upon procedures review on grant costs incurred by the Volunteer Louisiana Commission (VL) and two of its subgrantees identified questioned costs of $195,993.
The majority of the questioned costs ($194,951) were caused by deficiencies in VL’s and subgrantees’ time keeping systems, and the procedures used to conduct the National Service Criminal History Checks for their staffs. The remaining $1,042 of questioned costs stem from unsupported or unallowable costs charged to the grant. VL concurred with most of the compliance findings. The Corporation will resolve the report’s findings and recommendations.