All Reports

The Federal Information Security Modernization Act of 2014 (FISMA) provides a comprehensive framework for establishing and ensuring the effectiveness of managerial, operational, and technical controls over information technology (IT) that supports Federal operations and assets and provides a mechanism for improved oversight of Federal agency information security programs. FISMA requires the head of each agency to implement policies and procedures to cost-effectively reduce IT security risks to an acceptable level. FISMA requires agency program officials, Chief Information Officers (CIO)s, Chief Information Security Officers (CISO)s, senior agency officials for privacy, and inspectors general to conduct annual reviews of the agency’s information security program.

The U.S. President’s Emergency Plan for AIDS Relief (PEPFAR) is a multi-year U.S. Government initiative to address the HIV pandemic. The PEPFAR program is managed and overseen by the U.S. Department of State’s Office of the U.S. Global AIDS Coordinator and Health Diplomacy (OGAC). Congress appropriates PEPFAR funds to the State Department, which OGAC allocates to the Peace Corps and other participating Federal agencies. The Peace Corps Office of Global Health and HIV (OGHH) serves as the primary point of contact for Peace Corps posts, regions, and other headquarter offices regarding PEPFAR operations. The regions and posts are responsible for executing PEPFAR programs in the field, including its programmatic and administrative management. The Peace Corps Office of the Chief Financial Officer (OCFO) is responsible for providing OGHH and the posts with the necessary PEPFAR strategic, technical, and financial guidance. OCFO and OGHH issue the Peace Corps PEPFAR Financial Guidance, which posts use to document how they will request, plan, and execute PEFPAR funding and its programs. Post staff must ensure expenses are correctly applied and distributed between PEPFAR and the Peace Corps’ direct appropriations and maintain the appropriate supporting documentation.The objective of this audit was to determine the basis and justifications for allocating expenses to PEPFAR funds following the global evacuation of Volunteers in March 2020.

On March 18, 2022, the Peace Corps notified the United States Congress that Peace Corps/Morocco (hereafter referred to as “the post”) intended to resume operations in September 2022. The first intake of 51 Volunteers arrived in September 2022. On November 21, 2022, the Office of Inspector General (OIG) announced this review to assess the post’s compliance with specific agency policies and procedures related to Volunteer and trainee health and safety, and the re-entry process.

This required external peer review was conducted in accordance with the Council of the Inspectors General on Integrity and Efficiency (CIGIE) Inspection and Evaluation Committee guidance as contained in the CIGIE Guide for Conducting External Peer Reviews of Inspection and Evaluation Organizations of Federal Offices of Inspector General (December 2020 and December 2021). The peer review was conducted from May 16, 2023 through July 28, 2023.

In March 2021, the Peace Corps shut down its Coordinated Incident Reporting System (CIRS), a repository of historical crime incidents reported by Volunteers, and replaced it with the Security Incident Management System (SIMS). SIMS autopopulates crime incident report links into VIDA (Volunteer Information Database Application) through the agency’s Customer Relationship Management (CRM) platform. During the SIMS data migration, some posts began to identify and assess potential sites for returning Volunteers following the 2020 global evacuation due to the COVID-19 pandemic. OIG raised concerns about whether field staff had access to the historical crime data necessary to assess the safety of reused sites, consistent with site development requirements. We conducted this review to address these concerns .

On August 24, 2021, the Peace Corps notified the United States Congress that Peace Corps/Dominican Republic (hereafter referred to as “the post”) intended to resume operations in December 2021. The first intake arrived in March 2022 with 13 Volunteers, including 2 reinstated Volunteers. On September 29, 2022, the Office of Inspector General announced this review to assess the post’s compliance with specific agency policies and procedures related to Volunteer and trainee health and safety, and the re-entry process.