Federal auditors, faced with evaluating issues like the strength of an agency’s cybersecurity, are struggling to keep pace with a rapidly advancing technological climate, the Association of Government Accountants’ 2015 Inspector General Survey found.
Released Friday by AGA, the member organization for financial professionals in government, and accounting firm Kearney & Company, the report compiles the responses of inspectors general in numerous federal agencies to a 66-question survey on issues like budget, data analytics and IT.
“There is need for a comprehensive reexamination of the audit and reporting requirements placed upon the IGs, with consideration given to providing flexibility as to the frequency of these audit and reporting requirements,” the report states. “It has been a challenging year for the IG community.”
Created in 1978 by the Inspector General Act, the 73 IG offices across the federal government are charged with the independent oversight of their respective agencies, preventing fraud and law violation as well as ensuring efficiency in all operations. The advent of new considerations like cybersecurity has increased the auditing burden of IG offices and further stretched declining budgets.
According to the survey, many IGs complain that their resources are spread thin as a result of broad audit mandates in the 2014 DATA Act, which requires them to perform general audits — such as conference spending reviews and travel card monitoring — that may not be relevant to their agencies. More than half of IGs reported spending at least 20 percent of their budget on mandatory audits, while 13 percent spent more than 40 percent on the investigations. Opponents of these audits argue that the resources could be better spent elsewhere; more than half of surveyed IGs said they would devote any additional budget toward cybersecurity audits.
Another barrier to efficient auditing is a law preventing IGs from sharing data across offices.
“IGs felt technological advances that enable data analytics on a broad scale were key to more efficient, effective oversight,” the report states. “This type of data analytics enables OIGs to identify anomalies and predict risk areas where fraud may occur.”
The Computer Matching and Privacy Protection Act of 1988 prevents government offices from examining federal data sets they did not collect. Although offices can procure certain records across agencies, the process is lengthy and typically prevents IG offices from compiling data sets which could aid them in identifying law-breakers.
The issue is amplified by falling staff numbers: 45 percent of IGs indicate their offices have shrunk since 2012, while 32 percent have remained stable.
“Declining resources and increased mandates have challenged the IGs’ flexibility to address risks,” the report states.
The report formulates a number of recommendations for IGs to enhance their capabilities, including the stimulation of greater collaboration across the federal IG community as well as the prioritization of budgets. The larger issue at hand, though, is the regulation that IGs perceive as stymieing their operations. The report calls on the federal government to refresh its “one-size-fits-all” approach to auditing and open up avenues for IG offices to access data while simultaneously protecting citizen privacy.