Office of the Inspector General (OIG)

OIG semi-Annual Report to Congress:
April 1, 2006 -September 30, 2006


Table of Contents


Foreword

The National Archives and Records Administration (NARA) is an agency of approximately 2,900 employees with a budget approaching $340 million. Given NARA's relatively modest size and budget, we are perceived perhaps as just a single thread in the tapestry that constitutes the entire Federal Government. This thread, however, runs the full length and breadth of our nation.

NARA holds records, artifacts, and images that constitute the essential evidence of our democracy, and who we are as Americans. Many of the records amongst our millions of cubic feet of holdings are intrinsically of archival significance; sadly they are also highly marketable if illicitly removed from our holdings. We hold retirees' military and civilian records and other records that contain vast troves of private information that could and have been used for identity theft and other nefarious purposes. NARA maintains extensive holdings of highly classified records including those that are most sensitive to our national security. The high risk of compromise to elements of these holdings requires continual vigilance to ensure proper control of them. We have begun to accession and hold the initial elements of an enormous and growing wave of electronic records that in their digital state are vulnerable to exploitation by persons or entities who gain unauthorized access to them. NARA, as any other agency, also maintains large quantities of assets and enters into major procurements that require audit and investigative oversight to mitigate the potential for fraud.

As the Inspector General, my statutory duty is to provide audit and investigative coverage to this entire agency; detect and report upon waste, fraud, abuse, and mismanagement; and offer recommendations and suggestions designed to bring effectiveness and efficiency of operations to NARA. By accepting the position of Inspector General six years'ago, I accepted this responsibility and sought to secure the capabilities and resources to fully honor this challenge. I have used semiannual reports, budget submissions, and other vehicles to seek additional resources for my office while fully recognizing that NARA is an agency that has serious budget challenges. I invite Congress and the Executive Branch to become more intimately involved in the challenges this office faces as we attempt to honor the provisions of the Inspector General Act passed by Congress and signed into law by the President.

 

Paul Brachfeld
Inspector General

Top of Page


Executive Summary

This is the 36th Semiannual Report to the Congress summarizing the activities and accomplishments of the National Archives and Records Administration (NARA) Office of Inspector General (OIG). A summary of NARA's top challenges is provided under the section titled "Top Ten Management Challenges." The highlights of our major functions are summarized below.

Audits

In this reporting period, the Audit Division continued to examine the security of NARA's Information Technology (IT) systems and assess economy and efficiency of NARA's programs. This work had positive impact upon agency operations and related controls in these critical areas. Recommendations directed to NARA officials will, upon adoption, translate into reduced risk for the agency and increased levels of security and control over NARA's financial assets, programs, and operations.

We issued the following audit reports during the reporting period:

  • Review of NARA's Information Security Program. This audit, which sought to determine whether NARA was making satisfactory progress establishing an information security program that included appropriate controls required by Federal legislation, revealed weaknesses in NARA's (a) network perimeter/firewall security; (b) computer network operating system software and electronic message software; (c) computer security incident response capability; (d) recovery strategy for quickly and effectively restoring mission critical information technology systems after a severe service disruption or disaster; and (e) the security certification and accreditation process. These weaknesses, paired with information security vulnerabilities previously identified and not fully addressed in a fiscal year 2000 audit, result in a material weakness in the current NARA Information Security Program. We made 12 recommendations that, when implemented by management, will assist the agency in establishing an information security program that meets Federal legislation requirements. (Audit Report #06-09, dated August 6, 2009.)

  • Audit of NARA's System Administrator Rights and Control. Our audit, which assessed whether NARA had instituted appropriate controls, oversight, policies, and procedures over system administrator accounts to ensure that NARA'systems and information is properly secured, disclosed that NARA's controls over system administrator accounts were weak and needed immediate improvement. The inadequate controls governing system administrator rights and controls resulted in increased risk of system degradation due to potential mismanagement, human error, or system compromise by persons seeking to harm NARA's servers and infrastructure devices. We made nine recommendations to management to improve NARA's system administrator rights and controls and enhance controls over information technology security. Management concurred with all but one recommendation. (Audit Report #06-11, dated September 27, 2006.)

  • Evaluation of NARA's Affiliated Archives Program. Our review found that while the program meets its intended goal and function, opportunities exist to improve upon and expand the program to provide the American public with even greater access to NARA records. Further, our review disclosed that while NARA has improved management oversight over the program, additional measures can strengthen internal controls to ensure that records are protected from damage and loss. Specifically, our review disclosed that (1) outdated Memorandums of Understanding (MOU) exist that govern the relationships between NARA and the respective affiliates resulting in inconsistent requirements and standards for housing and maintaining holdings at individual affiliates; and (2) with the exception of one of the existing eight affiliated archives, all failed to meet the current NARA Archival Storage Standards. To address this condition, we made six recommendations that, upon adoption, will help ensure that NARA records are protected while improving access through additional partnerships. Management concurred with all but one recommendation. (Audit Report #06-10, dated August 9, 2006.)

  • OIG Monitoring of the Novell Netware/GroupWise Upgrade Project. Our review, which assessed whether the project was meeting cost and schedule requirements and whether management was taking timely action to correct any actual or potential problems with project performance, disclosed that the project was proceeding on schedule. In fact, the migration effort at NARA facilities was scheduled to be completed in less time than originally estimated. As of June 13, 2006, the migration effort was completed at 28.6 percent of NARA facilities. No significant problems were noted.(Audit Report #06-14, dated June 20, 2006.)

  • OIG Monitoring of the Novell Netware/GroupWise Upgrade Project (2nd Report). Our second report on the status of the Novell NetWare/GroupWise Upgrade Project revealed that the project has continued to progress in a satisfactory manner. However, we believe that upgrading the operating system and electronic mail software to version 6.5 constitutes only an interim measure for solving the agency's operating system and electronic mail software problems. This opinion is also shared by Gartner, a large information technology research and advisory firm, which has stated its belief that the Novell Corporation will continue to support the Netware operating system software, version 6.5, only until 2008. At that point, NARA will find itself in the same position that it is currently working to get out of, that is, running obsolete network software. As a result, planning for the next software upgrade is critical and should begin as soon as the current upgrade project is completed.(Audit Report #06-15, dated September 11, 2006.)

Investigations

During this reporting period, the Office of Investigations opened 20 investigations, closed 6 investigations, recovered 12 documents, and executed 4 search warrants. The Office of Investigations received 162 complaints, and closed 156 complaints. There are 20 complaints and 36 investigations that remain open.

The Office of Investigation completed investigations in areas including:

  • Alleged Theft of Indian Records
  • Possession of Illicit Drugs and a Firearm in the National Archives Building
  • Compromise of Classified Material
  • Employee and Contractor Misconduct at the FDR Library
  • Alleged Theft from the Cafe at the National Archives at College Park

We continue to report that an insufficient number of investigative agents continue to adversely impact our ability to perform components of our core mission and provide support to NARA. Furthermore, we remain constrained in our ability to conduct proactive investigative activity and training.

Top of Page


Management Assistance

During the reporting period, the OIG

  • Worked with the Archivist of the United States and his general counsel to resolve issues related to publishing OIG audit reports on the Internet. The OIG continues to work with the general counsel's office and the Archivist on Privacy Act matters as they relate to OIG investigative reports. After consulting with NARA, the OIG endorsed amendments to the Code of Federal Regulations allowing NARA the ability to inspect employees' personal property on-site. The OIG also prepared and forwarded two Freedom of Information Act appeal packages to the Archivist.

  • Entered into a Memorandum of Agreement with NARA's computer security group that allows the OIG's Office of Investigations to use existing equipment in NARA's inventory for computer forensics analysis.

  • Worked with NARA's Designated Agency Ethics Official (DAEO) on various ethics matters.

  • Provided input for NARA's Information Security Program Handbook regarding handling incidents involving classified material, particularly when notification of the OIG is necessary.

  • Continued the OIG's role in the recovery of lost, stolen, and missing holdings at the National Archives. In response to a request from management for comment, the OIG developed a detailed process incorporating NARA management, archival experts, the Office of General Counsel, and the OIG charting the step-by-step process of item recovery from intake to recovery. During this period, NARA Directive 1462, Recovery of Archival Materials, went into effect. To further facilitate this directive, the OIG is in the process of selecting a staff archivist to provide subject-matter expertise throughout the recovery process.

Top of Page


Introduction

About the National Archives and Records Administration

Mission

The National Archives and Records Administration ensures, for the Citizen and the Public Servant, for the President and the Congress and the Courts, ready access to essential evidence.

Background

NARA, by preserving the nation's documentary history, serves as a public trust on which our democracy depends. It enables citizens to inspect for themselves the record of what the Government has done. It enables officials and agencies to review their actions and helps citizens hold them accountable. It ensures continuing access to essential evidence that documents the rights of American citizens, the actions of Federal officials, and the national experience.

Federal records reflect and document America's development over more than 200 years'and are great in number, diverse in character, and rich in information. NARA's traditional holdings amount to 28.4 million cubic feet of records. These holdings include architectural/engineering drawings, maps, and charts; moving images and sound recordings; and photographic images. Additionally, NARA maintains 543,564 artifact items and 10.5 billion logical data records.

NARA involves millions of people in its public programs, which include exhibitions, tours, educational programs, film series, and genealogical workshops. In FY 2006, NARA hosted 3 million museum visitors while responding to 1.2 million written requests from the public. In addition, NARA responded to 10 million Federal agency reference requests, 21,367 Federal agency requests for appointments to review records, and provided records management training to 4,234 individuals. NARA publishes the Federal Register and other legal and reference documents that form a vital link between the Federal Government and those affected by its regulations and actions. Through the National Historical Publications and Records Commission, NARA helps to preserve and publish non-Federal historical documents that also constitute an important part of our national heritage. NARA also administers the Nixon Presidential Materials Project, and 11 Presidential libraries that preserve the papers and other historical materials of all past Presidents since Herbert Hoover.

Resources

In FY 2006, NARA was appropriated an annual budget of approximately $338 million and 2,890 Full-time Equivalents (FTEs), which included appropriations of $283 million for operations, $37 million for the Electronic Records Archive (ERA) program, $9.6 million for repairs and restorations of facilities, and $7.5 million for grants. NARA operations are spread throughout 36 facilities nationwide.

About the Office of Inspector General (OIG)

The OIG Mission

The OIG's mission is to ensure that NARA provides the American people with ready access to essential evidence by providing high-quality, objective audits and investigations, and serving as an independent, internal advocate for economy, efficiency, and effectiveness.

Background

The Inspector General Act of 1978, as amended, established the OIG's independent role and general responsibilities. The Inspector General reports to both the Archivist of the United States and the Congress. The OIG evaluates NARA's performance, makes recommendations for improvements, and follows up to ensure economical, efficient, and effective operations and compliance with laws, policies, and regulations. In particular, the OIG

  • assesses the effectiveness, efficiency, and economy of NARA programs and operations
  • recommends improvements in policies and procedures to enhance operations and correct deficiencies
  • recommends cost savings through greater efficiency and economy of operations, alternative use of resources, and collection actions
  • investigates and recommends legal and management actions to correct fraud, waste, abuse, or mismanagement

Resources

The FY 2006 OIG budget is approximately $2.2 million for operations. The OIG now has 16 FTEs. At full staffing, in addition to the Inspector General and 3 support staff, 7 FTEs are devoted to audits, 4 to investigations, and 1 as counsel to the Inspector General. During the period, one of two vacant audit positions was filled. Currently, the OIG is in the process of hiring another auditor to fill the remaining vacant auditor position. The OIG is seeking additional audit and investigative resources to support the work of this office as defined in the FY 2007 and FY 2008 budget submissions to the Archivist.

Top of Page


Office of Inspector General Activities

Involvement in the Inspector General Community

President's Counsel on Integrity and Efficiency (PCIE) and Executive Counsel on Integrity and Efficiency (ECIE) Legislation Committee. The IG served as one of two ECIE representatives to the Legislation Committee. The Legislation Committee assists the IG community in effectively carrying out its duties as specified in Executive Order 12085. In particular, these responsibilities are to identify, review, and discuss areas of weakness and vulnerability in Federal programs; conduct operations to uncover fraud, waste, and abuse; and develop plans for coordinated, Government-wide activities that address these problems and promote economy and efficiency in Federal programs and operations.

Council of Counsels to Inspectors General (CCIG). The OIG counsel participated in meetings of the CCIG and communicated regularly with fellow members. Multiple topics were raised, discussed, and addressed including independence of inspectors general, control of OIG-generated reports, authority to publish audit reports and respond to Freedom of Information Act requests for Reports of Investigation, and how to appropriately respond to congressional inquiries from either the chairman or ranking committee member.

Federal Audit Executive Council (FAEC). The Assistant Inspector General for Audits (AIGA) continued to serve as an ECIE representative to the FAEC. During the period, the AIGA attended FAEC's meeting to discuss topics such as financial statement audit issues, revisions to the PCIE External Peer Review Guide, opinion reports on internal controls, and information security.

President's Counsel on Integrity and Efficiency and Executive Counsel on Integrity and Efficiency Investigations Advisory Subcommittee. The Assistant Inspector General for Investigations (AIGI) participated in meetings of the Investigations Advisory Subcommittee and communicated regularly with fellow members. During the period, numerous topics were raised, discussed, and addressed including law enforcement officers flying armed, Inspector General Academy training, undercover operations policy, peer reviews, and scope of law enforcement authorities.

Response to Congressional Items

Federal Information Security Management Act (FISMA) of 2006. Together with the NARA Chief Information Officer (CIO) and the Senior Agency Official for Privacy (SAOP), the OIG provided the Office of Management and Budget the 2006 Annual Security Review report pursuant to the Federal Information Security Management Act of 2002 (FISMA). FISMA requires Federal agencies to take a risk-based, cost-effective approach to secure the agency-wide information and systems, identify and resolve IT security control weaknesses, and protect agency resources against future vulnerabilities and threats. FISMA lays out a framework that is further specified by National Institute of Standards and Technology publications for risk-based controls, testing, and evaluation. Under this guidance, the Federal Government is able to quantitatively determine IT security control progress and problems. This information is essential to ensuring that remediation efforts and IT resources are prioritized, properly included in the budget, and result in timely resolution of IT security weaknesses.

We noted that many of the control weaknesses noted in Fiscal years'2004 and 2005 continue to persist as of the Fiscal Year 2006 reporting period. Most notably, the control weaknesses surrounding 1) updated system security plans; 2) plans of action and milestones for each system and for the agency as a whole; 3) contingency plans and contingency plan testing; 4) configuration policy; 5) annual system testing and evaluation; and 6) failure to complete Privacy Impact assessments for all systems identified as needing one.

Inventory of Commercial Activities. We submitted to OMB our FY 2006 inventory of commercial activities performed by OIG employees. The Federal Activities Inventory Reform Act of 1998, Pub. L. 105-270 (the FAIR Act), requires Federal agencies to prepare and submit to OMB, by June 30 of each year, inventories of their commercial activities performed by Federal employees. OMB is required to review each agenc's inventory and consult with the agency regarding its content. Upon completion of the review and consultation, OMB is required to list the available inventories in the Federal Register, and the agency head must transmit a copy of the inventory to the Congress and make it available to the public. NARA forwarded its FY 2006 inventory to OMB and published it to the NARA website during this reporting period.

Federal Managers' Financial Integrity Act (FMFIA). Each year under the Federal Managers' Financial Integrity Act (FMFIA), the Archivist is required to report to the President on the adequacy and effectiveness of internal controls in NARA's programs and administrative activities. To create this report, the Archivist relies on assurance statements from each NARA office and OIG review.

The OIG does not agree with NARA's decision to reflect existing material weaknesses identified in the agency's Preservation Program and Information Security Program as reportable conditions in NARA's FY 2006 FMFIA Assurance Statement letter to the President. We disagree with the letter because in our view it does not accurately reflect the state of management controls and material risks identified by OIG.

Top of Page


Audits

Overview

This period, we issued:

  • 3 final audit reports
  • 2 advisory reports

We completed fieldwork on the following assignment:

  • an audit of high-valued items to determine if management controls are adequate for properly safeguarding specially protected records and artifacts stored in secured stacks, vaults, and safes.
  • an audit of Suitability Determination of Contract Employees to assess controls over contractor employment suitability.
  • an audit of NARA's Hurricane Katrina Related Mission Assignments to determine the effectiveness and efficiency of the Department of Homeland Security mission assignment process.

We also continued work on the following assignments:

  • an audit of NARA Enterprise Architecture to determine if NARA has established and is managing its enterprise architecture in accordance with Federal best practices.
  • a review of the Processing of Records Accessioned into NARA to determine whether established controls provide adequate assurance that archival records transferred to NARA are made available to the public in a timely manner.

Audit Summaries

Review of NARA's Information Security Program

The overall objective of our review was to determine if the National Archives and Record Administration is making satisfactory progress establishing an information security program that includes appropriate controls required by federal legislation. Specifically, we sought to determine whether or not NARA (a) has up-to-date, documented security policies; (b) has documented procedures and controls to implement the policies; (c) has implemented the security procedures and controls, and reinforced them through training; (d) routinely tests and reviews the adequacy and effectiveness of its procedures and controls; and (e) has successfully integrated the policies, procedures, and controls into a comprehensive security program that is an integral part of its organizational culture.

Our review revealed that (a) NARA's network perimeter/firewall security needs improvement; (b) the agency's computer network operating system software and electronic message software do not ensure a secure computing environment for the agency's computer network users; (c) NARA officials have not established a 24-hours-per-day/7-days-per-week computer security incident response capability; performed any testing to ensure that the computer incident response team will function in the most efficient and effective manner possible; or conducted post incident activities in accordance with the guidance in National Institute of Standards and Technology Special Publication 800-61, Computer Security Incident Handling Guide, and the NARA Computer Security Incident Handling Guide; (d) in the area of contingency planning, NARA's recovery strategy for quickly and effectively restoring its mission critical IT systems after a severe service disruption or disaster is inadequate; contingency plans were not prepared for two of NARA's IT systems; the NH Disaster Recovery Plan was inadequate (i.e., critical information was missing from the plan) and, of 28 mission critical and non-mission critical IT systems reviewed, none had a plan for testing its contingency plan, nor had any testing been accomplished; and (e) improvement is needed in NARA's security certification and accreditation process, specifically, the preparation, maintenance, and update of system security plans; preparation of plans of action and milestones; and tasks associated with the continuous monitoring process.

We made 12 recommendations that, when implemented by management, will assist the agency in establishing an information security program that meets the Federal Information Security Management Act and the National Institute of Standards and Technology requirements, and will eliminate the need to report information security as a material weakness in the FMFIA report. Management concurred with two recommendations, partially concurred with two recommendations, and nonconcurred with eight recommendations in the report. The report is currently being reviewed by the Archivist of the United States. (Audit Report #06-09, dated August 9, 2006.)

Audit of NARA's System Administrator Rights and Controls

The Office of the Inspector General (OIG) performed an audit of the NARA's system administrator rights and controls. The audit was designed to determine whether the appropriate controls, oversight, policies, and procedures are implemented over system administrator accounts in order to ensure that NARA'systems and information are properly secured and reasonably controlled. System administrator rights and controls exist to ensure that only legitimate system administrators can perform operations critical to controlling rights among other programs and users.

Our audit revealed that NARA's controls over system administrator accounts were weak and needed immediate improvement. The inadequate controls governing system administrator rights and controls result in increased risk of system degradation due to potential mismanagement, human error, or system compromise by persons seeking to harm NARA's servers and infrastructure devices.

Specifically, we noted weaknesses governing the removal of previously disabled system administrator accounts; the enforcement of NARA password policies for system administrator passwords; users having root access on some servers; system logs, including the lack of logging, ineffective log parameters, log overwrites, inconsistent log sizes, and logs not backed up or saved; the number of system administrators on servers; the ability of system administrators to create an access control list of users and their rights for review as directed by the NARA Technical Controls IT Handbook; the process of ensuring that system administrators have a user level account in addition to their administrator account; and the policies and procedures governing field sites and the related systems administration.

We made nine recommendations to improve NARA's system administrator rights and controls and enhance controls over information technology security. Management agreed with all but two recommendations and initiated corrective action. (Audit Report #06-11, dated September 27, 2006.)

Evaluation of NARA's Affiliated Archives Program

NARA's affiliated archives, through formal Memorandums of Understanding (MOUs), agree to house, maintain, and service NARA records in accordance with pertinent Federal laws and appropriate NARA regulations and archival and facility standards. The affiliates are responsible for all costs for establishing and maintaining the records and archival facility.

The dual purpose of the audit was to determine whether (1) the Affiliated Archives Program is meeting its intended goal and function, and (2) affiliate archives participants were complying with management controls and ensuring that NARA records were properly accounted for and appropriately secured.

While conducting the review, the auditors determined that while the Affiliated Archives Program is meeting its intended goal and function to a measured degree, opportunities exist to improve upon and expand the program to provide the American public with even greater access to NARA records. The evaluation also identified that while NARA has improved management oversight over the Affiliated Archives Program, opportunities exist to strengthen internal controls to ensure that records are protected from damage and loss. Specifically, the review disclosed two critical conditions that adversely impacted the program.

  • Outdated MOUs govern the relationships between NARA and the respective affiliates. Individual affiliates are held to inconsistent requirements and standards for housing and maintaining holdings.

  • With the exception of one of the existing eight affiliated archives, all failed to meet the current NARA Archival Storage Standards.

To address the discovered conditions, the report contained six recommendations that, upon adoption, will help ensure that NARA records are protected while improving access through additional partnerships. Management concurred with all but one recommendation and began corrective action. (Audit Report #06-10, dated August 9, 2006.)

OIG Monitoring of the Novell Netware/GroupWise Upgrade Project

The purpose of this effort was to advise the Archivist of the status of the Novell NetWare/GroupWise Upgrade Project. Specifically, we assessed whether the project was meeting cost and schedule requirements, and management was taking timely action to correct any actual or potential problems with project performance.

Our monitoring effort consisted of reviewing applicable project documentation, including the Daily Summary Reports, Weekly Status Reports, Work Breakdown Structure, and Implementation Schedule. We also reviewed the NetWare/GroupWise 2006 Product Plan; NetWare 6.5 Upgrade Project Plan, Information Technology Support Services (ITSS) contract modification no. 25, Software Upgrade, dated April 27, 2006; and the Technical Direction Letter no. FY05-TDL-04: Completion of the NetWare/GroupWise Upgrade Project, dated May 25, 2005.

We reported that the Novell NetWare/GroupWise Upgrade Project was proceeding on schedule. In fact, the migration effort at the NARA facilities was scheduled to be completed in less time than originally scheduled. According to ITSS contract modification no. 25, the effort was scheduled to begin on March 6, 2006, and be completed on October 31, 2006. Subsequently, the scheduled completion date was changed to October 27, 2006, a reduction of four days.

In addition, it was our opinion that the upgrade project had encountered no major problems with performance or technical issues. As of June 13, 2006, there were three unresolved issues that were being addressed by project personnel. Because the report was advisory in nature, we made no recommendations for corrective action. (Advisory Report # 06-14, dated June 20, 2006.)

OIG Monitoring of the Novell Netware/GroupWise Upgrade Project (2nd Report)

The purpose of this effort was to advise the Archivist of the status of the Novell NetWare/GroupWise Upgrade Project. Specifically, we assessed whether the project was meeting cost and schedule requirements, and management was taking timely action to correct any actual or potential problems with project performance.

Our monitoring effort consisted of reviewing applicable project documentation, including the Daily Summary Reports, Weekly Status Reports, Work Breakdown Structure, and Implementation Schedule. We also reviewed the NetWare/GroupWise 2006 Product Plan; NetWare 6.5 Upgrade Project Plan, Information Technology Support Services (ITSS) contract modification no. 25, Software Upgrade, dated April 27, 2006; and the Technical Direction Letter no. FY05-TDL-04: Completion of the NetWare/GroupWise Upgrade Project, dated May 25, 2005.

In this second advisory report informing the Archivist of the status of the Novell NetWare/GroupWise Upgrade Project, we reported that, based on efforts expended by NARA and contractor personnel to upgrade NARA's computer network operating system and electronic mail software, the project continued to progress in a satisfactory manner. In fact, it appeared that the project, which had encountered no major technical problems, would be completed ahead of the scheduled completion date of October 31, 2006. Efforts were underway at the last two NARA facilities, Archives I and St. Louis (Military Personnel Records), to upgrade the Novell software.

We also reported that that upgrading the operating system and electronic mail software to version 6.5 constituted only an interim measure for solving the agency's operating system and electronic mail software problems. It is believed that the Novell Corporation will continue to support the Netware operating system software, version 6.5, only until 2008. At that point, NARA will find itself in the same position that it is currently working to get out of, that is, running obsolete network software. As a result, planning for the next software upgrade is critical and should begin as soon as the current upgrade project is completed. Because the report was advisory in nature, we made no recommendations for corrective action. (Advisory Report # 06-15, dated September 11, 2006.)

Top of Page


Investigations

Closed Investigation Highlights

Possession of Illicit Drugs and a Firearm at Archives I

In February 2006, an anonymous complainant reported that a contract employee was holding illegal drugs and a firearm in a locker at the National Archives Building. A lawful search of the locker resulted in the discovery of two plastic baggies of marijuana within a camouflage jacket known to be worn by the contract employee. Several documents containing the contractor's name and Social Security Number were also found in the locker. No firearms or ammunition were discovered during the search. The contract employee was immediately deemed unsuitable, removed from the contract and barred from the facility. The DC U.S. Attorney's Office declined prosecution.

A NARA Employee and a Security Guard at FDR Presidential Library Engaged in Inappropriate Conduct at the Library During Work Hours

In April 2006, interviews of contract guards at NLFDR concerning a different investigation, suggested a NLFDR employee had sexual contact with a contract guard on multiple occasions during duty hours in the NLFDR auditorium. The investigation substantiated that the NLFDR employee did have sexual contact with the contract guard in the library one or two times per week from approximately April 2004 to October 2005. The NLFDR employee subsequently resigned her position in lieu of potential termination. The contract guard was deemed unsuitable and removed from the contract.

Compromise of Classified Material

In March 2006, the Office of Inspector General was notified that a NARA employee had received a classified e-mail attachment via an unsecured NARA e-mail production server. The investigation established that an Executive Office of the President employee unknowingly sent a classified e-mail attachment to the NARA employee resulting in it subsequently being stored on an unsecured NARA e-mail production server located at AII. The classified information was immediately recognized and deleted from the NARA user's e-mail account. Any potential remnants of e-mail were subsequently deleted from the production server without any apparent compromise.

Investigation Updates

Mishandling and Improper Investigation of a Theft of Classified Documents

In the first quarter of FY 2006, an investigation concerning the mishandling and improper investigation relating to the viewing and theft of classified documents by former National Security Advisor Samuel R. Berger was completed and referred to the U.S. Department of Justice and the U.S. Archivist for action. The Department of Justice declined prosecution in lieu of administrative action. The investigation determined that Berger was provided highly classified materials in an unauthorized setting on multiple occasions, and that NARA failed to report the theft of the classified materials to the OIG or any other law enforcement entity before conducting an improper investigation of the incident. Previously, Berger was charged with one count of 18 U.S.C. § 1924: Unauthorized Removal and Retention of Classified Material, a Class A Misdemeanor, and sentenced to 2 years'probation, 100 hours community service, a $50,000 fine, and no access to classified information for a period of 3 years'. Update: In June 2006, the Archivist acted to take internal administrative actions in response to the OIG report of investigation.

Threat Against NARA Employees

In May 2005, a NARA employee threatened the lives of two co-workers with a box cutter. In June 2005, the individual was removed from employment. This case is being prosecuted by the State of Missouri. The Office of Investigations is working with the Department of Homeland Security, Federal Protective Service. In August 2005, the individual entered a plea of not guilty. In December 2005, the employee again entered a plea of not guilty. Update: In June 2006, the subject received a sentence of five years'probation with a suspended imposition of sentence (deferred adjudication).

Compromise of CMRS and PERL Servers

The National Archives and Records Administration Intrusion Detection System reported an attempt by a remote computer to exploit a known Windows vulnerability to upload an exploit to the Case Management Reporting System (CMRS-02) server. Subsequently, the entire CMRS network was affected by the exploit. The investigation showed that both the CMRS-02 server and the Presidential Electronic Records Library (PERL) server named "WJC-CDSS" were compromised. The exploit gave the intruders full administrative rights and access to both of these servers and to the 11 computer workstations that were also compromised in this attack. Although direct evidence of data exfiltration from either server was not found, the level of access granted to the intruders and the trust relationships between the compromised servers and computers allowed circumvention of internal controls so that proprietary data exfiltration cannot be definitively ruled out. Update: This case is pending a prosecutive decision.



OIG HOTLINE

The OIG Hotline provides a prompt, effective, and confidential channel for reporting fraud, waste, abuse, and mismanagement to the OIG. In addition to receiving telephone calls at a toll-free Hotline number and letters to the Hotline post office box, we also accept email communication from NARA's internal network or the Internet through the Hotline email system. Walk-ins are always welcome.

The Investigative Division promptly and carefully reviews calls, letters, and e-mail to the Hotline. We investigate allegations of suspected criminal activity or civil fraud and conduct preliminary inquiries on noncriminal matters to determine the proper disposition. Where appropriate, referrals are made to the OIG Audit Staff or to NARA management.

The following table summarizes Hotline activity for this reporting period:

Cases Opened* 19
Referred Outside the OIG 82
Closed to File 41
Closed from Last Reporting Period 17
Pending 20
TOTAL HOTLINE CONTACTS 162

*Cases included in investigative workload statistics.

Top of Page


Top Ten Management Challenges

Under the authority of the Inspector General Act, the NARA OIG conducts and supervises independent audits, investigations, and other reviews to promote economy, efficiency, and effectiveness and prevent and detect fraud, waste, and mismanagement. To fulfill that mission and help NARA achieve its strategic goals, we have aligned our programs to focus on areas that we believe represent the agency’s most significant challenges. We have identified those areas as NARA's top ten management challenges. These challenges are listed below.

1. Electronic Records Archives (ERA)

NARA's challenge is to build a system that will accommodate past, present, and future formats of electronic records. By September 2007, NARA plans to have initial operating capability for ERA with planned incremental improvements that will eventually result in full system capability. The challenge will be to deliver and maintain a functional ERA system that will preserve electronic records for as long as needed.

2. Electronic Records Management (ERM)

NARA directs the Electronic Records Management (ERM) initiative, one of 24 Government-wide initiatives. The ERM initiative will provide guidance to agencies in managing and transferring to NARA, in an increasing variety of data types and formats, their permanent electronic records. NARA and its Government partners are challenged with determining how to manage electronic records, and how to make ERM and e-Government work more effectively.

3. Improving Records Management

NARA's mission is to ensure that Federal officials and the American public have ready access to essential evidence. NARA must work with Federal agencies to make scheduling, appraisal, and accessioning processes more effective and timely. The challenge is how best to accomplish this component of our overall mission and identify and react to agencies with critical records management needs.

4. Information Technology Security

The authenticity and reliability of our electronic records and information technology systems are only as good as our IT security infrastructure. Each year, the risks and challenges to IT security continue to evolve. NARA must ensure the security of its data and systems or risk undermining the agency's credibility and ability to carry out its mission.

5. Expanding Public Access to Records

In a democracy, the records of its archives belong to its citizens. NARA's challenge is to more aggressively inform and educate our customers about the services we offer and the essential evidence to which we can provide access. Of critical importance is NARA's role in ensuring the timeliness and integrity of the process of declassifying classified material held at NARA.

6. Meeting Storage Needs of Growing Quantities of Records

NARA-promulgated regulation 36 CFR Part 1228, "Disposition of Federal Records," Subpart K, "Facility Standards for Records Storage Facilities," requires all facilities that house Federal records to meet defined physical and environmental requirements by FY 2009. NARA's challenge is to ensure compliance with these regulations internally as well as by other agencies that house Federal records.

7. Preservation Needs of Records

The Archivist has identified preservation as a material weakness under the Federal Managers' Financial Integrity Act (FMFIA) reporting process. NARA cannot provide public access to records to support researchers needs unless it can preserve them for as long as needed. As in the case of our national infrastructure (bridges, sewer systems, etc.), NARA holdings grow older daily and are degrading. NARA is challenged to address this condition and related challenges.

8. Improving Financial Management

By inclusion under the Accountability of Tax Dollars Act of 2002, NARA is required to prepare audited financial statements in compliance with prescribed standards, subject to independent audit. NARA's challenge is to present timely, accurate, and useful financial information for making day-to-day operating decisions; supporting results-oriented management approaches; and ensuring accountability on an ongoing basis.

9. Physical Security

The Archivist has identified security of collections as a material weakness under the FMFIA reporting process. NARA must maintain adequate levels of security to ensure the safety and integrity of persons and holdings within our facilities. This is especially critical in light of the new realities that face this nation, post-September 11, and the risks that our holdings may be pilfered, defaced, or destroyed by fire or other natural disasters.

10. Strengthening Human Capital

The GAO has identified human capital as a Government-wide high risk. NARA's challenge is to adequately assess its human capital needs in order to effectively recruit, retain, and train people with the technological understanding and content knowledge that NARA needs for future success.

Top of Page


Reporting Requirements

STATISTICAL SUMMARY OF INVESTIGATIONS
Investigative Workload
Complaints received this reporting period 162
Cases pending at the beginning of the reporting period 26

Cases opened this reporting period

20

Cases closed this reporting period

10

Cases carried forward this reporting period

36

Categories of Closed Investigations

Fraud

0

Conflict of Interest

0

Contracting Irregularities

0

Misconduct

1

Larceny (theft)

2

Torts

0

Other

3

Investigative Results

Cases referred - Accepted for prosecution

0

Cases referred - Declined for prosecution

2

Cases referred - Pending prosecutive decision

1

Arrests

0

Indictments and informations

0

Convictions

1

Fines, restitutions, and other civil and administrative recoveries

0

NARA holdings recovered

12

Administrative Remedies

Employee(s) terminated

1

Employee(s) resigned in lieu of termination

1

Employee(s) suspended

0

Employee(s) given letter of reprimand/warned/counseled

4

Employees taking a reduction in grade in lieu of administrative action

0

Contractor (s) removed

3

 

Requirement 5(a)(6)
LIST OF REPORTS ISSUED
Report No. Title Date Questioned Costs Un-supported Costs Funds Put to Better Use
06-09 Review of NARA's Information Security Program 08/09/2006 0 0 0
06-10 Evaluation of NARA's Affiliated Archives Program 08/09/2006 0 0 0
06-11 Audit of NARA's System Administrator Rights and Controls 09/27/2006 0 0 0
06-14 OIG Monitoring of the Novell Netware/GroupWise Upgrade Project 06/20/2006 0 0 0
06-15 OIG Monitoring of the Novell Netware/GroupWise Upgrade Project (2nd Report) 09/11/2006 0 0 0


AUDIT REPORT(S) WITH QUESTIONED COSTS

Category

Number of
Reports
DOLLAR VALUE

Questioned
Costs
Unsupported
Costs

A. For which no management decision has been made by the commencement of the reporting period

1

$236,335

$0

B. Which were issued during the reporting period

$0

$0

$0

Subtotals (A + B)

1
$236,335
$0

C. For which a management decision has been made during the reporting period

0
$0
$0

(i) dollar value of disallowed cost

0
$0
$0

(ii) dollar value of costs not disallowed

0

$0

$0

D. For which no management decision has been made by the end of the reporting period

1
$236,335
$0

E. For which no management decision was made within 6 months

1

$236,335

$0

 

Requirement 5(a)(9)
AUDITS REPORTS WITH RECOMMENDATIONS THAT FUNDS
BE PUT TO BETTER USE
CATEGORY NUMBER
DOLLAR VALUE

A. For which no management decision has been made by the commencement of the reporting period

0 $0

B. Which were issued during the reporting period

0 0

Subtotals (A + B)

0
0

C. For which a management decision has been made during the reporting period

0
0

(i) dollar value of recommendations that were agreed to by management

0
0

Based on proposed management action

0
0

Based on proposed legislative action

0
0

(ii) dollar value of recommendations that were not agreed to by management

0
0

D. For which no management decision has been made by the end of the reporting period

0
0

E. For which no management decision was made within 6 months of issuance

0
0

secutor

REQUIREMENT

CATEGORY SUMMARY

5(a)(3)

Prior significant recommendations unimplemented

None

5(a)(4)

Summary of proial referrals

None

5(a)(5)

Information or assistance refused

None

5(a)(10)

Prior audit reports unresolved

None

5(a)(11)

Significant revised management decisions

None

5(a)(12)

Significant revised management decisions with which the OIG disagreed

None

Top of Page

PDF files require the free Adobe Reader.
More information on Adobe Acrobat PDF files is available on our Accessibility page.

Office of the Inspector General (OIG) >

The U.S. National Archives and Records Administration
1-86-NARA-NARA or 1-866-272-6272

.