Laws & Regulations

Report: EPA Improved Its National Security Information Program, but Some Improvements Still Needed

Report #16-P-0196, June 2, 2016. The EPA will continue to improve its national security information program by completing information classification guides that can be used uniformly and consistently throughout the agency.

Report: EPA Needs Better Data, Plans and Tools to Manage Insect Resistance to Genetically Engineered Corn

Report #16-P-0194, June 1, 2016. Bt crops have reduced insecticide applications by 123 million pounds. The EPA can preserve this significant public benefit through enhanced monitoring and preparation to address insect resistance in Bt corn.

Report: EPA Region 9 Needs to Improve Oversight Over American Samoa Consolidated Cooperative Agreements

Report #16-P-0181, May 23, 2016. EPA needs to enhance its internal controls over the more than $68 million in consolidated cooperative agreement funds for American Samoa.

Report: Significant Data Quality Deficiencies Impede EPA’s Ability to Ensure Companies Can Pay for Cleanups

Report #16-P-0126, March 31, 2016. Management Alert. Environmental and extensive financial risks exist from the EPA's failure to have accurate and complete data to monitor and ensure compliance with RCRA and CERCLA financial assurance requirements.

Report: EPA’s Tracking and Reporting of Its Conference Costs Need Improvement

Report #16-P-0081, January 7, 2016. Accurate data on conference costs will provide the EPA with the information it needs to be more efficient in how funds are spent.

Report: The EPA Could Improve Its Review of Drinking Water State Revolving Fund Programs to Help States Assist Disadvantaged Communities

[Paste Description here]

Report: The EPA’s Vulnerability Tracking and Remediation and Information Technology Procedures Review Processes Are Implemented Inconsistently

[Paste Description here]

Report: Report of Investigation: Katherine A. Lemos, Former Chairperson and Chief Executive Officer, U.S. Chemical Safety and Hazard Investigation Board

[Paste Description here]

Report: Pesticide Registration Fee, Vulnerability Mitigation and Database Security Controls for EPA’s FIFRA and PRIA Systems Need Improvement

Report #19-P-0195, June 21, 2019. Proper vulnerability testing, fee registration and database controls are essential to the security of the EPA's FIFRA and PRIA systems.

Report: EPA Complied with Improper Payments Legislation but Stronger Internal Controls Are Needed

Report #19-P-0163, May 31, 2019. Improvements to processes for preventing and detecting improper payments will result in better use of funds for environmental and supporting programs.

Report: Audit of Financial Statements for EPA’s Hazardous Waste Electronic Manifest System Fund From Inception (October 5, 2012) to September 30, 2014

Report #16-F-0251, August 1, 2016. We found the fund’s financial statements to be fairly presented and free of material misstatement.

Report: EPA's Financial Oversight of Superfund State Contracts Needs Improvement

Report #16-P-0217, June 27, 2016. With improved financial oversight, the EPA may manage SSCs more effectively, report results more accurately, and increase the availability of funds for cleanups protecting public health.

Report: EPA Must Improve Oversight of State Enforcement

Report #12-P-0113, December 9, 2011. EPA does not administer a consistent national enforcement program.

Report: CSB's Information Security Program Is Defined, but Improvements Needed in Risk Management, Identity and Access Management, and Incident Response

Report #20-P-0077, February 12, 2020. The CSB lacks documented procedures to address information technology risks and threats from cybersecurity incidents.

Report: EPA Adequately Managed Hurricane Harvey Funding Received from FEMA

Report #20-P-0010, October 23, 2019. The EPA had policies and procedures in place for efficient and effective management of over $11 million in FEMA Disaster Relieve Funding for the Hurricane Harvey response.

Report: Region 4 Quickly Assessed Water Systems After Hurricane Irma but Can Improve Emergency Preparedness

Report #20-P-0001, October 7, 2019. EPA staff training with state partners and development of standard operating procedures could improve emergency response.

Report: EPA Region 6 Quickly Assessed Water Infrastructure after Hurricane Harvey but Can Improve Emergency Outreach to Disadvantaged Communities

Report #19-P-0236, July 16, 2019. Enhancements to environmental justice outreach efforts during emergencies could improve the public health protections of communities impacted by hurricanes or other disasters.

Report: Insufficient Practices for Managing Known Security Weaknesses and System Settings Weaken EPA's Ability to Combat Cyber Threats

Report #19-P-0158, May 21, 2019. Missing POA&M data and incorrect security settings limit the EPA's ability to manage enterprise risk and strengthen its security procedures.

Report: CSB Still Needs to Improve Its 'Incident Response' and 'Identity and Access Management' Information Security Functions

Report #19-P-0147, May 9, 2019. The CSB lacks established procedures for automated processes and authentication technologies, which could permit unauthorized access to agency systems.

Report: EPA Consistently Implements Processes Within Its Information Security Program, but Opportunities for Improvement Exist

Report #19-P-0058, January 30, 2019. Further improvements are needed to strengthen internal processes to better protect human health and environmental data from cybersecurity threats.