Executive
Waste of the Day: $11 Million EPA Program Lacks IT Control; Ex-Employees Still Had Access to Database
The Environmental Protection Agency spent $11 million on a key database that lacks proper security, allowing former staff to access it.
The U.S. Environmental Protection Agency doesn’t have proper systems security in place, allowing former employees to access one of the databases for an $11 million program, according to a report from its Office of Inspector General.
The EPA Inspector General conducted an audit of its Integrated Risk Information System database to determine if it adheres to federal and agency access control requirements, finding that it didn’t. That program “is a chemical evaluation program under the Office of Research and Development and is a critical component of the EPA’s capacity to support scientifically sound environmental regulations and policies,” according to the report. “The program supports the EPA’s mission to protect human health and the environment by identifying and characterizing the health hazards of chemicals found in the environment.”
The EPA’s Office of Research and Development operated with a $574.4 million budget in FY 2023, with an estimated $11.3 million allocated to the program. Agency personnel estimated $127,000 of the program’s budget was used for its database application, the report found.
The Inspector General found that information technology access management for the database did not adhere to federal and agency IT access control requirements.
It found that 64% percent of the database general user accounts had access to the application “without a legitimate business need,” including having the accounts of two former employees remain active for eight months after they separated from the EPA.
The EPA also didn’t implement password configurations for database server accounts, “which caused inactive accounts to remain in an active status for an unlimited time frame, use the same password an unlimited amount of time, and reuse a password sooner than allowed.”
The audit found that the EPA ran the database without being included or identified in a system security plan that would ensure that the system’s security met federal standards.
The agency skipped basic security steps that even Gmail users must participate in, let alone people with access to federal government databases worth $11 million.
The #WasteOfTheDay is brought to you by the forensic auditors at OpenTheBooks.com.
This article was originally published by RealClearInvestigations and made available via RealClearWire.
Adam Andrzejewski (say: Angie-eff-ski) was the CEO/founder of OpenTheBooks.com. Before dedicating his life to public service, Adam co-founded HomePages Directories, a $20 million publishing company (1997-2007). His works have been featured on the BBC, Good Morning America, ABC World News Tonight, C-SPAN, The Wall Street Journal, The New York Times, USA Today, FOX News, CNN, National Public Radio (NPR), Forbes, Newsweek, and many other national media.
Today, OpenTheBooks.com is the largest private repository of U.S. public-sector spending. Mission: post "every dime, online, in real time." In 2022, OpenTheBooks.com captured nearly all public expenditures in the country, including nearly all disclosed federal government spending; 50 of 50 state checkbooks; and 25 million public employee salary and pension records from 50,000 public bodies across America.
The group's aggressive transparency and forensic auditing of government spending has led to the assembly of grand juries, indictments, and successful prosecutions; congressional briefings, hearings, and subpoenas; Government Accountability Office (GAO) audits; Congressional Research Service (CRS) reports; federal legislation; and much more.
Our Honorary Chairman - In Memoriam is U.S. Senator Tom Coburn, MD.
Andrzejewski's federal oversight work was included in the President's Budget To Congress FY2021. The budget cited his organization by name, bullet-pointed their findings, and footnoted/hyperlinked to their report.
Posted on YouTube, Andrzejewski's presentation, The Depth of the Swamp, at the Hillsdale College National Leadership Seminar 2020 in Naples, Florida received 3.8 million views.
Andrzejewski has spoken at the Columbia School of Journalism, Harvard Law School and the law schools at Georgetown and George Washington regarding big data journalism. As a senior policy contributor at Forbes, Adam had nearly 20 million pageviews on 206 published investigations. In 2022, investigative fact-finding on Dr. Fauci's finances led to his cancellation at Forbes.
In 2022, Andrzejewski did 473 live television and radio interviews across broadcast, major cable platforms, and radio shows. Andrzejewski is the author of The Waste of the Day column at Real Clear Policy. The column is syndicated by Sinclair Broadcast Group, owners of nearly 200 ABC, NBC, CBS, and FOX affiliates across USA.
Andrzejewski passed away in his sleep at his home in in Hinsdale, Illinois, on August 18, 2024. He is survived by his wife Kerry and three daughters. He also served as a lector at St. Isaac Jogues Catholic Church and finished the Chicago Marathon eight times (PR 3:58.49 in 2022).
Waste of the Day articles published after August 18, 2024 are considered posthumous publications.
-
Civilization3 days agoReply to Michael Walzer on Israel’s Pager Attack and Just War Theory
-
Human Interest3 days agoPatronizing attitude of Democrats
-
Civilization4 days agoFlorida opts for liberty in emergencies
-
Civilization5 days agoCHAPTER 41: Your Brain Is the Battlespace – Space Is No Longer the Final Frontier—Reality Is*
-
Civilization2 days agoElection law – and lawsuits
-
Constitution1 day agoElon Musk, the wild card in American politics
-
Civilization2 days agoThe Failure of Biden’s ‘Just Say Don’t’ Foreign Policy
-
Education2 days agoWaste of the Day: Spending at “DeSantis U.”