Federal Manager's Daily Report

GSA is “mismanaging” the personal identity verification cards it issues to contractor employees, an IG audit has said, which “places GSA personnel, federal property, and data at risk.”

“GSA’s poor management and oversight of these cards raises significant security concerns because the cards can be used to gain unauthorized access to GSA buildings and information systems,” a report said.

ADVERTISEMENT

It said that GSA annually issues some 14,500 such cards annually but “was unable to account” for some 15,000 total—of which nearly 11,000 still would allow access to buildings and IT systems—and did not collect more than half of the 445 cards issued to contractor employees who later failed their background checks.

Reasons included that GSA uses unreliable data to track and monitor PIV cards; that it does not have formal procedures for recovering cards from contract employees, “forcing GSA personnel to use a patchwork of inconsistent and largely ineffective methods for recovering the cards”; and that it “has not implemented the oversight needed” to ensure all PIV cards are recovered from contract employees.

It said management agreed with its recommendations to address those issues, adding that those steps still are needed even though there has been some improvement since the IG first issued a management alert on the subject in November of last year.

Administration Drops Plan to Break Up OPM, Merge GSA

GSA Failing to Block Some Debarred Contractors, IG Says

IRS Still Needs to Strengthen Controls over Access by Separated Employees, IG Says

Who Actually Owns that Defense Contractor? GAO Advises Closer Look

FERS Retirement Guide 2021