An IG audit has found that the USPS is not always following out-processing steps for its own employees and those of contractors who are leaving their jobs, leaving it with “an increased risk that separated employees and inactive contractors could access Postal Service data and facilities without authorization.”
“In addition, there was an increased risk that accountable items were not returned by separated employees or inactive contractors, potentially leading to loss or misuse of assets and information,” a report said.
It said that for all separations including retirements, local facility management is to collect certain items, revoke facility access, suspend computer access and submit separation actions to the Human Resources Shared Service Center. Similarly, contracting officers and their representatives are to verify that system privileges are removed, facility access is revoked, and collect any accountable items from contractor employees.
However, in a random sample of about separations of employees, auditors found that local facility management did not timely notify HR in about a quarter of the cases “due to other priorities.”
Further, in about 90 percent of separations sampled, management did not “complete and retain documentation of clearance activities – including collection of employee identification badges, building keys, parking permits, and other accountable items.” Of those, almost all had an active badge as of their effective date of separation in the system for facility access.
In a smaller sample of contractor employees, the IG similarly found that in most cases USPS did not document that they had returned all Postal-Service property or that their access to facilities was revoked.
It said that management agreed with its recommendations to tighten controls over out-processing of both employees and contractor employees.