[Audit Report on Personnel and Payroll Processing Policies and Procedures, National Business Center/Products and Services, Office of the Secretary, Department of the Interior ] [From the U.S. Government Printing Office, www.gpo.gov] Report No. 01-I-131 Title: Audit Report on Personnel and Payroll Processing Policies and Procedures, National Business Center/Products and Services, Office of the Secretary, Department of the Interior Date: January 22, 2001 **********DISCLAIMER********** This file contains an ASCII representation of an OIG report. No attempt has been made to display graphic images or illustrations. Some tables may be included, but may not resemble those in the printed version. A printed copy of this report may be obtained by referring to the PDF file or by calling the Office of Inspector General, Division of Acquisition and Management Operations at (202) 219-3841. ****************************** U.S. Department of the Interior Office of Inspector General EXECUTIVE SUMMARY Personnel and Payroll Processing Policies and Procedures, National Business Center/Products and Services, Office of the Secretary, Department of the Interior Report No. 01-I-131 January 2001 The Department of the Interior's National Business Center/ Products and Services (NBC/PS), located in Lakewood, Colorado, implemented the Department's Federal Personnel Payroll System (FPPS) at the end of 1998. NBC/PS provides automated personnel and payroll services for its clients, the Department of the Interior and its bureaus and other Federal agencies, such as the Department of Education and the Social Security Administration. During 1999, NBC/PS processed payroll of approximately $8 billion for approximately 175,000 Federal employees. NBC/PS receives funding through the Department of the Interior's working capital fund and through direct charges to client appropriations. During fiscal year 1999, NBC/PS charged its clients about $29 million. The objective of the audit was to determine whether NBC/PS's policies and procedures provided reasonable assurance that personnel and payroll transactions were processed and reported accurately and timely and were in compliance with applicable Federal laws and regulations. We concluded that NBC/PS's policies and procedures generally provided for accurate and timely processing of personnel and payroll transactions in compliance with applicable personnel and payroll laws and regulations. In addition, we found that there may be opportunities to operate NBC/PS personnel and payroll processing and reporting functions more efficiently and to decrease the risk of unauthorized access to, modification of, and disclosure of personnel and payroll data and of critical systems not being recovered in the event of a disaster or a system failure. Based on our audit, NBC/PS began or completed developing a strategic plan for its operations, programing all required functions in FPPS, instituting all necessary security policies, and maintaining sufficient internal controls over software change management and separation of duties. We made 12 recommendations for improving operations. AUDITEE COMMENTS AND OFFICE OF INSPECTOR GENERAL EVALUATION Based on NBC/PS's response to the recommendations, we considered seven recommendations resolved and implemented and five recommendations resolved but not implemented. A-IN-OSS-001-99-M January 22, 2001 AUDIT REPORT Memorandum To: Director, National Business Center, Office of the Secretary From: Roger La Rouche Acting Assistant Inspector General for Audits Subject: Audit Report on Personnel and Payroll Processing Policies and Procedures, National Business Center/Products and Services, Office of the Secretary, Department of the Interior (No. 01-I-131) INTRODUCTION This report presents the results of our audit of personnel and payroll processing policies and procedures at the Department of the Interior's National Business Center/Products and Services (NBC/PS). The objective of this audit was to determine whether NBC/PS's policies and procedures provided reasonable assurance that personnel and payroll transactions were processed and reported accurately and timely, were in compliance with applicable Federal laws and regulations, and were processed efficiently. We performed this audit to support the Office of Inspector General's opinions on the annual financial statements of the Department of the Interior and its bureaus and offices. BACKGROUND During 1990, NBC/PS (formerly known as the Bureau of Reclamation's Denver Administrative Service Center), located in Lakewood, Colorado, began to develop the Federal Personnel Payroll System (FPPS) to replace the Department of the Interior's payroll and personnel system, PAY/PERS. By the end of 1998, NBC/PS had fully implemented FPPS. FPPS, which resides on an IBM mainframe computer, was developed by the Bureau of Reclamation using Natural programming language with ADABAS as the database management system. The enhanced features of FPPS include increased management information; paperless processing of personnel and payroll actions through on-line approvals; and immediate responses to on-line editing, updating, and query requests. NBC/PS provides automated personnel and payroll services for its clients, the Department of the Interior and its bureaus, and other Federal agencies (see Appendix 1). Offices within NBC/PS that have responsibilities related to personnel and payroll processing are as follows: - The ADP Services Division is responsible for managing the computer center where the IBM mainframe computer is located and for ensuring that telecommunications are operational and secure. - The Payroll Operations Division (POD) is responsible for developing, implementing, operating, and maintaining the FPPS general support system, known as the Automated Payroll System (APS), which resides on a Digital Alpha server. The APS includes the applications of Health Benefits Reporting, Thrift Lost Earnings, Debt Management, and Check Collection. POD is also responsible for reporting accurate payroll data to the clients and other Federal agencies, such as the Office of Personnel Management and the Department of the Treasury. - The Applications Management Office's FPPS Program Management Division is responsible for developing, implementing, operating, and maintaining FPPS. - The Management and Technical Service Division's Planning and Performance Support Branch is responsible for providing training for NBC/PS clients. During 1999, NBC/PS processed payroll of approximately $8 billion for approximately 175,000 Federal employees. NBC/PS receives funding through the Department of the Interior's working capital fund and through direct charges to client appropriations. During fiscal year 1999, NBC/PS charged its clients about $29 million (about $160 per account). SCOPE OF AUDIT To accomplish our objective, we reviewed and tested policies and procedures that were in place during fiscal year 1999 for personnel and payroll processing at NBC/PS. We also interviewed NBC/PS personnel and NBC/PS contractor personnel, reviewed application and system documentation, analyzed network security, and evaluated service continuity procedures and testing. We did not review the internal controls over input that updates FPPS personnel data or the internal controls over data entry functions for time and attendance. We also used Internet Scanner software developed by Internet Security Systems to identify vulnerabilities in NBC/PS's network. A list of the vulnerabilities identified by the Internet Scanner software was provided to NBC/PS management. For the vulnerabilities identified, NBC/PS management made appropriate changes to improve the security of its network. Our audit was made in accordance with the "Government Auditing Standards," issued by the Comptroller General of the United States. Accordingly, we included such tests of records and other auditing procedures that were considered necessary under the circumstances. PRIOR AUDIT COVERAGE During the past 5 years, neither the Office of Inspector General nor the General Accounting Office has not issued any audit reports related to FPPS. RESULTS OF AUDIT We concluded that NBC/PS's policies and procedures generally provided for the accurate and timely processing of personnel and payroll transactions in compliance with applicable personnel and payroll laws and regulations. However, we identified areas needing improvement. Specifically, NBC/PS did not develop a strategic plan for NBC/PS operations, program all required functions in FPPS, institute all necessary security policies, and maintain sufficient internal controls over software change management and separation of duties. As a result, there may be opportunities to operate NBC/PS personnel and payroll processing and reporting functions more efficiently and to decrease the risk of unauthorized access to, modification of, and disclosure of personnel and payroll data and of critical systems not being recovered in the event of a disaster or a system failure. Strategic Plan NBC/PS management had not developed a strategic plan for NBC/PS operations. A strategic plan is needed to establish an agency's goals and match activities to mission and objectives, and it should include information on how to set priorities and allocate resources. Office of Management and Budget Circular A-123, "Management Accountability and Control," states, "Developing a written strategy for internal agency use may help ensure that appropriate action is taken throughout the year to meet the objectives of the Integrity Act." NBC/PS management said that they did not believe a strategic plan was necessary at the NBC/PS organizational level because it would be more appropriate to develop an NBC strategic plan that would include all services that NBC provides. We believe that without a strategic plan, NBC/PS is at risk of developing and implementing system enhancements using information technology that may not improve business processes and meet user requirements. Information technology that could be developed and implemented in system enhancements which would improve personnel and payroll processing includes distributed processing, use of electronic commerce applications, and a personnel and payroll system that integrates seamlessly with financial and management information systems. Workarounds To ensure that employees who were paid by FPPS were paid correctly and payroll information was reported accurately, NBC/PS personnel developed "workarounds." The purpose of the workarounds was to perform payroll functions that were required but were not part of FPPS. Additionally, applications such as Health Benefits Reporting and Thrift Lost Earnings were developed to operate on APS rather than FPPS, and these systems were not integrated. Further, spreadsheets were developed and used to correct payroll errors and to perform reconciliations. Examples of workarounds are as follows: - A workaround was developed to ensure that variances were reconciled between the POD 200 report (a report of personnel costs created from four FPPS interface files) and the FPPS Labor Cost File (a file of personnel costs by program or activity as defined by each client that is interfaced with the clients' financial systems). Because the information for the POD 200 report and the FPPS Labor Cost File are generated from the same system, FPPS, the variances generated and the need for reconciling the variances may indicate that there are potential problems with data integrity or with programming. - A workaround was developed to ensure that income taxes were consolidated and paid to appropriate state and local governments. NBC/PS staff who performed this consolidation effort said that the workaround takes approximately 40 hours of personnel time per biweekly pay period to complete. In comparison, this same function took about 1 hour of personnel time to complete as part of PAY/PERS, the replaced system. - A workaround was developed to ensure that the Supplemental Semiannual Headcount Report submitted to the Office of Personnel Management was accurate. One field in this report is a count of all employees in an agency. FPPS was not programmed to calculate this field correctly; therefore, NBC/PS personnel had to manually determine the number of employees and correct a paper copy of the report. We found, however, that the headcount information for the Department of the Interior reported to the Office of Personnel Management for August1999 was incorrect. Office of Management and Budget Circular A-127, "Financial Management Systems," describes a "mixed system" (such as FPPS) as an "information system that supports both financial and non-financial functions of the Federal government or components thereof." The Circular further states that "financial management systems must be in place to process and record financial events effectively and efficiently, and to provide complete, timely, reliable and consistent information." NBC/PS management said, however, that there were no plans for the immediate future to program functions in FPPS that are performed through workarounds because this may not be cost effective. We were not provided documentation to support that it was not cost effective to implement these FPPS changes. As a result, there was an increased risk that NBC/PS was not processing payroll transactions efficiently and effectively and may therefore not have been in compliance with Office of Management and Budget Circular A-127. There was also an increased risk that NBC/PS was not reporting accurate data. Security Policies NBC/PS management had not developed all the security policies necessary for FPPS and APS. Specifically, security policies had not been developed to adequately protect the NBC/PS telecommunications networks, sensitive data sent through electronic mail, and spreadsheets that support adjustments to FPPS data. In addition, security policies did not include an incident response plan and team, adequate preparation to recover critical functions and processes in the event of a disaster or a system failure, and assurance that risks were adequately assessed and managed. Further, system certifications, which certify that adequate security safeguards have been installed and imply the acceptance of risk, were not adequate, and system security plans had not been developed. Areas needing improvement in NBC/PS's security policies, plans, and practices are described as follows: - Although NBC/PS had an informal firewall policy, which helped to ensure that its telecommunications networks were secure from probes and attacks from unauthorized users, NBC/PS did not have an overall site security policy. National Institute of Standards and Technology Special Publication 800-10, "Keeping Your Site Comfortably Secure: An Introduction to Internet Firewalls," states that a stand-alone policy "concerning only the firewall is not effective" because what is needed is a "strong site security policy." NBC/PS management did not ensure that a site security policy was developed and implemented. Without a site security policy, there was an increased risk that NBC/PS telecommunications networks would not be adequately protected from unapproved access, misuse, or denial of service. - NBC/PS did not have an adequate electronic mail usage policy for its employees and contractors to ensure that proprietary data, such as bank account and social security numbers, were sent to and accessed only by authorized individuals. Request for Comments 1244, "Site Security Handbook," referred to in National Institute of Standards and Technology Publication 800-10, states: There may be levels of responsibility associated with a policy on computer security. At one level, each user of a computing resource may have a responsibility to protect his account. A user who allows his account to be compromised increases the chances of compromising other accounts or resources. . . . If the people you grant privileges to are not accountable, you run the risk of losing control of your system and will have difficulty managing a compromise in security. Additionally, Office of Management and Budget Circular A-130, "Management of Federal Information Resources," states that agencies will "consider the effects of their actions on the privacy rights of individuals, and ensure that appropriate legal and technical safeguards are implemented." Although an electronic mail usage policy had not been developed, NBC/PS management said that a policy would be developed. By not having an adequate electronic mail usage policy, there was an increased risk that in the event of a security violation, NBC/PS management would not be able to show that their policy had been violated and therefore would have no recourse against the employees commensurate with the violation. - NBC/PS had no security policies to adequately protect the data in spreadsheets used to support adjustments to FPPS data. Spreadsheets were developed to ensure that, on a case-by-case basis, Federal employees were paid correctly. We found that spreadsheet formulas, which were complex, were not protected from unauthorized changes; a management official was not held responsible for maintaining and updating the spreadsheets; spreadsheet formulas were not certified by managers responsible for ensuring data accuracy; and resultant payroll corrections were not approved prior to updating FPPS. National Institute of Standards and Technology Special Publication 500-171, "Computer User's Guide to the Protection of Information Resources," states, "In some cases, data is far more sensitive to accidental errors or omissions that compromise accuracy, integrity, or availability." Because formulas could become obsolete and data entry errors could be made and not be detected timely, there was an increased risk that employees could be paid incorrectly. During our review, NBC/PS management implemented policies and procedures that protected spreadsheet formulas from unauthorized changes, that established a process for revising and developing spreadsheets, and that provided for a third-party review of data being entered into FFS. - NBC/PS did not have an incident response plan and a team to respond timely and efficiently to information system security incidents if an incident was caused by a computer virus, other malicious code, or a system intruder (either an authorized user performing an unauthorized act or an unauthorized user). Appendix III, "Security of Federal Automated Information Resources," of Office of Management and Budget Circular A-130 states: When faced with a security incident, an agency should be able to respond in a manner that both protects its own information and helps to protect the information of others who might be affected by the incident. To address this concern, agencies should establish formal incident response mechanisms. NBC/PS management did not ensure that an incident response plan and a team were in place. Without an incident response plan and a team, there was an increased risk that security incidents would not be identified and, if identified, would not be addressed quickly and efficiently. - NBC/PS management did not have an adequate disaster recovery plan for APS processing in the event of a disaster or a system failure. Appendix III of Office of Management and Budget Circular A-130 requires agencies to establish a comprehensive contingency plan and periodically test the capability to continue providing services and perform an agency function. Also, the Department of the Interior's "Automated Information Systems Security Handbook" mandates off-site storage for "all AIS [automated information systems] installations providing critical support to the organization's mission." We found that a disaster recovery plan was developed for APS; however, the plan did not reflect the APS current environment, identify a specific location for APS to operate and connect to FPPS, and include an off-site location that is at least 1 mile from NBC/PS. As a result, there was an increased risk that all NBC/PS critical personnel and payroll processes supported by APS would not continue in the event of a disaster or a system failure. - NBC/PS had performed its most recent risk assessments for FPPS and APS during fiscal year 1997. These risk assessments were not updated to reflect the current operational environments. During fiscal years 1997 to 1999 (through July 1999), FPPS software had been changed 13 times. The 1997 risk assessment for APS identified the system as a front- end processor for PAY/PERS rather than as the current general support system of POD. The risk assessments also did not address (1) all risks associated with FPPS and APS, (2) the selection of safeguards to mitigate risks, and (3) the acceptance of residual risk. Appendix III of Office of Management and Budget Circular A-130 states, "While formal risk analyses need not be performed, the need to determine adequate security will require that a risk-based approach be used." Appendix III further states, "The scope and frequency of the review should be commensurate with the acceptable level of risk for the system." Also, National Institute of Standards and Technology Special Publication 800-12, "An Introduction to Computer Security: the NIST Handbook,"addresses the selection of safeguards to mitigate risk and the acceptance of residual risk. Risk assessments had not been performed since fiscal year 1997 because NBC/PS management stated that risk assessments are required only every 3 years by Appendix III of Office of Management and Budget Circular A-130. Without considering current operational environments and identifying all significant threats and vulnerabilities, the risk was increased that the most appropriate and cost-effective security measures needed to adequately protect the sensitive data maintained in FPPS and APS would not be implemented. - NBC/PS had system certifications for FPPS and APS; however, the certifications were not signed by the appropriate responsible management official. NBC/PS had a "Sensitive Computer System Security Certification," which was signed by the manager responsible for development and maintenance of FPPS, and a "Sensitive AIS Security Certification Statement" on file for APS, which was signed by the manager responsible for APS daily operations. The Departmental Manual (375 DM 19) states that the management official responsible for application and system certification has the authority to accept the security safeguards and must possess authority to allocate the resources necessary to achieve acceptable security and to remedy security deficiencies. NBC/PS management stated that they believed the certifications were appropriate. However, we believe that the responsible management official should be at a level that is not directly involved with system development and maintenance or daily operations. - NBC/PS did not have a system security plan for APS that was applicable to its current operating environment as a stand-alone system residing on a server rather than a front-end processor for PAY/PERS. A security plan is required by 5 U.S.C. 552a to be developed for each Federal computer system that contains sensitive information. Also, National Institute of Standards and Technology Special Publication 800-18, "Guide for Developing Security Plans for Information Technology Systems," states that a computer security plan "is to provide an overview of the security requirements of the system and describe the controls in place or planned for meeting those requirements" and is to be designed to assist agencies in addressing the protection of systems to help ensure the systems' integrity, availability, and confidentiality. NBC/PS management said that the current version of the security plan was adequate. Without a security plan that is applicable to the APS operating environment, NBC/PS had little assurance that the current plan would address all of the management, operational, and technical controls necessary to protect the sensitive APS data. - During our review, we used Internet Scanner software to determine whether NBC/PS's network had security vulnerabilities. Using the software, significant security vulnerabilities within NBC/PS's network were identified. We provided NBC/PS management with a list of the vulnerabilities, and NBC/PS management said that they would correct the deficiencies. At the same time, NBC/PS was also reconfiguring its network to improve security. Subsequent to NBC/PS's correcting its network deficiencies and reconfiguring its network, NBC/PS requested that we reuse Internet Scanner software to determine whether NBC/PS's network security had been improved. In reusing the software, we found that NBC/PS's network vulnerabilities had been significantly reduced. Internal Controls NBC/PS did not ensure that controls over changes to FPPS and APS application software were adequate and that duties were adequately separated for APS application programmers. These internal control issues are discussed as follows: - Change management controls over FPPS and APS application software were not adequate. Specifically, NBC/PS management had not ensured that (1) controls were in place over the FPPS emergency library, (2) controls were in place over FPPS and APS to ensure that all changes were authorized and appropriate, (3) all users who requested changes to FPPS were involved with testing to ensure that their requirements were met, and (4) adequate testing was performed prior to implementing each FPPS change release. Although FPPS personnel performed testing for each release of FPPS and had performed mini-regression testing for the latest release, system testing had not been performed for FPPS releases. Federal Information Processing Standards Publication 106 states: Testing standards and procedures should define the degree and depth of testing to be performed and the disposition of test materials upon successful completion of the testing. Whenever possible, the test procedures and test data should be developed by someone other than the person who performed the actual maintenance of the system. Testing is a critical component of software maintenance. As such the test procedures must be consistent and based on sound principles. The test plan should define the expected output and test for valid, invalid, expected, and unexpected cases. The test should examine whether or not the program is doing what it is supposed to do. Also, prudent business practices require that custom-developed software be coded, tested, and accepted by users and management prior to moving the software into production. These practices should include unit testing to ensure that the changed software works properly when tested in isolation, systems testing to ensure that the changed software works when it is integrated with the total system, and integration testing to ensure that the total system works in the desired operating environment. Without adequate controls over change management, there was an increased risk that critical software changes would not be made and that the applications would not perform as required by the users. - NBC/PS management did not ensure that separation of duties was adequate for APS. Specifically, application programmers responsible for developing and making code changes to APS software were also responsible for moving these changes into production. Appendix III of Office of Management and Budget Circular A-130 requires that security controls of personnel include separation of duties. Appendix III and National Institute of Standards and Technology Special Publication 800-12 define separation of duties as the division of roles and responsibilities and of steps in a critical function so that no one individual can undermine a critical process. Duties were not adequately separated because NBC/PS management did not have policies and procedures to ensure that APS application programmers' duties were adequately separated. As a result, there was an increased risk that inappropriate actions by application programmers would not be detected timely and that accidental or intentional actions by programmers could threaten the integrity of APS data and could interrupt processing. Recommendations We recommend that the Director, NBC: 1. Develop, implement, and maintain a strategic plan for NBC that includes personnel and payroll processing and operations. 2. Evaluate the necessity for workarounds that are used to supplement FPPS functions and determine whether these workarounds are more cost effective than adding these required functions to FPPS. 3. Develop, implement, and maintain a site security policy for NBC/PS. 4. Develop, implement, and maintain an electronic mail usage policy. 5. Document and maintain procedures to protect the data in spreadsheets and to review results from the spreadsheets that are used to update FPPS data. 6. Develop, implement, and maintain a formal incident response plan and team. 7. Ensure that NBC/PS contingency planning addresses APS processing in the event of a disaster or a system failure. 8. Perform risk assessments of FPPS and APS that represent the current operating environments and ensure that all risks and vulnerabilities are identified, the risks are reduced to an acceptable level, and any residual risks are accepted by senior-level management officials. 9. Ensure that system certifications for FPPS and APS are signed by senior-level management officials. 10. Develop an APS system security plan that reflects the current operating environment. 11. Document and implement policies and procedures to ensure that changes to FPPS and APS are authorized and appropriate and are adequately tested and that users are involved in testing. 12. Develop and implement policies and procedures to ensure that duties are adequately separated for APS application programers. NBC Response and Office of Inspector General Reply In the September 1, 2000 response (Appendix 2) to the draft report from the Director of NBC, NBC concurred with the 12 recommendations. Based on the response, we consider Recommendations 5, 6, 8, 9, 10, 11, and 12 resolved and implemented and Recommendations 1, 2, 3, 4, and 7 resolved but not implemented. Accordingly, the unimplemented recommendations will be forwarded to the Assistant Secretary for Policy, Management and Budget for tracking of implementation (see Appendix 3). Additional Comments on Report In its response, NBC also provided additional comments on the report. We incorporated most of the changes as appropriate. However, our replies to NBC's specific comments on workarounds and internal controls are discussed in the paragraphs that follow. Workarounds. NBC stated that it did "not perceive the POD200 report to be a 'workaround' . . . but as a system assurance report to check data variances." The draft report did not state that the POD 200 report was the workaround. The workaround we discussed is the manual process to reconcile the POD 200 report to the Labor Cost File. The manual reconciliation has to be performed following each pay period and involves not only NBC/PS personnel but also NBC/PS's clients. NBC also stated that it did not believe the facts in the draft audit report supported our conclusion that because NBC/PS uses workarounds, it may not be processing payroll transactions efficiently and effectively in accordance with Office of Management and Budget Circular A-127 and it may not be reporting accurate data. In our opinion, NBC/PS's using workarounds does not ensure that FPPS is working efficiently and effectively to record financial events as required by Office of Management and Budget Circular A-127 and does not ensure data accuracy. For example, we found that for fiscal years 1998 and 1999, the Supplemental Semiannual Headcount Report submitted to the Office of Personnel Management contained inaccurate data in spite of the manual efforts to correct the Headcount Report. Internal Controls. NBC said that we were "not accurate" in stating that system testing for FPPS releases (changes to FPPS) had not been performed. NBC further said that it believed the automated compares that were transferred to FPPS in 1999 when the conversions of clients' data to FPPS were completed satisfied the need for system testing. Although the automated compares were transferred to FPPS after being tested, we do not believe that this process ensures that all FPPS releases have undergone system testing. Since the report's recommendations are considered resolved, no further response to the Office of Inspector General is required (see Appendix 3). Section 5(a) of the Inspector General Act (5 U.S.C. app. 3) requires the Office of Inspector General to list this report in its semiannual report to the Congress. In addition, the Office of Inspector General provides audit reports to the Congress. APPENDIX 1 CLIENTS OF THE NATIONAL BUSINESS CENTER/PRODUCTS AND SERVICES FOR PERSONNEL AND PAYROLL SERVICES Department of the Interior: Bureau of Indian Affairs Bureau of Land Management Bureau of Reclamation U.S. Geological Survey Minerals Management Service National Park Service Office of Aircraft Services Office of Inspector General Office of Surface Mining Reclamation and Enforcement Office of the Secretary U.S. Fish and Wildlife Service Advisory Council on Historic Preservation African Development Foundation Commission of Fine Arts Department of Education Executive Residence/White House Federal Labor Relations Authority Federal Trade Commission Harry S. Truman Scholarship Foundation Inter-American Foundation International Trade Commission James Madison Memorial Fellowship Foundation National Commission of Libraries & Information Science National Education Goals Panel Overseas Private Investment Corporation Pension Benefit Guaranty Corporation Presidio Trust Securities and Exchange Commission Selective Service System Social Security Administration Trade and Development Agency U.S. Holocaust Memorial Council Utah Reclamation Mitigation Conservation Commission