Archive

Archive for the ‘U.S. Postal Service’ Category

Protecting Mail Covers in Law Enforcement Investigations

October 28, 2014 Comments off

Protecting Mail Covers in Law Enforcement Investigations
Source: U.S. Postal Service, Office of Inspector General

The outside of an envelope can be an effective tool in law enforcement investigations. In fiscal year 2013 alone, the Postal Inspection Service processed about 49,000 mail covers that were used to protect national security, locate fugitives, obtain evidence, or help locate stolen property.

But significant privacy issues govern the handling of mailpieces and the information on them. For that reason, the Postal Service and Postal Inspection Service must follow detailed procedures before allowing a mail cover.

The U.S. Postal Service Office of Inspector General recently reviewed 196 external mail covers and found some controls lacking. For example, 21 percent of the covers we examined were approved without the required written authorization and 13 percent were not adequately justified. Inadequate controls could impede investigations, raise public concerns about the privacy of the mail, and harm the Postal Service’s brand. The OIG made a number of recommendations to improve the management and integrity of the mail cover program.

About these ads

New From the GAO

October 27, 2014 Comments off

New GAO Report
Source: Government Accountability Office

U.S. Postal Service: Information on Recent Changes to Delivery Standards, Operations, and Performance. GAO-14-828R, September 25.
http://www.gao.gov/products/GAO-14-828R

CRS — The U.S. Postal Service’s Financial Condition: A Primer (September 22, 2014)

October 2, 2014 Comments off

The U.S. Postal Service’s Financial Condition: A Primer (PDF)
Source: Congressional Research Service (via Federation of American Scientists)

Since 1971, the U.S. Postal Service (USPS) has been a self-supporting government agency that covers its operating costs with revenues generated through the sales of postage and related products and services.

The USPS is experiencing significant financial challenges. After running modest profits from FY2003 through FY2006, the USPS lost $45.6 billion between FY2007 and FY2013. Since FY2011, the USPS has defaulted on $16.7 billion in payments to its Retiree Health Benefits Fund (RHBF). The agency reached its $15 billion borrowing limit in FY2012 and did not reduce its total debt in FY2013. In October 2012, the USPS bolstered its liquidity by withdrawing all of the cash from its competitive products fund. This fund has not been replenished since that time.

While the financial condition of the postal service slightly improved in FY2013, both revenues and expenses have increased through the first three quarters of FY2014. Compared with the same point in FY2013, expenses are $1.4 billion higher while revenues have increased by $1.0 billion.

The USPS’s recent financial difficulties are partially the product of reduced demand. The agency has experienced a 21.7% drop in mail volume during the past 10 years. Additionally, during the past decade the “mail mix” has shifted. A growing portion of the mail is advertising mail, which yields low profits. Concurrently, the annual volume of first-class letters, which are highly profitable, has been dropping steadily, at least in part due to mailers shifting to electronic communications. As a result, the Postal Service’s revenues in FY2013 were lower than they were in FY2004. Additionally, the Postal Service’s liquidity has decreased and its debt has increased because of the statutorily mandated payments that must be made to the RHBF each year.

This report discusses these issues in more detail, and it will be updated after the USPS releases its FY2014 year-end financial results in November 2014 and in the interim should there be any significant developments.

USPS OIG — Mail Innovations

September 30, 2014 Comments off

Mail Innovations
Source: U.S. Postal Service, Office of Inspector General

Despite the sharp increase in digital communications in recent years, mail still elicits a strong connection with recipients. Past work by the U.S. Postal Service Office of Inspector General (OIG) reveals that mail is a critical piece of an omnichannel strategy, which gives consumers a seamless and meaningful experience across a variety of media channels and provides marketers with a rich source of useful information. Now, more than ever, advertising campaigns must compete for recipients’ attention, as people are exposed to hundreds, if not thousands of advertisements on a daily basis. To give consumers of all ages advertising messages that are relevant, interesting, and dynamic, mailers can incorporate a number of innovations into their mailpieces. These innovations can allow the marketing message to stand out, either by providing additional content in an easily accessible digital space, incorporating handy electronics into the mailpiece, or using unique materials and design to capture the reader’s attention.

This paper provides an overview of ten mail innovations that range from commonly used and well-known tools to some that are still emerging, and even one that is still in the research and development phase. The OIG interviewed companies that create and support these innovations to learn more about them and what they can do to strengthen a mail campaign. These innovations can be more effective engaging customers and garnering a positive response, either in terms of recipient feedback or sales metrics.

USPS OIG — Management of Cloud Computing Contracts and Environment

September 10, 2014 Comments off

Management of Cloud Computing Contracts and Environment (PDF)
Source: U.S. Postal Service, Office of Inspector General

Background
The Council of Inspectors General on Integrity and Efficiency asked inspectors general in the federal community to participate in an audit of cloud computing contracts. Cloud computing provides on-demand network access to shared resources that can be rapidly released and allows customers to take advantage of cutting edge technologies at a reduced cost. Hosted services are offered by providers that host physical servers in a different location. The audit was designed to provide insight on how well the federal government is protecting data and its progress in moving towards cloud computing.

As a participant in this audit, our objectives were to determine if the U.S. Postal Service’s cloud service contracts comply with applicable standards and evaluate management’s efforts to adopt cloud computing technologies.

What the OIG Found
The Postal Service’s cloud computing contracts did not comply with all applicable Postal Service’s standards. Specifically, the Postal Service has not defined “cloud computing” and “hosted services,” established an enterprise-wide inventory of cloud computing services, required suppliers and their employees to sign non-disclosure agreements, or included all required information security clauses in its contracts.

In addition, management did not appropriately monitor applications to ensure system availability. Management also did not complete the required security analysis process for three cloud services reviewed and did not follow Postal Service policy requiring cloud service providers to meet federal government guidelines. This occurred because no group is responsible for managing cloud services, and personnel were not aware of all policy and contractual obligations.

Without proper knowledge of and control over applications in the cloud environment, the Postal Service cannot properly secure cloud computing technologies and is at increased risk of unauthorized access and disclosure of sensitive data. We claimed $33,517,151 in contractual costs for the Postal Service not following their policy and contract requirements.

What the OIG Recommended
We recommended management define “cloud computing” and “hosted services,” develop an inventory of cloud services, monitor suppliers and require them to be certified, and revise contracts to include security clauses. We also recommended management evaluate best practices for cloud computing contracts, complete the security analysis process, and ensure compliance with non-disclosure clauses.

USPS OIG — eCommerce Customer Registration

August 28, 2014 Comments off

eCommerce Customer Registration (PDF)
Source: U.S. Department of Health and Human Services, Office of Inspector General

Background
The U.S. Postal Service’s Customer Registration application allows customers to create accounts through USPS.com to purchase products and services through over 40 eCommerce applications such as Every Door Direct Mail, Premium Forwarding Service, Click-N-Ship, and the Postal Store. Customers must provide personally identifiable information to create an account. There were over 24 million Customer Registration users as of June 2014 and revenue totaled about $1.2 billion in fiscal year (FY) 2013.

Our objective was to determine the effectiveness of controls used to safeguard the eCommerce Customer Registration process and reduce online credit card fraud.

What the OIG Found
Controls used to safeguard the eCommerce Customer Registration process and reduce online credit card fraud need improvement. Management has not established a threshold for fraud-related chargebacks (transactions rejected by credit card companies) for the four eCommerce applications in our review. As a result, management cannot objectively measure when to increase oversight and controls to reduce fraud.

Of the four applications, Click-N-Ship’s credit card fraud-related loss of $4.6 million was above the industry’s recommended threshold for acceptable levels of credit card fraud in FY 2013. In addition, management did not always ensure all credit card company chargebacks were validated.

Further, seven of the eight Customer Registration controls we tested worked as management intended. However, we identified one vulnerability that could permit a cyber criminal to impersonate a valid user and obtain postage using stolen credit card data. Finally, we did not identify any critical or high-risk vulnerabilities when conducting over 3,000 additional tests of the USPS.com login page.

What the OIG Recommended
We recommended management establish a threshold for credit card fraud and develop a policy defining chargeback roles and responsibilities. We also recommended management maintain chargeback research results from all eCommerce managers and configure eCommerce applications to prevent the noted security vulnerability.

USPS OIG — Geo-Fence Technology in Delivery Operations

August 20, 2014 Comments off

Geo-Fence Technology in Delivery Operations (PDF)
Source: U.S. Postal Service, Office of Inspector General

Background
The U.S. Postal Service is developing and pilot testing the Delivery Management System to improve carrier efficiency during street delivery. This system combines Global Positioning System data and other data from various systems to allow supervisors to see “at a glance” the location of each carrier and whether they are ahead of or behind their scheduled delivery time. These scheduled delivery times are based on each routes’ base evaluation and the associated Managed Service Point scan times on each route.

This system will also include geo-fence technology to assist supervisors in monitoring delivery operations. Geo-fence technology is a system based on the concept of virtual geographic zones. Should a carrier deviate from his or her designated geographic zone during street delivery, an alert is sent to the supervisor in an email or text message. The geo-fence component of the pilot program was expected to begin in July 2014. There are seven planned test sites consisting of one delivery unit in each of the seven Postal Service areas of operation.

Our objective was to assess the Postal Service’s efforts to implement geo-fence technology in delivery operations.

What the OIG Found
The Postal Service’s planned use of geo-fence technology in the delivery environment is a proactive way to increase carrier visibility to aid street management.

However, we identified an inaccuracy in the Delivery Management System. Specifically, projected scan times are not adjusted for authorized route deviations when carriers are assigned deliveries on portions of additional routes. This occurs because the Postal Service has not updated the Delivery Management System for these authorized route deviations. Management planned to address this scan variance issue in April 2014; but, as of June 2014, had not finalized the adjustments.

Inaccurate scan variance data may cause supervisors to react to carrier delays that are actually justified based on their daily delivery assignment.

What the OIG Recommended
We recommended the vice president, Product Information, modify the Delivery Management System software to capture adjustments for time and location projections when carriers are assigned deliveries on more than one route prior to nationwide implementation of the Delivery Management System.

Follow

Get every new post delivered to your Inbox.

Join 944 other followers