If 28 C.F.R. 50.2(b)(9) remains valid Department policy, we recommend that the Department require that requests to the Attorney General or Deputy Attorney General for approval to release information otherwise prohibited from disclosure and any approval to release such information pursuant to 50.2(b)(9) be documented.

We recommend that the Department consider revising its White House communications policy to clarify what information can be disclosed to the White House in situations where the policy permits communication about a contemplated or pending civil or criminal investigation.

Require the Critical Incident Response Group (CIRG) to perform a formal evaluation of the personnel and financial resources required to meet anticipated future demand for Violent Criminal Apprehension Program (ViCAP) services and provide the results to FBI executive leadership. In response to this evaluation, FBI executive leadership should determine whether to allocate the personnel and financial resources, and/or potentially leverage other similar programs and activities within the FBI, necessary to meet ViCAP's anticipated needs.

Develop a comprehensive strategic plan for ViCAP that accounts for both the resources available to ViCAP and also the anticipated short-term and long-term changes in demand for ViCAP's services. This plan should specifically identify necessary improvements to ViCAP's information technology and quality control functions.

Using the strategic plan developed in response to Recommendation 2, establish and maintain comprehensive and meaningful performance metrics, including a mechanism for capturing and evaluating customer feedback, program reach, and active participation, to better assess the value and effectiveness of ViCAP.

Ensure that there is a process for employees to file a retaliation claim with the OIG when a security clearance review or suspension lasts longer than 1 year

Analyze whether and under what circumstances its policies permit identifying and removing sensitive items from a crime scene, whether the crime scene is managed by the FBI or another law enforcement agency, particularly following an agent- or officer-involved shooting;

Develop guidelines for identifying and removing sensitive items, including appropriate documentation requirements and standards for involvement by agents involved in or witnesses to a shooting

Conduct training of FBI HRT and SWAT units to ensure that these standards are consistently implemented and followed.

Ensure the Ohio AG's subaward packages include all current, required grant information.

Require the Ohio AG to bring into alignment its subrecipient risk assessment policy and the tool designed to assess subrecipient risk.

Ensure the Ohio AG revises its financial policies and procedures to help ensure adequate administration of federal award funds and that all relevant personnel are aware of these policies. In particular, the financial policies and procedures should cover, at a minimum: (1) completing appropriate Subgrant Award Report (SAR) submissions; (2) drawdown-related reconciliation procedures, which ensure that funds are spent or returned to DOJ within 10 days of being drawn down; and (3) matching cost reporting on Federal Financial Reports (FFR) to help ensure the information reported is reconciled to supporting data, reviewed by appropriate personnel, and that data supporting the amounts reported is maintained.

Ensure the Ohio AG develops a mechanism to complete subrecipient monitoring timely and in accordance with its policy.

Require the Ohio AG to develop a plan to conduct a site visit and/or desk review of those subrecipients that did not receive a review in the past 24 months, as required, with priority given to those subrecipients that did not receive a site visit and/or desk review within our audit scope.

Remedy the $68,674 in unsupported subrecipient personnel expenditures.

Coordinate with the Ohio AG to ensure that the Ohio AG properly executes financial and programmatic monitoring of its subrecipients in compliance with Ohio AG policies and forms, to include that supporting documentation of each monitoring activity is collected, reviewed, and maintained.

[Description omitted; DOJ has determined that this recommendation contains information that is limited official use or classified.]

[Description omitted; DOJ has determined that this recommendation contains information that is limited official use or classified.]

[Description omitted; DOJ has determined that this recommendation contains information that is limited official use or classified.]

[Description omitted; CSOSA has determined that this recommendation contains information that is limited official use or classified.]

[Description omitted; CSOSA has determined that this recommendation contains information that is limited official use or classified.]

[Description omitted; CSOSA has determined that this recommendation contains information that is limited official use or classified.]

[Description omitted; CSOSA has determined that this recommendation contains information that is limited official use or classified.]

[Description omitted; CSOSA has determined that this recommendation contains information that is limited official use or classified.]

[Description omitted; CSOSA has determined that this recommendation contains information that is limited official use or classified.]

[Description omitted; CSOSA has determined that this recommendation contains information that is limited official use or classified.]

[Description omitted; CSOSA has determined that this recommendation contains information that is limited official use or classified.]

[Description omitted; DOJ has determined that this recommendation contains information that is limited official use or classified.]

[Description omitted; DOJ has determined that this recommendation contains information that is limited official use or classified.]

[Description omitted; DOJ has determined that this recommendation contains information that is limited official use or classified.]