![[logo] US EPA](https://webarchive.library.unt.edu/eot2008/20090510125311im_/http://www.epa.gov/epafiles/images/logo_epaseal.gif){kind=logo}
Inspector General Operations Reporting (IGOR) Investigations Module
I. Data in the System
Generally describe what data/information will be collected in the system.
IGOR Investigation Module tracks information on Investigations conducted by the Office of Investigations, EPA Office of Inspector General. The IGOR Investigations Module assists OIG's senior management in planning and assessing OIG investigative activities and links these activities to the strategic plan, budget, and performance.
What are the sources and types of the information in the system?
The sources and types of information in IGOR are 1) investigative
How will the data be used by the Agency?
The Agency uses the Audit reports information to review the efficiency of its programs and operations and to prepare their Congressional mandated reporting regarding completed OIG Audits.
Why is the information being collected? (Purpose)
The IGOR system supports the EPA mission, strategic goals, and objectives by improving the performance and integrity of EPA programs and operations through effective internal management and fiscal responsibility by managing for results. The OIG uses the Inspector General's Operations and Reporting System to provide its reporting function on the efficiency of EPA programs and operations. Also, IGOR is used to gather information the OIG is mandated to report to Congress semi-annually.
II. Access to the Data
Who will have access to the data/information in the system (internal and external parties)? If contractors, are the Federal Acquisition Regulations (FAR) clauses included in the contract (24.104 Contract clauses; 52.224-1 Privacy Act Notification; and 52.224-2 Privacy Act)?
The IGOR System will only be accessed by internal OIG staff.
What controls are in place to prevent the misuse of data by those having authorized access?
The IGOR has a current security review plan that discusses the system's operational access, technical and management controls. A Technical Vulnerability Assessment is performed on this as applicable. The OIG Information Security Officer will handle all life cycle processes of security for this investment.
Do other systems share data or have access to data/information in this system? If yes, explain who will be responsible for protecting the privacy rights of the individuals affected by the interface? (i.e., System Administrators, System Developers, System Managers)
Yes. The OIG System Administrator (s), Systems Manager (s) and OIG staff have access to the data in this system. The privacy rights of the individuals are protected by the IGOR database/system administrator.
Will other agencies, state or local governments share data/information or have access to data in this system? (Includes any entity external to EPA.)
No.
Do individuals have the opportunity to decline to provide information or to consent to particular uses of the information? If yes, how is notice given to the individual? (Privacy policies must clearly explain where the collection or sharing of certain information may be optional and provide users a mechanism to assert any preference to withhold information or prohibit secondary use.)
No.
III. Attributes of the Data
Explain how the use of the data is both relevant and necessary to the purpose for which the system is being designed.
The data in IGOR is used by senior management to evaluate the work performed and planned by the organization. Also, IGOR is used to meet all legally mandated report requirements.
If data are being consolidated, what controls are in place to protect the data from unauthorized access or use? Explain.
Data is not consolidated.
If processes are being consolidated, are the proper controls remaining in place to protect the data and prevent unauthorized access? Explain.
Processes are not being consolidated
How will data be retrieved? Can it be retrieved by personal identifier? If yes, explain. (A personal identifier is a name, Social Security Number, or other identifying symbol assigned to an individual, i.e. any identifier unique to an individual.)
IGOR assignments which contain the data fields can be retrieved by Assignment Number, a unique identifier assigned by the system to each assignment upon creation. An assignment can in some cases by retrieved by name, and Social Security Number using the IGOR menus.
What achievements of goals for machine readability have been incorporated into this system? Where is the policy stated? (Machine readable technology enables visitors to easily identify privacy policies and make an informed choice about whether to conduct business with that site.)
IGOR is not web enabled.
IV. Maintenance of Administrative Controls
Has a record control schedule been issued for the records in the system? If so, provide the schedule number. What are the retention periods for records in this system? What are the procedures for eliminating the records at the end of the retention period? (You may check with the record liaison officer (RLO) for your AA-ship, Tammy Boulware (Headquarters Records Officer) or Judy Hutt, Agency Privacy Act Officer, to determine if there is a retention schedule for the subject records.)
See the following web link for the IGOR Record Control Schedule.
http://www.epa.gov/records/policy/schedule/sched/707.htmWhile the data are retained in the system, what are the requirements for determining if the data are still sufficiently accurate, relevant, timely, and complete to ensure fairness in making determinations?
Quality checks are made from the initial gathering of information until the closing of the IGOR assignment to ensure that all information is accurate and complete.
Will this system provide the capability to identify, locate, and monitor individuals? If yes, explain.
No.
Does the system use any persistent tracking technologies?
No.
Under which System of Records (SOR) notice does the system operate? Provide the name of the system and its SOR number if applicable. A list of Agency SORs are posted at http://www.epa.gov/privacy/notice/. (A SOR is any collection of records under the control of the Agency in which the data is retrieved by a personal identifier. The Privacy Act Officer will determine if a SOR is necessary for your system.)
Inspector General's Operation and Reporting (IGOR) System Investigative Files - EPA-40. Inspector General's Operation and Reporting (IGOR) System Audit, Assignment, and Timesheet Files - EPA-42.