Auditors cite progress on SBA management challenges

The Small Business Administration made significant progress in boosting oversight of two lending programs in fiscal 2006 and improved its financial reporting and information technology security, according to a report from the agency's inspector general.

The IG's summary of the top 10 management challenges SBA faces in fiscal 2007 listed recent progress in nine of the 10 areas identified, though four areas had seen slippage over the past year as well. Overseers analyzed agency action on a series of specific recommendations in each area, rating the agency on progress.

The one area where auditors did not cite progress was that of addressing "procurement flaws" that allow large businesses to obtain contracts set aside for small firms.

Earlier this month -- and well after the Sept. 30 end of the fiscal year reflected in the report -- SBA announced the finalization of a rule change proposed more than three years ago to tighten recertification requirements for businesses registered as small. Auditors noted that the original proposal was to reassess company certifications annually, and said they would evaluate the issue in light of the final rule, which calls for reassessments five years into a contract and whenever an option is exercised thereafter.

The IG recommended that each order under a General Services Administration schedule contract trigger a check of a company's size status, and that SBA more closely monitor the training that agencies provide on small business contracting procedures. The inspectors also suggested that the agency promote accuracy in contractor certifications and implement a plan to ensure accurate reporting of small business awards across government.

The IG report detailed significant progress in bolstering oversight of lenders participating in SBA loan programs through the establishment of a monitoring system that reflects potential and real risks portfoliowide, as well as for each lender and loan.

Despite clarifications of the responsibilities of SBA's Office of Lender Oversight, though, the report called on the agency to improve its operation by developing consistent procedures and ensuring follow-up when a review shows unsatisfactory lender ratings.

The report noted significant progress in financial management and reporting, and said remaining goals have been clarified to underline the need for procedures and policies that ensure accurate, timely financial reports.

The report also recognized advances in several IT areas, including security program controls and access controls. But auditors noted that the resources available to maintain systems, manage IT security and security training, and provide technical support are "below what is generally necessary for an entity the size of SBA." They said resource shortages drain an already weak IT security program, and promised that additional audit work would spotlight the area.