As we all continue to work through these unprecedented times, we have pulled together some helpful information from the Federal Government and various state audit departments, along with national and state governmental associations. Based on the needs of your citizens and employees in the days, weeks, and possibly months ahead, please know that we are here as a resource to assist in navigating these unfamiliar waters.

RESOURCES RELATED TO COVID-19 INFORMATION, NEWS, AND UPDATES:

The Office of Management and Budget (OMB) has issued several memorandums of which the one below is of great interest to government entities for a variety of reasons, including the extension of the filing requirements relative to Single Audits. Please click the link below to read more.

Memorandum from the Executive Office of the President, Office of Management and Budget
This memorandum deals with administrative relief for recipients and applicants of federal financial assistance directly impacted by the coronavirus.

Local Governments Can Seek Coronavirus Relief From FEMA

Under the Presidential National Emergency Declaration, the Federal Emergency Management Agency (FEMA) is authorized to reimburse local governments for costs associated with “emergency protective measures” in response to the COVID-19 pandemic. These emergency protective measures are defined in Category B of the Public Assistance Program of the Stafford Act.

Emergency Protective Measures (Category B)

In accordance with the Presidential National Emergency Declaration, FEMA will reimburse local governments up to 75% of the cost for actions taken before, during, and after the COVID-19 pandemic to save lives, and to protect public health and safety. Examples of measures that may be eligible for reimbursement include, but are not limited to the following:

Warning of risks and hazards;
Emergency mass care;
Transportation, care, shelter, and essential needs for humans affected by the outbreak and spread of the COVID-19 pandemic;
Protection, security for an eligible facility and areas;
Provision of food, water, ice, and other essential items at central distribution points;
Temporary generators for facilities that provide health and safety services (this may include mobile health services);
Temporary facilities essential community services (this may include clinics and mobile health care units);
Emergency operations centers to coordinate and direct the response to the COVID-19 pandemic; and
Removal of health and safety hazards.

Congress and the Administration may approve additional reimbursements for expenses of other essential protective measures by passing supplemental appropriations bills or administrative actions.

FEMA has developed a Fact Sheet to provide additional guidance on the types of emergency protective measures that may be eligible under FEMA’s public assistance program. FEMA will not duplicate assistance provided by the U.S. Department of Health and Human Services (HHS), to include the Centers for Disease Control and Prevention (CDC), or other federal agencies.

What should local governments do?

Immediately contact your State designated Public Assistance (PA) Representative. If you don’t know who your State PA Representative is, you can contact your State Emergency Management Agency or the FEMA Regional Office that is responsible for coordinating FEMA assistance for your state.

Work with the State PA Representative and the FEMA Public Assistance Coordinator (PAC) Crew Leader who will be assigned to you to determine if facilities, work, and costs meet Public Assistance Program eligibility criteria under the Presidential National Emergency Declaration.

Work with the FEMA PAC to help guide you through the steps to obtaining funding. The FEMA PAC Crew Leader will advise you on eligibility issues, obtain specialists to assist with projects, and approve certain project costs.

One other reminder – document carefully and be sure your employees refresh their knowledge of FEMA procurement requirements, such as competitive bidding. Sole source contracts should be avoided as much as possible except in extreme circumstances. If a sole source contract is required, be sure to document carefully.

From the Georgia Department of Community Affairs:

Good afternoon, local government leaders:

Given the extenuating circumstances in which we find ourselves, the Department of Community Affairs (DCA) and the Department of Audits and Accounts (DOAA) are partnering to support local governments across Georgia as best we can.

To that end, municipal, county, and consolidated governments with FY2019 Audit Reports (due to DOAA) and FY2019 Report of Local Government Finance (due to DCA) deadlines of March 31, 2020-June 30, 2020 may request a combined 90-day hardship extension for both submissions. We are sharing this information with chief elected officials, City/County Managers, Clerks, and chief financial officers of local governments having a due date within this window.

This hardship extension includes reporting requirements to both the Georgia Department of Audits and Accounts and the Georgia Department of Community Affairs and applies only to fiscal year 2019 reporting. Specifically, these extensions apply to reports that have not yet reached their submission deadline. Any future extension requests should be made separately to the respective department.

To make this hardship extension request, your jurisdiction’s Chief Elected Official (Commission Chair, Mayor, etc.) should email locgov@audits.ga.gov no later than the existing deadline (six months after the conclusion of your jurisdiction’s FY19 end date).

Additional information regarding the DCA Report of Local Government Finance (RLGF) can be found at https://www.dca.ga.gov/local-government-assistance/research-surveys/report-local-government-finance-rlgf.

DCA remains committed to providing the support, resources, and guidance. Please be in touch with our office if there is any assistance we can provide you and your fellow local government leaders.

Cybersecurity and the COVID-19 Crisis

by Jameson Miller, CPA, Mauldin & Jenkins

As more of America’s workforce is forced to work remotely during the COVID-19 Crisis, it is imperative that Organizations stay aware of its specific Cybersecurity risks. Social Engineering is still a major threat while practicing social distancing/isolation directives.

Organization Cybersecurity:

Secure systems that enable remote access
- Ensure VPNs or other remote system are fully patched
- Enhance system/continuous monitoring to receive early detection and alerts on abnormal activity.
- Implement multifactor authentication where possible.
- Ensure all machines have properly configured firewalls, anti-malware and anti-intrusion software installed and up to date.
Test remote access solutions capacity, consider adding capacity if necessary.
Ensure continuity of operations plans and business continuity plans are up-to-date.
Increase awareness of information technology support mechanisms for employees working remotely.
Update incident response plans to consider workforce changes in a distributed environment.
Review the National Cyber Security Alliance’s COVID-19 Security Resource Library: https://staysafeonline.org/covid-19-security-resource-library/

Workforce / Consumers Cybersecurity:

Malicious actors will take advantage of public concern surrounding COVID-19 by conducting phishing attacks and disinformation campaigns. Phishing attacks often us a combination of email and bogus websites to trick victims into revealing sensitive information. Disinformation campaigns can spread discord, manipulate the public conversation, influence policy development, or disrupt markets.

Defending against Cybersecurity threats and scams –

Secure your Home network with WPA2/WPA3 Encryption and follow your Employer’s security policies and procedures.
Dispose of sensitive data securely.
Avoid clicking on links in unsolicited emails and be wary of email attachments.
Use trusted sources – such as legitimate, government websites for up to date information. See: www.coronavirus.gov; www.fda.gov; www.epa.gov; and www.cdc.gov.
Examine URL addresses closely for misspellings and proper domains (for example, an address that should end in “.gov” instead ends with “.com”, “.cc”, or something similar).
Do not reveal personal or financial information in email, and do not respond to solicitations for this information. Including usernames, passwords, date of birth, social security numbers, financial data, or any other personal information.
Verify charity authenticity before making donations.
Review the Cybersecurity and Infrastructure Security Agency’s tips on Avoiding Social Engineering and Phishing Attacks, see: https://www.us-cert.gov/ncas/tips/ST04-014
Review the Federal Trade Commission’s blog post on Coronavirus Scams, see: https://www.consumer.ftc.gov/blog/2020/02/coronavirus-scammers-follow-headlines
If you are victim of Internet scam or cybercrime, then visit the FBI’s Internet Crime Compliant Center: www.ic3.gov

Current Known Scams:

Fake CDC Emails
Phishing emails claiming to be charitable organizations, general financial relief, airline carrier refunds, fake cures and vaccines, and fake testing kits.
Robocalls / Phone calls to the same effect as Phishing emails above.
Netflix (or similar services) Text Message scams (see image at top right) capable of installing malicious programs on your mobile device.
Extortion emails threatening to infect you with Coronavirus.
Hoax phone calls from CDC asking people to reserve COVID-19 Vaccines
Scams promising $1K checks for economic relief.

Other Telework concerns and resources:

These are offered as additional resources designed to assist in helping make the leap from traditional office to virtual workspace easier and more secure.