diff --git a/app/controllers/followup_reports_controller.rb b/app/controllers/followup_reports_controller.rb
index f54db927c6..09524d1fef 100644
--- a/app/controllers/followup_reports_controller.rb
+++ b/app/controllers/followup_reports_controller.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 class FollowupReportsController < ApplicationController
   after_action :verify_authorized
 
diff --git a/app/controllers/mileage_reports_controller.rb b/app/controllers/mileage_reports_controller.rb
index 528ab9c3bd..a975eded58 100644
--- a/app/controllers/mileage_reports_controller.rb
+++ b/app/controllers/mileage_reports_controller.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "csv"
 
 class MileageReportsController < ApplicationController
diff --git a/spec/controllers/followup_reports_controller_spec.rb b/spec/controllers/followup_reports_controller_spec.rb
deleted file mode 100644
index 72ae9a7834..0000000000
--- a/spec/controllers/followup_reports_controller_spec.rb
+++ /dev/null
@@ -1,7 +0,0 @@
-require "rails_helper"
-
-RSpec.describe FollowupReportsController, type: :controller do
-  # TODO: Add tests for FollowupReportsController
-
-  pending "add some tests for FollowupReportsController"
-end
diff --git a/spec/controllers/mileage_reports_controller_spec.rb b/spec/controllers/mileage_reports_controller_spec.rb
deleted file mode 100644
index 93932aaead..0000000000
--- a/spec/controllers/mileage_reports_controller_spec.rb
+++ /dev/null
@@ -1,7 +0,0 @@
-require "rails_helper"
-
-RSpec.describe MileageReportsController, type: :controller do
-  # TODO: Add tests for MileageReportsController
-
-  pending "add some tests for MileageReportsController"
-end
diff --git a/spec/requests/followup_reports_spec.rb b/spec/requests/followup_reports_spec.rb
new file mode 100644
index 0000000000..7f8c417a5a
--- /dev/null
+++ b/spec/requests/followup_reports_spec.rb
@@ -0,0 +1,50 @@
+# frozen_string_literal: true
+
+require "rails_helper"
+
+RSpec.describe "FollowupReports", type: :request do
+  describe "GET /index" do
+    context "when the user has access" do
+      let(:admin) { build(:casa_admin) }
+
+      it "returns the CSV report" do
+        sign_in admin
+
+        get followup_reports_path(format: :csv)
+
+        expect(response).to have_http_status(:success)
+        expect(response.header["Content-Type"]).to eq("text/csv")
+        expect(response.headers["Content-Disposition"]).to(
+          match("followup-report-#{Time.current.strftime("%Y-%m-%d")}.csv")
+        )
+      end
+
+      it "adds the correct headers to the csv" do
+        sign_in admin
+
+        get followup_reports_path(format: :csv)
+
+        csv_headers = [
+          "Case Number",
+          "Volunteer Name(s)",
+          "Note Creator Name",
+          "Note"
+        ]
+
+        csv_headers.each { |header| expect(response.body).to include(header) }
+      end
+    end
+
+    context "when the user is not authorized to access" do
+      it "redirects to root and displays an unauthorized message" do
+        volunteer = build(:volunteer)
+        sign_in volunteer
+
+        get followup_reports_path(format: :csv)
+
+        expect(response).to redirect_to root_path
+        expect(response.request.flash[:notice]).to eq "Sorry, you are not authorized to perform this action."
+      end
+    end
+  end
+end
diff --git a/spec/requests/mileage_reports_spec.rb b/spec/requests/mileage_reports_spec.rb
new file mode 100644
index 0000000000..fc194b0ac6
--- /dev/null
+++ b/spec/requests/mileage_reports_spec.rb
@@ -0,0 +1,54 @@
+# frozen_string_literal: true
+
+require "rails_helper"
+
+RSpec.describe "MileageReports", type: :request do
+  describe "GET /index" do
+    context "when the user has access" do
+      let(:admin) { build(:casa_admin) }
+
+      it "returns the CSV report" do
+        sign_in admin
+
+        get mileage_reports_path(format: :csv)
+
+        expect(response).to have_http_status(:success)
+        expect(response.header["Content-Type"]).to eq("text/csv")
+        expect(response.headers["Content-Disposition"]).to(
+          match("mileage-report-#{Time.current.strftime("%Y-%m-%d")}.csv")
+        )
+      end
+
+      it "adds the correct headers to the csv" do
+        sign_in admin
+
+        get mileage_reports_path(format: :csv)
+
+        csv_headers = [
+          "Contact Types",
+          "Occurred At",
+          "Miles Driven",
+          "Casa Case Number",
+          "Creator Name",
+          "Supervisor Name",
+          "Volunteer Address",
+          "Reimbursed"
+        ]
+
+        csv_headers.each { |header| expect(response.body).to include(header) }
+      end
+    end
+
+    context "when the user is not authorized to access" do
+      it "redirects to root and displays an unauthorized message" do
+        volunteer = build(:volunteer)
+        sign_in volunteer
+
+        get mileage_reports_path(format: :csv)
+
+        expect(response).to redirect_to root_path
+        expect(response.request.flash[:notice]).to eq "Sorry, you are not authorized to perform this action."
+      end
+    end
+  end
+end