The U.S. Department of Housing and Urban Development (HUD), Office of Inspector General (OIG) is auditing the use of Community Development Block Grant Disaster Recovery (CDBG-DR) funds as non-Federal match for the Federal Emergency Management Agency’s (FEMA)Public Assistance Program.  Our objectives are to determine whether four CDBG-DR grantees made improper payments and whether the Office of Community Planning and…

We audited the project activity status for 12 grantees that received funds under the U.S. Department of Housing and Urban Development’s (HUD) Community Development Block Grant (CDBG) National Disaster Resilience (NDR) grant to determine whether the grantees have accomplished or are on track to accomplish the goals of the activities outlined in their action plans. We found that NDR grantees should be able to accomplish their…

In January 2017, HUD awarded the City $141.2 million in Community Development Block Grant National Disaster Resilience grant funding for disaster resilience. HUD designed the grant to give states flexibility in planning program activities and help state and local communities recover from past disasters, while also improving their infrastructure to withstand future extreme events through strategic community investments.  The City…

We have completed our fiscal year (FY) 2023 Federal Information Security Modernization Act of 2014 (FISMA) penetration test and vulnerability assessment.  The objective of this evaluation was to test and verify the technical implementation of a limited set of security controls on judgmentally selected U.S. Department of Housing and Urban Development (HUD) information systems and applications.HUD demonstrated successes in securely…

From 2001 to 2022, the Community Development Block Grant - Disaster Recovery program provided almost $98 billion to states, cities, counties, and territories to help them recover from disasters.  Administering disaster recovery has been a recurring U.S. Department of Housing and Urban Development (HUD) top management challenge since 2018.  Therefore, we audited the disaster recovery program to determine whether the Office of…

We performed an audit examining HUD’s efforts to prevent duplication of benefits when using Community Development Block Grant (CDBG) Disaster Recovery and Mitigation funds.  Our objective was to determine how the U.S. Department of Housing and Urban Development (HUD) assesses the adequacy of grantee procedures to prevent a duplication of benefits, both before and after grant execution. HUD certified grantees’ high-level processes…

We performed an audit related to the U.S. Department of Housing and Urban Development’s (HUD) Disaster Recovery Data Portal.  The Disaster Recovery Data Portal is a technological solution planned by HUD to facilitate the rapid and secure transmission of data from the Federal Emergency Management Agency (FEMA) to HUD’s Community Development Block Grant Disaster Recovery grantees.  We performed the work because HUD needs a…

The Federal Information Security Modernization Act of 2014 (FISMA) directs Inspectors General to conduct an annual evaluation of the agency information security program.  FISMA, Department of Homeland Security (DHS), Office of Management and Budget (OMB) and National Institute of Standards and Technology (NIST) establish information technology (IT) security guidance and standards for Federal agencies. We conducted this evaluation…

The Federal Information Security Modernization Act of 2014 (FISMA) requires all federal agencies to conduct independent security technical verification testing on a sampling of information systems annually.  In conjunction with our fiscal year 2021 FISMA evaluation (2021-OE-0001), we conducted a targeted security testing assessment of sample systems that resulted in a Topic Brief.  The objective of this application…

We audited the U.S. Department of Housing and Urban Development (HUD), Office of Community Planning and Development’s (CPD) oversight and monitoring of its Community Development Block Grant Disaster Recovery (CDBG-DR) slow-spending grantees.  This was a self-initiated audit consistent with our oversight activities and current top priority areas.  Our objective was to assess CPD’s monitoring and oversight tools related to the…