We audited the U.S. Department of Housing and Urban Development’s (HUD) Office of Community Planning and Development’s (CPD) monitoring of grantees’ compliance with civil rights requirements. Our audit focused on the Community Development Block Grant (CDBG) and the HOME Investment Partnerships Program (HOME). Our audit objective was to assess the extent to which CPD monitored civil rights compliance in its program activities.CPD could…

We have completed our fiscal year (FY) 2023 Federal Information Security Modernization Act of 2014 (FISMA) penetration test and vulnerability assessment.  The objective of this evaluation was to test and verify the technical implementation of a limited set of security controls on judgmentally selected U.S. Department of Housing and Urban Development (HUD) information systems and applications.HUD demonstrated successes in securely…

The Office of Community Planning and Development (CPD) traditionally uses onsite monitoring to monitor its grantees.  However, in response to the coronavirus disease 2019 pandemic, CPD shifted to 100 percent remote monitoring.  Monitoring was momentarily paused in fiscal year (FY) 2020 and was reinstituted remotely in FY 2021. To support its remote monitoring approach, CPD launched the Grantee Document Exchange (GDX), an…

The Federal Information Security Modernization Act of 2014 (FISMA) directs Inspectors General to conduct an annual evaluation of the agency information security program.  FISMA, Department of Homeland Security (DHS), Office of Management and Budget (OMB) and National Institute of Standards and Technology (NIST) establish information technology (IT) security guidance and standards for Federal agencies. We conducted this evaluation…

The Federal Information Security Modernization Act of 2014 (FISMA) requires all federal agencies to conduct independent security technical verification testing on a sampling of information systems annually.  In conjunction with our fiscal year 2021 FISMA evaluation (2021-OE-0001), we conducted a targeted security testing assessment of sample systems that resulted in a Topic Brief.  The objective of this application…

HUD OIG performed the ninth of the ongoing audits of the Lower Manhattan Development Corporation’s (LMDC’s) administration of the Community Development Block Grant (Block Grant) Disaster Recovery Assistance funds provided to the State of New York following the September 11, 2001, terrorist attacks on the World Trade Center in New York City.  HUD has allocated $2.783 billion in Disaster Recovery Assistance funds to the LMDC. …