In accordance with the mandated work in FISMA, we are conducting the annual evaluation of information security practices, policies, and procedures established by HUD and the HUD Office of the Chief Information Officer. As part of the evaluation, we will also review 8 sample systems within 7 HUD program offices. Two products will result from our work; the mandated DHS CyberScope FISMA IG metrics report and a narrative report.

HUD OIG is evaluating the Offices of Public and Indian Housing and  Multifamily Housing Program’s policies for radon. Radon is the second leading cause of lung cancer after smoking, and it is the number one cause of lung cancer among non-smokers.

HUD OIG is evaluating HUD’s hiring efficiency.  HUD included improving hiring and human capital functions as a strategic objective in its Fiscal Year (FY) 2018-2022 Strategic Plan, and OIG has identified Human Capital as a Top Management Challenge for HUD in FY 2020.

HUD OIG is evaluating  HUD’s efforts to identify and mitigate resident risks for its properties on or near Superfund National Priorities List (NPL) sites and non-NPL sites with lead contamination.  We initiated this evaluation due to the lead poisoning of residents in an East Chicago, IN, public housing complex and the possibility that residents in thousands of U.S. Department of Housing and Urban Development (HUD)-funded properties across the Nation face health risks because they are living on or near other contaminated sites.

HUD OIG is conducting research to assess the U.S. Department of Housing and Urban Development (HUD)’s information technology (IT) infrastructure’s preparedness and capability to support mass mandatory telework due to the coronavirus disease of 2019 (COVID-19). This also included assessing for compliance with HUD information technology policies and Federal information system security requirements.  The CARES Act provided HUD with approximately $12 billion to mitigate the effects of the COVID-19 crisis and the ability to waive certain requirements.

HUD OIG is auditing the Federal Housing Administration’s (FHA) Home Equity Reverse Mortgage Information Technology (HERMIT) system as part of the internal control assessments required for the fiscal year 2019 financial statement audit under the Chief Financial Officer’s Act of 1990.  HERMIT provides an end-to-end solution (loan origination to disposition) on the Home Equity Conversion Mortgage (HECM) case-processing activities and assists FHA in efficiently managing the HECM portfolio.

HUD OIG has contracted with CliftonLarsonAllen LLP (CLA) to conduct the FHA financial statement audit for the fiscal year(s) ended September 30, 2020, to express an opinion on the financial statements, as well as to report any significant deficiencies and material weaknesses in internal control over financial reporting, and report on the results of their tests of compliance with laws, regulations, contracts, grant agreements, and other matters, if applicable.

HUD OIG has contracted with CliftonLarsonAllen LLP (CLA) to conduct the Ginnie Mae financial statement audit for the fiscal year(s) ended September 30, 2020, to express an opinion on the financial statements, as well as to report any significant deficiencies and material weaknesses in internal control over financial reporting, and report on the results of their tests of compliance with laws, regulations, contracts, grant agreements, and other matters, if applicable.

HUD OIG has contracted with CliftonLarsonAllen LLP (CLA) to conduct the HUD consolidated financial statement audit for the fiscal year(s) ended September 30, 2020, to express an opinion on the consolidated financial statements, as well as to report any significant deficiencies and material weaknesses in internal control over financial reporting, and report on the results of their tests of compliance with laws, regulations, contracts, grant agreements, and other matters, if applicable.

HUD OIG is reviewing HUD’s fraud risks identified for funds received from the Coronavirus Aid Recovery and Economic Stability Act for the Community Development Block Grant (CDBG) and Emergency Solutions Grant (ESG) programs.  Our objective will be to gain an understanding of HUD’s fraud risk management practices and the fraud risks HUD has identified for the CDBG and ESG funds appropriated under the CARES Act and develop an inventory of fraud risks not already identified by HUD.