Require all system owners to review the records retention practices for each information system and take any corrective actions necessary to ensure adherence to the applicable records retention schedule

A. Issue a clean desk policy prohibiting unattended and unsecured sensitive data in workplaces. B. Implement procedures to enforce the clean desk policy.

Direct PIH and OCIO to develop a comprehensive project plan, documenting the milestones and dates for addressing the gaps in ONAP-LOS capabilities (functionality and reports) and the 25 recommendations made during HUD OCIO's project health assessment

Direct all stakeholders to identify all viable options to securely resolve the ONAP-LOS access issues, so authorized Section 184 lenders can access the system. The best solution should not impose unacceptable risk to business processes or sensitive data. Current program offices involved are OCIO, PIH, and FHA, while others may also be identified

Direct PIH and OCIO to ensure that the Section 184 program transitions away from dependency on CHUMS.

Continue to develop required ONAP-LOS capabilities using cloud environments as appropriate

Coordinate and participate in resolving all open recommendations from evaluation report IT System Management and Oversight of the Section 184 Program (2018-OE-0004)

Create agreements and strategies with other program offices that describe when cross-programmatic reviews and enforcement actions against PHAs are required.

Train PIH officials on the authority and processes for declaring PHAs in substantial default and for taking PHAs into HUD possession.

Update and strengthen the training program for HUD receivers of PHAs.

Update procedures for receiverships to include specific guidance on when initiating a receivership may be appropriate.

Update the occupant emergency plan so that it lists the ways occupants are to report fires or other emergencies

Periodically provide training on the occupant emergency plan once it is updated

Create a process to help ensure that fire drills for the Weaver Building occur every year

Conduct a study to project HUD’s capacity needs for ESI collections

Give its completed study to OCIO for consideration during future contract award decisions regarding E-Discovery services

The OIG has determined that the contents of this recommendation would not be appropriate for public disclosure and has therefore limited its distribution to selected officials.

The OIG has determined that the contents of this recommendation would not be appropriate for public disclosure and has therefore limited its distribution to selected officials.

The OIG has determined that the contents of this recommendation would not be appropriate for public disclosure and has therefore limited its distribution to selected officials.

The OIG has determined that the contents of this recommendation would not be appropriate for public disclosure and has therefore limited its distribution to selected officials.