The Federal Information Security Modernization Act of 2014 (FISMA) requires all Federal agencies to conduct independent penetration tests and vulnerability assessments on a sampling of information systems annually.  In conjunction with our fiscal year 2022 FISMA evaluation (2022-OE-0001), we conducted a targeted penetration test and vulnerability assessment of sample systems that resulted in a Topic Brief.  The objective of this…

The Inspector General Act of 1978 requires the Inspector General to prepare semiannual reports summarizing the activities of the Office of Inspector General for the preceding six-month period. The semiannual reports are intended to keep the Secretary and Congress fully informed of significant findings, progress the Agency has made, and recommendations for improvement. Open Recommendations Office of Audit Office of Evaluation…

We contracted with the independent public accounting firm of CliftonLarsonAllen LLP (CLA) to audit the financial statements of HUD as of and for the fiscal years ended September 30, 2022 and 2021, and to provide reports on HUD’s 1) internal control over financial reporting; and 2) compliance with laws, regulations, contracts, and grant agreements and other matters, including whether financial management systems complied substantially with the…

We contracted with the independent public accounting firm of CliftonLarsonAllen LLP (CLA) to audit the financial statements of Ginnie Mae as of and for the fiscal years ended September 30, 2022 and 2021, and to provide reports on Ginnie Mae’s 1) internal control over financial reporting; and 2) compliance with laws, regulations, contracts, and grant agreements and other matters. Our contract with CLA required that the audit be performed in…

We audited the U.S. Department of Housing and Urban Development’s (HUD) Title VIII complaint intake data and jurisdictional determinations recorded in the HUD Enforcement Management System (HEMS).  We initiated this audit to assist HUD with identifying opportunities to improve its data collection and jurisdiction determination process.  Our audit objective was to assess HUD’s Title VIII fair housing complaint intake process for…

We audited the U.S. Department of Housing and Urban Development’s (HUD) fraud risk management program at the enterprise and program-office levels and assessed its overall maturity.  Our objective was to determine HUD’s progress in implementing a fraud risk management framework at the enterprise and program-office levels that encompasses control activities to prevent, detect, and respond to fraud. The Antifraud Playbook established by the…

We performed a review of the U.S. Department of Housing and Urban Development’s (HUD) monitoring and tracking of Continuum of Care (CoC) grantees that have been slow to spend their grant funds.  Our objectives were to determine whether HUD was effectively tracking and monitoring CoC grant spending and to determine the impact of COVID-19 on CoC grantee spending.HUD generally tracked and monitored its grantees; however, it did not prioritize…

As part of a Council of the Inspectors General on Integrity and Efficiency (CIGIE) Disaster Assistance Working Group cross-cutting initiative, we summarized the conclusions, findings, and recommendations of 28 reports related to the Federal Government’s natural disaster preparedness and response issued by 7 Offices of Inspector General (OIGs).  The seven participating OIGs included U.S. Departments of Defense, Health and Human…

We audited the U.S. Department of Housing and Urban Development (HUD), Office of Native American Programs’ sale of defaulted loan notes and real estate-owned (REO) properties on tribal trust and other restricted lands. We performed this audit as a result of congressional interest in the Section 184 program and work performed during prior HUD, Office of Inspector General, audits. The objective of our audit was to determine whether HUD…

We audited the U.S. Department of Housing and Urban Development’s (HUD) efforts to meet the Geospatial Data Act of 2018 (the Act).Our audit objective was to determine whether HUD met the 13 responsibilities stated in the Act with regard to its collection, production, acquisition, maintenance, distribution, use, and preservation of geospatial data.  The Act also generally requires covered agencies provide access to geospatial data and…

The Federal Information Security Modernization Act of 2014 (FISMA) directs Inspectors General to conduct an annual evaluation of the agency information security program.  FISMA, Department of Homeland Security (DHS), Office of Management and Budget (OMB) and National Institute of Standards and Technology (NIST) establish information technology (IT) security guidance and standards for Federal agencies. We conducted this evaluation to assess…

In coordination with the Pandemic Response Accountability Committee, we conducted an audit to identify potential fraud schemes that could affect HUD’s pandemic funds.  We reviewed the funds appropriated by the Coronavirus Aid, Relief, and Economic Security (CARES) Act and the American Rescue Plan (ARP) Act for the Tenant-Based Rental Assistance (TBRA), Project-Based Rental Assistance (PBRA), HOME Investment Partnerships, and Public Housing…

We audited the U.S. Department of Housing and Urban Development’s (HUD) Community Development Block Grant Coronavirus Aid, Relief, and Economic Security (CARES) Act program.Our audit objective was to determine what challenges grantees faced in using program funds for activities that prepare for, prevent, or respond to the coronavirus and its impact.  We used a survey questionnaire to gather feedback and insight directly from 1,047 program…

“According to the Centers for Disease Control and Prevention (CDC), lead-based paint and lead-contaminated dust are some of the most widespread and hazardous sources of lead exposure for young children in the United States.  When lead-based paint peels and cracks, it results in lead-contaminated paint chips and dust.  Children can be poisoned if they chew on surfaces coated with lead-based paint, eat flaking paint chips, or eat or…

We completed a corrective action verification (CAV) of recommendations from prior Office of Inspector General (OIG) audit reports on the U.S. Department of Housing and Urban Development’s (HUD) government purchase cards and government travel cards, both issued January 31, 2020. During our CAV, we followed up on all 10 recommendations from OIG audit report 2020-KC-0001 and all 13 recommendations from OIG audit report 2020-KC-0002. Our CAV…

We audited the U.S. Department of Housing and Urban Development’s (HUD) fiscal year 2021 compliance with the Payment Integrity Information Act of 2019 (PIIA) and implementation of Office of Management and Budget (OMB) guidance.  PIIA was enacted to prevent and reduce improper payments and require each agency’s inspector general to perform an annual review of the agency’s compliance with PIIA.  Our objectives were to assess (1) whether…

Develop a control to detect loans that did not maintain the required flood insurance to put $1.5 billion to better use by avoiding potential future costs to the FHA insurance fund from inadequately insured properties. Corrective Action Taken In November 2022, FHA published the Acceptance of Private Flood Insurance for FHA-Insured Mortgages final rule (Docket No. FR-6084-F-02) in the Federal Register and issued Mortgagee Letter 2022-18,…

The Federal Information Security Modernization Act of 2014 (FISMA) directs Inspectors General to conduct an annual evaluation of the agency information security program.  FISMA, Department of Homeland Security (DHS), Office of Management and Budget (OMB) and National Institute of Standards and Technology (NIST) establish information technology (IT) security guidance and standards for Federal agencies. We conducted this evaluation to assess…

The Federal Information Security Modernization Act of 2014 (FISMA) requires all federal agencies to conduct independent security technical verification testing on a sampling of information systems annually.  In conjunction with our fiscal year 2021 FISMA evaluation (2021-OE-0001), we conducted a targeted security testing assessment of sample systems that resulted in a Topic Brief.  The objective of this application vulnerability…

We audited the U.S. Department of Housing and Urban Development’s (HUD) oversight of its public housing agencies’ (PHA) reasonable accommodation policies and procedures.  We initiated this audit because we identified an increase in housing discrimination complaints based on a failure to provide a reasonable accommodation, even as the total number of all housing discrimination complaints was decreasing.  Our audit objective was to…