We audited the Virgin Islands Housing Finance Authority’s monitoring of its Community Development Block Grant Disaster Recovery (CDBG-DR)-funded activities.  We initiated the audit because of the large amount of CDBG-DR funds awarded to the U.S. Virgin Islands for the 2017 disasters and to aid in the U.S. Department of Housing and Urban Development’s (HUD) strategic objective to support effectiveness and accountability in long-term disaster…

We audited the U.S. Department of Housing and Urban Development’s (HUD), oversight of Community Development Block Grant Disaster Recovery (CDBG-DR) grantees’ use of program income.  We initiated this audit in accordance with our goal of ensuring and promoting accountability and effectiveness in disaster response and recovery.  Our audit objective was to determine whether HUD ensured that program income generated from disaster funds…

We audited the Puerto Rico Department of Housing’s (PRDOH) Home Repair, Reconstruction, or Relocation (R3) program.  We initiated this audit as part of our commitment to helping the U.S. Department of Housing and Urban Development (HUD) support effectiveness and accountability in long-term disaster recovery.  Our objective was to determine whether PRDOH followed applicable program requirements when spending R3 program funds. During…

We audited the State of Georgia’s monitoring of its Community Development Block Grant Disaster Recovery (CDBG-DR) Hurricanes Harvey, Irma, and Maria (HIM) grants’ activities and subrecipients.  We initiated this audit to further HUD’s strategic objective to support effectiveness and accountability in long-term disaster recovery.  HUD awarded more than $50.9 million in disaster recovery funds to the State for the natural disasters that…

The Office of Community Planning and Development (CPD) traditionally uses onsite monitoring to monitor its grantees.  However, in response to the coronavirus disease 2019 pandemic, CPD shifted to 100 percent remote monitoring.  Monitoring was momentarily paused in fiscal year (FY) 2020 and was reinstituted remotely in FY 2021. To support its remote monitoring approach, CPD launched the Grantee Document Exchange (GDX), an externally…

We audited the Office of Community Planning and Development’s (CPD) monitoring and oversight of the Community Development Block Grant - Disaster Recovery (CDBG-DR) program.  The objective of the audit was to determine whether CPD had effectively and efficiently designed its CDBG-DR program requirements and monitoring to ensure that the grantees meet statutory and other Federal low- and moderate-income (LMI) requirements.  Generally,…

We conducted this evaluation to assess the maturity of HUD’s Robotic process automation (RPA) activities and determine whether HUD had implemented related controls to address technology and program management risks.  RPA is a software technology used to emulate human actions on a computer.  RPA software programs, referred to as “bots,” can complete repetitive tasks quickly and consistently, freeing up employees to work on other, higher…

We conducted an attestation review of the U.S. Department of Housing and Urban Development’s drug control accounting for the fiscal year ended September 30, 2022.  We performed this review pursuant to section 705(d) of Public Law 105-277, which requires National Drug Control Program agencies to submit to the Director of ONDCP a detailed accounting of all funds spent by the agencies for National Drug Control Program activities during the…

We audited the U.S. Department of Housing and Urban Development’s (HUD) information technology (IT) infrastructure to support mandatory telework. During mandatory telework, more employees simultaneously needed remote access to HUD’s network and agency resources for an extended period, which presented unique risks and security requirements. While HUD is no longer operating under mandatory telework, understanding the challenges it faced is key to…

We performed a review of the U.S. Department of Housing and Urban Development’s (HUD) monitoring and tracking of Continuum of Care (CoC) grantees that have been slow to spend their grant funds.  Our objectives were to determine whether HUD was effectively tracking and monitoring CoC grant spending and to determine the impact of COVID-19 on CoC grantee spending. HUD generally tracked and monitored its grantees; however, it did not…

As part of a Council of the Inspectors General on Integrity and Efficiency (CIGIE) Disaster Assistance Working Group cross-cutting initiative, we summarized the conclusions, findings, and recommendations of 28 reports related to the Federal Government’s natural disaster preparedness and response issued by 7 Offices of Inspector General (OIGs).  The seven participating OIGs included U.S. Departments of Defense, Health and Human Services…

The Federal Information Security Modernization Act of 2014 (FISMA) directs Inspectors General to conduct an annual evaluation of the agency information security program.  FISMA, Department of Homeland Security (DHS), Office of Management and Budget (OMB) and National Institute of Standards and Technology (NIST) establish information technology (IT) security guidance and standards for Federal agencies. We conducted this evaluation to assess…

In coordination with the Pandemic Response Accountability Committee, we conducted an audit to identify potential fraud schemes that could affect HUD’s pandemic funds.  We reviewed the funds appropriated by the Coronavirus Aid, Relief, and Economic Security (CARES) Act and the American Rescue Plan (ARP) Act for the Tenant-Based Rental Assistance (TBRA), Project-Based Rental Assistance (PBRA), HOME Investment Partnerships, and Public Housing…

We audited the U.S. Department of Housing and Urban Development’s (HUD) Community Development Block Grant Coronavirus Aid, Relief, and Economic Security (CARES) Act program. Our audit objective was to determine what challenges grantees faced in using program funds for activities that prepare for, prevent, or respond to the coronavirus and its impact.  We used a survey questionnaire to gather feedback and insight directly from 1,047 program…

We audited the State of North Carolina’s Community Development Block Grant Disaster Recovery (CDBG-DR) funds.  We initiated this audit as part of our commitment to helping the U.S. Department of Housing and Urban Development (HUD) address its top management challenges and to support HUD’s strategic objective to support effectiveness and accountability in long-term disaster recovery.  Further, Congress has expressed strong interest in…

We audited the U.S. Department of Housing and Urban Development’s (HUD) Emergency Solutions Grants Coronavirus Aid, Relief, and Economic Security Act (CARES Act) (ESG-CV) program. Our audit objective was to determine what challenges ESG-CV grant recipients faced in implementing the program and using grant funds. We used a survey questionnaire to gather feedback and insight directly from the 362 recipients of ESG-CV grants. At the time we…

We audited the State of Florida’s Housing Repair and Replacement Program (HRRP), one of the programs that the State developed to address its unmet disaster recovery housing needs because of Hurricane Irma in 2017.  We audited this program due to the large amount of Community Development Block Grant Disaster Recovery (CDBG-DR) funding allocated of $346.2 million.  Our audit objective was to determine whether the State administered its…

The Federal Information Security Modernization Act of 2014 (FISMA) directs Inspectors General to conduct an annual evaluation of the agency information security program.  FISMA, Department of Homeland Security (DHS), Office of Management and Budget (OMB) and National Institute of Standards and Technology (NIST) establish information technology (IT) security guidance and standards for Federal agencies. We conducted this evaluation to assess…

The Federal Information Security Modernization Act of 2014 (FISMA) requires all federal agencies to conduct independent security technical verification testing on a sampling of information systems annually.  In conjunction with our fiscal year 2021 FISMA evaluation (2021-OE-0001), we conducted a targeted security testing assessment of sample systems that resulted in a Topic Brief.  The objective of this application vulnerability…

We audited the Los Angeles Homeless Services Authority’s Continuum of Care (CoC) program.  The audit was initiated because of the homelessness crisis in the City of Los Angeles, which has the highest number of unsheltered people in the United States.  In addition, the Los Angeles city controller issued a report in 2019, criticizing the Authority for falling short of City of Los Angeles homeless outreach goals.  (See Background and…