Enforce the requirement for all HUD web applications and services to be approved and authorized by OCIO. The OIG has determined that the contents of this recommendation would not be appropriate for public disclosure and has therefore limited its distribution to selected officials. Corrective Action Taken In January 2023, HUD's Office of the Chief Information Officer developed and released a Web Applications Directive to all HUD program…

This report is for informational purposes only and does not represent an OIG perspective or position. The Robert T. Stafford Disaster Relief and Emergency Assistance Act was designed to bring an orderly and systematic means of Federal disaster assistance for State and local governments to carry out their responsibilities to aid citizens.  Although, State and local governments may carry out their responsibilities in an orderly and…

We audited the U.S. Department of Housing and Urban Development’s (HUD) procurement of major service contracts by the Office of the Chief Procurement Officer (OCPO) as part of our fiscal year 2016 audit plan and due to a hotline complaint regarding a contract for scanning services.  Our audit objective was to determine whether HUD had adequate procedures in place to plan and monitor major service contracts to prevent waste and abuse. HUD’s…

The Digital Accountability and Transparency Act of 2014 (DATA Act) and implementation guidance provided in the Office of Management and Budget Memorandum M-15-12 mandates that Federal agencies must report their financial, budgetary and programmatic information to the USASpending.gov web site by the statutory May 2017 deadline. In our second of two Data Act Readiness Reviews, OIG reviewed the U.S. Department of Housing and Urban Development’s (…

We reviewed the general and application controls over the Federal Housing Administration’s (FHA) Single Family Premiums Collection Subsystem – Periodic (SFPCS-P) and Single Family Acquired Asset Management System (SAMS) as part of the internal control assessments required for the fiscal year 2016 financial statement audit under the Chief Financial Officer’s Act of 1990.  Our objective was to review the general and application controls over…

The Federal Information Security Modernization Act of 2014 (FISMA) directs Inspectors General to conduct an annual evaluation of the agency information security program.  FISMA, Department of Homeland Security (DHS), Office of Management and Budget (OMB) and National Institute of Standards and Technology (NIST) establish information technology (IT) security guidance and standards for Federal agencies. We conducted this evaluation to assess…

We audited HUD’s compliance with the fiscal year 2015 travel and purchase card programs based on our required fiscal year 2014 risk assessment, which determined the U.S. Department of Housing and Urban Development’s (HUD) agencywide charge card program to be at medium risk for fraud. Offices of inspector general are required to (1) conduct periodic assessments of the agency charge card programs, (2) perform analyses or audits as necessary, and…

The Office of Hospital Facilities (OHF) provides mortgage insurance for acute care hospitals.  The insurance it provides reduces risk to lenders and lowers borrowing costs for hospitals.  As of May 2016, the unpaid principal balance for its 105 insured mortgages was approximately $7 billion. OHF collects and generates many records to support its mission.  These records include application materials, internal reports, and…

We reviewed the general and application controls over the Federal Housing Administration’s (FHA) Single Family Insurance System (SFIS) and Single Family Insurance Claims Subsystem (Claims) as part of the internal control assessments required for the fiscal year 2015 financial statement audit under the Chief Financial Officer’s Act of 1990. Our objective was to assess the general and application controls over SFIS and Claims for compliance with…

The Digital Accountability and Transparency Act of 2014 (DATA Act), and implementing guidance provided in the Office of Management and Budget Memorandum M-15-12, is a mandate that Federal agencies must follow to report their financial, budgetary and programmatic information to the USASpending.gov web site.  We have reviewed the U.S. Department of Housing and Urban Development’s (HUD) compliance efforts as of July 15, 2016.  To…

We audited the U.S. Department of Housing and Urban Development’s (HUD) oversight of the Government National Mortgage Association’s (Ginnie Mae) contract for financial industry and media marketing services with public relations and communications firm Burson-Marsteller.  We initiated the audit after we became aware of potential issues regarding the amount of funds used for services, which may not have been reasonable or necessary. …

Due to deficiencies found in prior reviews of two Intergovernmental Personnel Act (IPA or Act) assignments, we audited the U.S. Department of Housing and Urban Development’s (HUD) implementation and oversight of the IPA mobility program. The audit objectives were to determine whether (1) HUD’s use of IPA agreements met the purpose and intent of the IPA mobility program, (2) HUD’s policies and procedures related to IPA agreements were adequate…

Contractors comprise around half of HUD’s workforce. We reviewed progress HUD had made in addressing previously identified background investigation issues. Personnel Security Division (PSD) had reduced the backlog of suitability adjudication cases, but on average it took about four times longer than the Office of Personnel Management standard of 90 days to complete a case—resulting in several hundred contractor employees working at HUD without…

We assessed the HUD Office of the Chief Procurement Officer’s acquisition improvement initiatives. HUD has faced many acquisition challenges over the years and we found HUD had made progress in addressing those challenges. We observed that HUD had not developed a sound, cohesive strategy to address improvement initiatives, offices did not communicate or coordinate effectively, and offices did not agree on the best way to address acquisitions…

We reviewed the general and application controls over the Federal Housing Administration’s (FHA) Single Family Insurance System (SFIS) and Single Family Insurance Claims subsystem (Claims) as part of the internal control assessments required for the fiscal year 2015 financial statement audit under the Chief Financial Officer’s Act of 1990.  Our objective was to evaluate the general and application controls over SFIS and Claims for…

The Federal Information Security Modernization Act of 2014 (FISMA) directs the Office of Inspector General (OIG) to conduct an annual evaluation of the U.S. Department of Housing and Urban Development (HUD) information security program.  FISMA, Department of Homeland Security (DHS), Office of Management and Budget (OMB) and National Institute of Standards and Technology (NIST) establish information technology (IT) security guidance and…

We reviewed information system controls over the U.S. Department of Housing and Urban Development’s (HUD) computing environment.  This review was conducted as part of the Office of Inspector General’s audit of HUD’s financial statements for fiscal year 2015 under the Chief Financial Officer’s Act of 1990. The OIG has determined that the contents of this report would not be appropriate for public disclosure and has therefore limited its…

Office of Evaluation, IT Evaluation Division (iTED) conducted an evaluation of HUD’s IT Modernization program, which included reviews on the implementation and maturity of HUD’s capital planning and investment control (CIPIC) process and Enterprise Architecture (EA) program. With the corroboration of HUD’s Office of Chief Information Officer (OCIO), the report focuses on three major IT programs and policies within the CPIC and EA programs: IT…

The Office of Evaluation performed preliminary research of the HUD Office of the Chief Information Officer’s (OCIO) management of the agency’s reporting of financial and project information on the Federal IT Dashboard (Dashboard).  The objective of the evaluation was to determine if OCIO processes ensured accurate IT investment information was reported on the Dashboard.  We found that project managers did not consistently follow…

We reviewed information system controls over the U.S. Department of Housing and Urban Development’s (HUD) computing environment.  This review was conducted as part of the Office of Inspector General’s audit of HUD’s financial statements for fiscal year 2014 under the Chief Financial Officer’s Act of 1990. The OIG has determined that the contents of this report would not be appropriate for public disclosure and has therefore limited its…