The Federal Information Security Management Act of 2002 (FISMA) directs the Office of Inspector General (OIG) to conduct an annual evaluation of the U.S. Department of Housing and Urban Development (HUD) information security program.  FISMA, Department of Homeland Security (DHS), Office of Management and Budget (OMB) and National Institute of Standards and Technology (NIST) establish information technology (IT) security guidance and…

Federal organizations have a fundamental responsibility to protect the privacy of individuals and their personally identifiable information (PII) that is collected, used, maintained, shared, and disposed of by agency programs and information systems. The management of U.S. Department of Housing and Urban Development (HUD) programs demands the availability and use of extensive amounts of financial, demographic, and personal information. HUD is…

We reviewed the U.S. Department of Housing and Urban Development’s (HUD) violation report regarding the misuse of a government purchase card in accordance with the Office of Management and Budget’s (OMB) implementing guidance and the Government Charge Card Abuse Prevention Act of 2012.   HUD is responsible for the violation report and the conclusions expressed in the report.  Our objective was to evaluate the fairness of the…

The U.S. Department of Housing and Urban Development’s (HUD), Office of Inspector General reviewed HUD’s oversight of contracting for architectural and engineering contracts due to a referral involving a multi-State manufactured home inspection contract awarded by HUD in which the contractor received excessive payments.  Our audit objective was to determine whether HUD properly procured and made reasonable payments for its manufactured…

The Federal Information Security Management Act of 2002 (FISMA) directs the Office of Inspector General (OIG) to conduct an annual evaluation of the U.S. Department of Housing and Urban Development (HUD) information security program.  FISMA, Department of Homeland Security (DHS), Office of Management and Budget (OMB) and National Institute of Standards and Technology (NIST) establish information technology (IT) security guidance and…

We conducted an evaluation of the U.S. Department of Housing and Urban Development’s (HUD) toll free phone lines.  Our objective was to determine whether HUD’s phone lines were functioning at optimal levels with regard to phone line operations and the level of customer service provided to the public. Our review disclosed that HUD could not determine (1) whether its toll free phone lines were functioning at an optimal level and (2) the…

We audited the U.S. Department of Housing and Urban Development’s (HUD)’s plans and procedures for data conversion of the HUD Integrated Core Financial System (ICFS). Our audit objective was to review HUD’s readiness to fully implement ICFS and determine whether HUD had properly managed the payments related to data conversion activities. We determined that OCFO incorrectly paid the Integrated Financial Management Improvement Project contractor…

We have completed a review to determine whether HUD followed proper policies and procedures in responding to a breach of personally identifiable information which occurred on September 21, 2012. Specifically, for this incident, we identified what actions were taken and any deficiencies within HUD policies, plans, or current practices. We determined that HUD responded to the incident properly, following United States Computer Emergency…

The U.S. Department of Housing and Urban Development’s (HUD) Office of Inspector General audited the Office of the Chief Human Capital Officer based on concerns about security risks of hard drives in multifunction devices. Our objective was to determine whether HUD had documented and implemented procedures to effectively remove sensitive data from the hard drives of multifunction devices before disposing of them. HUD did not monitor or test the…

We audited Gloucester Township, NJ's administration of its Community Development Block Grant funds that it received under the American Recovery and Reinvestment Act of 2009. We selected the Township for an audit because we received two complaints alleging that it misused stimulus funds and overpaid for services and because of our mandate to audit Recovery Act activities. Our audit objective was to determine whether the Township obligated…

In response to a request for review from the Office of the Department Operations and Coordination, we are auditing the Office of Labor Relations (Labor Relations) wage restitution and deposit process. We found Labor Relations has weak internal controls over their Deposit account. Our objective was to gain an understanding of the deposit process and determine whether the controls used to administer and distribute restitution payments were…

We audited the U.S. Department of Housing and Urban Development’s (HUD) management procedures, practices, and controls related to the Recovery Act Management and Reporting System (RAMPS). Our objective was to assess its capability to record and provide data required by the American Recovery and Reinvestment Act of 2009 on which HUD is required to report. Overall, RAMPS had the capability to record Recovery Act data and produce the reports…

We audited the Office of the Chief Procurement Officer’s (procurement office) procedures for closing out completed and expired Government National Mortgage Association (Ginnie Mae) contracts in compliance with applicable regulations. This audit was part of our audit plan for fiscal year 2010. Our objective was to determine whether the procurement office performed timely closeouts on completed and expired Ginnie Mae contracts. The procurement…

We audited the Office of the Chief Procurement Officer’s (procurement office) administration of interagency agreements (IAAs). This audit was part of our fiscal year 2010 audit plan because of congressional hearings on the use and management of IAAs throughout the Federal Government. Our objective was to determine whether the U.S. Department of Housing and Urban Development (HUD) effectively administered its IAAs and the costs to procure these…

We have completed an audit of the U.S. Department of Housing and Urban Development’s (HUD) information security program. We evaluated whether HUD’s Office of the Chief Information Officer (OCIO) had developed security policies, implemented procedures, and continuously monitored its entitywide information system security program. We performed this audit because it is a required component of our fiscal year 2010 consolidated financial statements…

We audited the U.S. Department of Housing and Urban Development’s (HUD) process for hiring employees in accordance with Office of Personnel Management (OPM) guidelines. The audit was initiated due to concerns about whether HUD addressed the staffing needs of its Homeownership Centers in a timely manner to address significant increases in single family mortgage workload. Our audit objective was to determine whether HUD effectively hired…

We audited the Office of the Chief Procurement Officer’s (procurement office) procedures for administering completed and expired contracts in compliance with applicable regulations. Our objective was to determine whether the procurement office performed contract closeout procedures on completed and expired contracts in a timely manner. We expanded our objective to determine whether the contract files were complete and properly maintained. We…

We performed an audit of the U.S. Department of Housing and Urban Development’s (HUD) property and equipment. We performed this audit as a result of recurring findings relating to HUD’s property and equipment reported in the fiscal years 2004 through 2008 management letters. Our objective was to determine whether HUD properly recorded and tracked the acquisition and disposal of its capitalized and other accountable property and equipment. We…

We audited HUD's process for monitoring recipient reporting for the American Recovery and Reinvestment Act of 2009 (Recovery Act). The Recovery Accountability and Transparency Board (Board), created by the Recovery Act, has required the Inspector General community to evaluate Federal agencies' process for monitoring recipient reporting of Recovery Act funds for the quarter ending September 30, 2009. The audit reports are to be issued…

The HUD Inspector General Office the management procedures, practices, and controls related to the Recovery Act Management and Reporting System (RAMPS) to assess compliance with reporting requirements under the American Recovery and Reinvestment Act (Recovery Act). The audit found that HUD had taken actions to comply with the reporting requirements under the Recovery Act. However, HUD’s effort to implement procedures, practices, and controls…