The OIG Office of Evaluation is initiating an evaluation of the U.S. Department of Housing and Urban Development’s (HUD) Public and Indian Housing (PIH) Information Technology (IT) Modernization program. The objectives are to assess the IT Modernization process for Enterprise Voucher Management System (EVMS) and Housing Information Portal (HIP) systems that support key PIH programs.

The OIG evaluated the U.S. Department of Housing and Urban Development (HUD) Office of Housing’s (Housing) progress in applying zero trust security principles to protect personally identifiable information (PII) within the Federal Housing Administration (FHA) Catalyst system.HUD was in the beginning stages of implementing zero trust requirements for the data and identity pillars. HUD Office of Housing systems, including FHA Catalyst,...

The Federal Information Security Modernization Act of 2014 (FISMA) directs Inspectors General to conduct an annual evaluation of the agency information security program. FISMA, Department of Homeland Security (DHS), Office of Management and Budget (OMB) and National Institute of Standards and Technology (NIST) establish information technology (IT) security guidance and standards for Federal agencies. We conducted this evaluation to...

The Federal Information Security Modernization Act of 2014 (FISMA) directs Inspectors General to conduct an annual evaluation of the agency information security program. FISMA, Department of Homeland Security (DHS), Office of Management and Budget (OMB) and National Institute of Standards and Technology (NIST) establish information technology (IT) security guidance and standards for Federal agencies. We conducted this evaluation to...

We conducted this evaluation to assess the maturity of HUD’s Robotic process automation (RPA) activities and determine whether HUD had implemented related controls to address technology and program management risks.  RPA is a software technology used to emulate human actions on a computer.  RPA software programs, referred to as “bots,” can complete repetitive tasks quickly and consistently, freeing up employees to work on...

We audited the U.S. Department of Housing and Urban Development’s (HUD) information technology (IT) infrastructure to support mandatory telework. During mandatory telework, more employees simultaneously needed remote access to HUD’s network and agency resources for an extended period, which presented unique risks and security requirements. While HUD is no longer operating under mandatory telework, understanding the challenges it faced...

The Federal Information Security Modernization Act of 2014 (FISMA) directs Inspectors General to conduct an annual evaluation of the agency information security program.  FISMA, Department of Homeland Security (DHS), Office of Management and Budget (OMB) and National Institute of Standards and Technology (NIST) establish information technology (IT) security guidance and standards for Federal agencies. We conducted this evaluation...

We reviewed the U.S. Department of Housing and Urban Development’s (HUD) ability to effectively complete information technology (IT) acquisitions.  HUD’s IT systems and its modernization plans depend heavily on contractors, yet HUD has historically faced significant challenges with implementing effective acquisition processes. Therefore, HUD’s acquisition capacity represents a key potential risk within HUD’s IT environment. We...

We will review HUD OCIO’s most recent IT modernization roadmap and strategy along with any other supporting documentation HUD can provide regarding modernization progress and milestones. Specifically, we will identify the various ongoing modernization projects within the roadmap and obtain documentation about the status of the individual projects. We will interview HUD officials knowledgeable about HUD’s modernization plans to confirm...

To provide the HUD Secretary, senior leadership and Congress with an overview of the current status of Information Technology (IT) at HUD, the challenges they have overcome since the first 2018 IT Brief and the challenges they continue to face.

In accordance with the mandated work in FISMA, we are conducting the annual evaluation of information security practices, policies, and procedures established by HUD and the HUD Office of the Chief Information Officer. As part of the evaluation, we will also review 8 sample systems within 7 HUD program offices. Two products will result from our work; the mandated DHS CyberScope FISMA IG metrics report and a narrative report.

HUD OIG is conducting research to assess the U.S. Department of Housing and Urban Development (HUD)’s information technology (IT) infrastructure’s preparedness and capability to support mass mandatory telework due to the coronavirus disease of 2019 (COVID-19). This also included assessing for compliance with HUD information technology policies and Federal information system security requirements.  The CARES Act provided HUD with...

In accordance with the mandated work in FISMA, we are conducting the annual evaluation of information security practices, policies, and procedures established by HUD and the HUD Office of the Chief Information Officer. As part of the evaluation, we will also review 8 sample systems within 7 HUD program offices. Two products will result from our work; the mandated DHS CyberScope FISMA IG metrics report and a narrative report.