The Office of National Drug Control Policy (ONDCP) leads and coordinates the Nation’s drug policy to improve the health and lives of the American people, including the development and implementation of the National Drug Control Strategy (the Strategy).  ONDCP evaluates the effectiveness of national drug control policy efforts, the Strategy’s goals and objectives, and each National Drug Control Program Agency’s program-level...

We audited the Puerto Rico Housing Finance Authority’s (PRHFA) Homebuyer Assistance Program (HBA), which provides eligible applicants with closing costs and downpayment assistance for the purchase of a primary residence.  The U.S. Department of Housing and Urban Development (HUD) provided its grantee, the Puerto Rico Department of Housing (PRDOH), $495 million in Community Development Block Grant Disaster Recovery funds for HBA...

We have completed our fiscal year (FY) 2023 Federal Information Security Modernization Act of 2014 (FISMA) penetration test and vulnerability assessment.  The objective of this evaluation was to test and verify the technical implementation of a limited set of security controls on judgmentally selected U.S. Department of Housing and Urban Development (HUD) information systems and applications.HUD demonstrated successes in securely...

The Federal Information Security Modernization Act of 2014 (FISMA) directs Inspectors General to conduct an annual evaluation of the agency information security program.  FISMA, Department of Homeland Security (DHS), Office of Management and Budget (OMB) and National Institute of Standards and Technology (NIST) establish information technology (IT) security guidance and standards for Federal agencies. We conducted this evaluation...

The Federal Information Security Modernization Act of 2014 (FISMA) requires all federal agencies to conduct independent security technical verification testing on a sampling of information systems annually.  In conjunction with our fiscal year 2021 FISMA evaluation (2021-OE-0001), we conducted a targeted security testing assessment of sample systems that resulted in a Topic Brief.  The objective of this application...