Opportunities for Improvement within CPD's Risk Management Process for Hurricane Sandy Grants

Date Issued: 
Wednesday, March 29, 2017
Publication/Report Type: 
Inspections & Evaluations
Report Number: 
Program Area(s): 
Community Development Block Grant, Community Planning and Development, Disaster
District of Columbia

The Office of Community Planning and Development (CPD) manages $15.2 billion in disaster recovery funding appropriated by Congress in the Disaster Relief Appropriations Act of 2013 (Sandy Supplemental). CPD distributed the funds to 34 grantees as Community Development Block Grants-Disaster Recovery (CDBG-DR).

CPD uses a risk analysis process to rank grantees that pose the greatest risk to the integrity of its programs. According to CPD, the risk analysis results guide how the monitoring phase of the risk management process is conducted. After CPD management certifies the risk analysis results, management develops a monitoring strategy. By monitoring grantees, CPD aims to ensure that a grantee performs and delivers on the terms of the grant while reducing the possibility of fraud, waste, and mismanagement.

Risk management includes the identification and assessment of potential risk variables that may have a negative impact on the execution of a program. By identifying and assessing risk, program offices are able to target resources more effectively, monitor known risks, and mitigate adverse program effects.

We observed that (1) the risk analysis worksheet did not consider risk related to performance outputs, (2) the risk analysis did not consider the likelihood of risk events occurring, (3) no clear correlation between the risk analysis and monitoring existed, (4) CPD made limited use of data analytics in its risk management process, and (5) CPD staff were not trained to conduct a risk analysis.

We recommend that the Director for the Office of Field Management (1) ensure that the CDBG-DR risk analysis worksheet includes risk factors that show the measurement of performance outputs to determine what activities were completed, and (2) update the risk analysis guidance for CDBG-DR grants to include the assessment of the likelihood of risk occurrence to help management identify which critical risks to address during monitoring. We also recommend that the Director for the Disaster Recovery and Special Issues Division ensure that monitoring strategies correlate to the high-risk areas identified during the risk analysis and are in compliance with the four central categories identified in HUD’s Monitoring Desk Guide.

Finally, we recommend that the General Deputy Assistant Secretary for the Office of CPD ensure that CPD personnel that plan for, award, and manage grants and other forms of financial assistance receive formal risk analysis training.

The online versions of nearly all OIG documents are presented in Adobe's Portable Document Format (PDF). To view documents, you can download Adobe Reader for free.