We completed a risk assessment of the U.S. Department of Housing and Urban Development’s (HUD) grant closeout process as required by the Grants Oversight and New Efficiency (GONE) Act of 2016, Public Law 114-117.  Our objective was to determine whether an audit or review of HUD’s grant closeout process was warranted.  We found that a moderate risk was associated with HUD’s grant closeout process and recommend that a full audit be…

We audited information system controls over the U.S. Department of Housing and Urban Development’s (HUD) computing environment.  This review was conducted as part of our audit of HUD’s financial statements for fiscal year 2017 under the Chief Financial Officer’s Act of 1990.  Our objective was to assess general controls over HUD’s computing environment for compliance with HUD information technology policies and Federal information…

The U.S. Department of Housing and Urban Development, Office of Inspector General (HUD OIG), has completed its annual risk assessment of HUD’s charge cards as required by the Government Charge Card Abuse Prevention Act of 2012, Public Law 112-194, and Office of Management and Budget (OMB) Memorandum M-13-21.  Our objective was to analyze the risks of illegal, improper, or erroneous purchases in HUD’s fiscal year 2016 travel and purchase…

This briefing paper highlights challenges the Department of Housing and Urban Development (HUD) faces in managing and improving its Information Technology (IT) program.  This document analyzed past HUD OIG and GAO IT related reports and recommendations to highlight key management challenges in HUD’s IT program. We are highlighting these challenges so HUD leadership is aware of and can be better prepared to address them. The OIG has…

In accordance with the statutory requirements of the Digital Accountability and Transparency Act of 2014 (DATA Act) and standards established by the Office of Management and Budget (OMB), we audited the U.S. Department of Housing and Urban Development’s (HUD) Office of the Chief Financial Officer’s (OCFO) compliance with the DATA Act for the second quarter of fiscal year 2017. In the DATA Act Compliance Audit of the U.S. Department of Housing…

The Federal Information Security Modernization Act of 2014 (FISMA) directs Inspectors General to conduct an annual evaluation of the agency information security program.  FISMA, Department of Homeland Security (DHS), Office of Management and Budget (OMB) and National Institute of Standards and Technology (NIST) establish information technology (IT) security guidance and standards for Federal agencies. We conducted this evaluation to assess…

The U.S. Department of Housing and Urban Development (HUD), Office of Inspector General audited the HUD’s travel and purchase card programs for fiscal year 2016 based on (1) our annual risk assessment of these programs and (2) our requirement under the Charge Card Abuse Prevention Act of 2012 to periodically review government travel and purchase cards.  The most recent risk assessment found that there was a moderate risk of illegal,…

Enforce the requirement for all HUD web applications and services to be approved and authorized by OCIO. The OIG has determined that the contents of this recommendation would not be appropriate for public disclosure and has therefore limited its distribution to selected officials. Corrective Action Taken In January 2023, HUD's Office of the Chief Information Officer developed and released a Web Applications Directive to all HUD program…

The Digital Accountability and Transparency Act of 2014 (DATA Act) and implementation guidance provided in the Office of Management and Budget Memorandum M-15-12 mandates that Federal agencies must report their financial, budgetary and programmatic information to the USASpending.gov web site by the statutory May 2017 deadline. In our second of two Data Act Readiness Reviews, OIG reviewed the U.S. Department of Housing and Urban Development’s (…

In accordance with the Chief Financial Officers Act of 1990, as amended, we are required to annually audit the consolidated financial statements of the U.S. Department of Housing and Urban Development (HUD). HUD reissued its fiscal year 2016 and 2015 (Restated) consolidated financial statements due to pervasive material errors that were identified by us. Our objective was to express an opinion on the fairness of HUD’s consolidated…

The Federal Information Security Modernization Act of 2014 (FISMA) directs Inspectors General to conduct an annual evaluation of the agency information security program.  FISMA, Department of Homeland Security (DHS), Office of Management and Budget (OMB) and National Institute of Standards and Technology (NIST) establish information technology (IT) security guidance and standards for Federal agencies. We conducted this evaluation to assess…

We audited HUD’s compliance with the fiscal year 2015 travel and purchase card programs based on our required fiscal year 2014 risk assessment, which determined the U.S. Department of Housing and Urban Development’s (HUD) agencywide charge card program to be at medium risk for fraud. Offices of inspector general are required to (1) conduct periodic assessments of the agency charge card programs, (2) perform analyses or audits as necessary, and…

The Digital Accountability and Transparency Act of 2014 (DATA Act), and implementing guidance provided in the Office of Management and Budget Memorandum M-15-12, is a mandate that Federal agencies must follow to report their financial, budgetary and programmatic information to the USASpending.gov web site.  We have reviewed the U.S. Department of Housing and Urban Development’s (HUD) compliance efforts as of July 15, 2016.  To…

The Federal Information Security Modernization Act of 2014 (FISMA) directs the Office of Inspector General (OIG) to conduct an annual evaluation of the U.S. Department of Housing and Urban Development (HUD) information security program.  FISMA, Department of Homeland Security (DHS), Office of Management and Budget (OMB) and National Institute of Standards and Technology (NIST) establish information technology (IT) security guidance and…

We reviewed information system controls over the U.S. Department of Housing and Urban Development’s (HUD) computing environment.  This review was conducted as part of the Office of Inspector General’s audit of HUD’s financial statements for fiscal year 2015 under the Chief Financial Officer’s Act of 1990. The OIG has determined that the contents of this report would not be appropriate for public disclosure and has therefore limited its…

Office of Evaluation, IT Evaluation Division (iTED) conducted an evaluation of HUD’s IT Modernization program, which included reviews on the implementation and maturity of HUD’s capital planning and investment control (CIPIC) process and Enterprise Architecture (EA) program. With the corroboration of HUD’s Office of Chief Information Officer (OCIO), the report focuses on three major IT programs and policies within the CPIC and EA programs: IT…

The Office of Evaluation performed preliminary research of the HUD Office of the Chief Information Officer’s (OCIO) management of the agency’s reporting of financial and project information on the Federal IT Dashboard (Dashboard).  The objective of the evaluation was to determine if OCIO processes ensured accurate IT investment information was reported on the Dashboard.  We found that project managers did not consistently follow…

We reviewed information system controls over the U.S. Department of Housing and Urban Development’s (HUD) computing environment.  This review was conducted as part of the Office of Inspector General’s audit of HUD’s financial statements for fiscal year 2014 under the Chief Financial Officer’s Act of 1990. The OIG has determined that the contents of this report would not be appropriate for public disclosure and has therefore limited its…

We reviewed the general and application controls over the U.S. Department of Housing and Urban Development’s (HUD) Loan Accounting System (LAS) as part of the internal control assessments required for the fiscal year 2014 financial statement audit under the Chief Financial Officer’s Act of 1990.  Our objective was to review the effectiveness of general and application controls over LAS for compliance with HUD information technology…

The Federal Information Security Management Act of 2002 (FISMA) directs the Office of Inspector General (OIG) to conduct an annual evaluation of the U.S. Department of Housing and Urban Development (HUD) information security program.  FISMA, Department of Homeland Security (DHS), Office of Management and Budget (OMB) and National Institute of Standards and Technology (NIST) establish information technology (IT) security guidance and…