FHA Catalyst PII Risk Management in a Zero Trust Environment Interim Report
Housing should include zero trust requirements as part of the Housing Strategic Roadmap for Housing Modernization.
Open Recommendation
FHA Catalyst PII Risk Management in a Zero Trust Environment Interim Report
Housing should refine access controls within the FHA Catalyst modules that are dynamic, are tailored to user actions, and require continuous reauthentication to ensure that users have access only to information needed.
Open Recommendation
FHA Catalyst PII Risk Management in a Zero Trust Environment Interim Report
Housing should coordinate with HUD’s SOC to
a. Ensure that FHA Catalyst user behavior monitoring logs are regularly captured and adequately reviewed for discrepancies in user activities.
b. Establish program office responsibility for the log review process.
Open Recommendation
FY 2024 Federal Information Security Modernization Act of 2014 (FISMA) Evaluation Report
HUD OCIO should a) resolve the conflicts between its Inventory of Automated Systems (IAS) policy and web applications policy to clarify if web applications will be inventories in IAS, the web application Sharepoint site, or both; and b) implement the chosen resolution to this conflict to develop a Read More
Open Recommendation
FY 2024 Federal Information Security Modernization Act of 2014 (FISMA) Evaluation Report
HUD OCIO should implement an automated governance, risk, and compliance tool to manage risk from all sources across the three tiers of the organization in a timely manner. This recommendation updates FY 2021 FISMA recommendation number 5 (IG FISMA metrics 5, 9, and 10).
Open Recommendation
FY 2024 Federal Information Security Modernization Act of 2014 (FISMA) Evaluation Report
HUD OCIO should employ automation to maintain a timely and accurate view of security configuration information for all systems connected to its network (IG FISMA metric 20).
Open Recommendation
FY 2024 Federal Information Security Modernization Act of 2014 (FISMA) Evaluation Report
HUD OCIO should demonstrate that it can implement its defined security responses if a baseline configuration is changed without authorization. This can be shown by either a response to a real incident if one happens or through a testing exercise if there are no applicable incidents (IG FISMA Read More
Open Recommendation
FY 2024 Federal Information Security Modernization Act of 2014 (FISMA) Evaluation Report
HUD OCIO should review its security training program and determine whether it should provide general cybersecurity awareness training to external users of its systems and data (IG FISMA metric 44).
Open Recommendation
HUD's Use and Oversight of Telework and Remote Work
Implement a process to identify teleworkers most at risk of receiving incorrect locality payments, verify that their official duty stations are correct and they are reporting to their official duty stations as required, and if necessary, correct their locality payments.
Open Recommendation
Helena real estate agent admits failing to provide lead-based paint disclosures for veterans residing in rental housing at Fort Harrison
HELENA – A Helena real estate agent and property manager today admitted to failing to provide lead-based paint disclosures as required to veterans residing in housing at Fort Harrison, in Helena, which resulted in the exposure of veterans and their families to significant levels of lead, the U.S. Read More
November 05, 2024
News
Press Release
Kalispell company admits filing false claims for payment to federal agency claiming an abatement of lead paint in veterans housing at Fort Harrison
HELENA — Mold Wranglers, Inc., a Kalispell-based company that provides hazardous material mitigation services, today admitted to filing false requests for payment to the U.S. Department of Veterans Affairs claiming an abatement of lead paint was done at Freedom’s Path Fort Harrison when it was not Read More
November 05, 2024
News
Press Release
FHA Catalyst Personally Identifiable Information Risk Management in a Zero Trust Environment (2023-OE-0007a) Interim Evaluation Report
The OIG evaluated the U.S. Department of Housing and Urban Development (HUD) Office of Housing’s (Housing) progress in applying zero trust security principles to protect personally identifiable information (PII) within the Federal Housing Administration (FHA) Catalyst system.HUD was in the Read More
October 31, 2024
Report
#2023-OE-0007a
HUD Fiscal Year 2024 Federal Information Security Modernization Act Evaluation
WASHINGTON DC— Today, the U.S. Department of Housing and Urban Development’s (HUD) Office of Inspector General (OIG) issued its annual independent evaluation of the effectiveness of HUD’s information security (InfoSec) program and practices under the Federal Information Security Modernization Act Read More
October 31, 2024
News
Press Release
HUD FY 2024 Federal Information Security Modernization Act (FISMA) Evaluation Report
The Federal Information Security Modernization Act of 2014 (FISMA) directs Inspectors General to conduct an annual evaluation of the agency information security program. FISMA, Department of Homeland Security (DHS), Office of Management and Budget (OMB) and National Institute of Standards and Read More
October 29, 2024
Report
#2024-OE-0002
HUD OIG Audit Memorandum: Timing of PHA’s Lead-Based Paint Visual Assessments
WASHINGTON DC— Today, the U.S. Department of Housing and Urban Development’s (HUD) Office of Inspector General (OIG) issued a memorandum highlighting how HUD can provide assistance to public housing agencies (PHA) to support timely and efficient visual assessments of lead-based paint. In Read More
October 24, 2024
News
Press Release
Timing of PHAs’ Lead-Based Paint Visual Assessments
The purpose of this memorandum is to alert the U.S. Department of Housing and Urban Development (HUD) to an issue that the Office of the Inspector General (OIG), has identified that affects the timeliness with which public housing agencies (PHA) with units that have lead-based Read More
October 23, 2024
Memorandum
#2025-CH-0801
Audit of HUD’s Compliance with Payment Integrity Information Act (PIIA) for fiscal year 2024
HUD OIG is auditing HUD's compliance with the Payment Integrity Information Act of 2019 (PIIA) for fiscal year 2024. PIIA helps agencies identify improper payments, which could impact HUD’s beneficiaries and ultimately undermines the integrity of HUD’s programs, which hinders HUD in fully achieving Read More
October 01, 2024
Work Start Notification
#FO 25 0001
Former NYCHA Superintendent Convicted Of Bribery And Extortion Offenses
In the First Trial Following a 70-Person Takedown in February 2024, Joy Harris, a Former New York City Housing Authority Superintendent, Was Convicted of Bribery and Extortion for Accepting Cash from Contractors in Exchange for Awarding ContractsDamian Williams, the United States Attorney for the Read More
October 17, 2024
News
Press Release
Top Management Challenges Facing the U.S. Department of Housing and Urban Development in FY 2025
WASHINGTON DC— Today, the U.S. Department of Housing and Urban Development (HUD) Office of Inspector General (OIG) issued its annual Top Management Challenges report for fiscal year (FY) 2025. The report highlights the most serious management and performance challenges facing the Department and Read More
October 17, 2024
News
Press Release
Top Management Challenges Facing the U.S. Department of Housing and Urban Development in FY 2025
Each year, in compliance with Public Law 106-531, the Reports Consolidation Act of 2000, the U.S. Department of Housing and Urban Development (HUD), Office of Inspector General (OIG), issues a report summarizing what we consider the most serious management challenges facing the Department.
October 17, 2024
Top Management Challenges