Search
Fiscal Year 2021 Federal Information Security Modernization Act (FISMA) Evaluation Report
The Federal Information Security Modernization Act of 2014 (FISMA) directs Inspectors General to conduct an annual evaluation of the agency information security program. FISMA, Department of Homeland Security (DHS), Office of Management and Budget (OMB) and National Institute of Standards and Technology (NIST) establish information technology (IT) security guidance and standards for Federal agencies. We conducted this evaluation to…
February 17, 2022
Report
#2021-OE-0001
Fiscal Year 2021 Federal Information Security Modernization Act (FISMA) Evaluation Security Technical Testing Topic Brief
The Federal Information Security Modernization Act of 2014 (FISMA) requires all federal agencies to conduct independent security technical verification testing on a sampling of information systems annually. In conjunction with our fiscal year 2021 FISMA evaluation (2021-OE-0001), we conducted a targeted security testing assessment of sample systems that resulted in a Topic Brief. The objective of this application vulnerability…
February 15, 2022
Topic Brief
#2021-OE-0001a
HUD’s Processes for Managing IT Acquisitions
We reviewed the U.S. Department of Housing and Urban Development’s (HUD) ability to effectively complete information technology (IT) acquisitions. HUD’s IT systems and its modernization plans depend heavily on contractors, yet HUD has historically faced significant challenges with implementing effective acquisition processes. Therefore, HUD’s acquisition capacity represents a key potential risk within HUD’s IT environment. We found…
November 17, 2021
Report
#2020-OE-0004
HUD Program Offices’ Policies and Approaches for Radon
HUD does not have a departmentwide policy for dealing with radon contamination. Instead, HUD relies on each program office to develop radon policies that align with HUD’s environmental regulations. The three program offices reviewed do not have consistent radon policies. Only Multifamily’s radon policy includes radon testing and mitigation requirements. PIH’s policy strongly encourages but does not require public housing agencies (…
April 12, 2021
Report
#2020-OE-0003
Final Action Memorandum: Purchaser of HUD-Insured Single-Family Property Settled Allegations of Causing the Submission of a False Claim
The U.S. Department of Housing and Urban Development (HUD), Office of Inspector General (OIG), reviewed preforeclosure sales under the Federal Housing Administration (FHA) program in the St. Louis, MO, area. We found that the purchaser of a property being sold in a preforeclosure sale entered into a consulting agreement with the realtor. The agreement required that when the purchaser later sold the property, he would pay half of the…
February 22, 2017
Memorandum
#2017-KC-1801