U.S. flag

An official website of the United States government Here’s how you know

The .gov means it’s official.

Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you're on a federal government site.

The site is secure.

The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

HUD FY 2023 Federal Information Security Modernization Act (FISMA) Evaluation Report

The Federal Information Security Modernization Act of 2014 (FISMA) directs Inspectors General to conduct an annual evaluation of the agency information security program. FISMA, Department of Homeland Security (DHS), Office of Management and Budget (OMB) and National Institute of Standards and Technology (NIST) establish information technology (IT) security guidance and standards for Federal agencies.

HUD Personal Identifiable Information Risk Management in a Zero Trust Environment

HUD OIG is performing this evaluation to assess HUD’s capability to meet privacy and data protection requirements and provide appropriate stakeholders with an understanding of any related potential risks to HUD’s data and the operational mission. The evaluation will also provide HUD an independent assessment of the level of maturity it has reached in developing the data and identify pillars of CISA's zero-trust architecture.

Fiscal Year (FY) 2024 Federal Information Security Modernization Act of 2014 (FISMA) Evaluation

HUD OIG is conducting the Fiscal Year (FY) 2024 evaluation of the HUD's information security program and practices, as required by the Federal Information Security Modernization Act of 2014 (FISMA). The objectives are to (1) assess the maturity level of HUD’s InfoSec program and practices based on the annual IG FISMA reporting metrics.

Fiscal Year 2023 Federal Information Security Modernization Act of 2014 Penetration Test Evaluation Report

We have completed our fiscal year (FY) 2023 Federal Information Security Modernization Act of 2014 (FISMA) penetration test and vulnerability assessment.  The objective of this evaluation was to test and verify the technical implementation of a limited set of security controls on judgmentally selected U.S.

Audit of FHA’s Fiscal Years 2023 and 2022 Financial Statements

We contracted with the independent public accounting firm of CliftonLarsonAllen LLP (CLA) to audit the financial statements of FHA as of and for the fiscal years ended September 30, 2023 and 2022, and to provide reports on FHA’s (1) internal control over financial reporting and (2) compliance with laws, regulations, contracts, and grant agreements and other matters.  Our contract with CLA required that the audit be performed in accordance with U.S.

Audit of Government National Mortgage Association’s Fiscal Years 2023 and 2022 Financial Statements

We contracted with the independent public accounting firm of CliftonLarsonAllen LLP (CLA) to audit the financial statements of Ginnie Mae as of and for the fiscal years ended September 30, 2023 and 2022, and to provide reports on Ginnie Mae’s (1) internal control over financial reporting and (2) compliance with laws, regulations, contracts, and grant agreements and other matters.  Our contract with CLA required that the audit be performed in accordance with U.S.

Audit of HUD’s Fiscal Years 2023 and 2022 Financial Statements

We contracted with the independent public accounting firm of CliftonLarsonAllen LLP (CLA) to audit the financial statements of HUD as of and for the fiscal years ended September 30, 2023 and 2022, and to provide reports on HUD’s (1) internal control over financial reporting and (2) compliance with laws, regulations, contracts, and grant agreements and other matters, including whether financial management systems complied substantially with the requirements of the Federal Financial Management Improvement Act of 1996 (FFMIA).  Our contract with CLA required that the audit be perfor

HUD's Compliance with the Payment Integrity Information Act for Fiscal Year 2023

HUD OIG is auditing HUD's compliance with the Payment Integrity Information Act of 2019 (PIIA) for fiscal year 2023. PIIA helps agencies identify improper payments, which could impact HUD’s beneficiaries and ultimately undermines the integrity of HUD’s programs, which hinders HUD in fully achieving its mission. Our objectives are to assess (1) whether HUD has met all requirements of PIIA and OMB Circular A‐123, Appendix C‐Requirements for Payment Integrity improvement and (2) HUD’s efforts to prevent and reduce improper payments.