|Text of Recommendation|| |
FHFA should reinforce, through training and supervision of DER personnel, the requirements established by FHFA, and reinforced by DER guidance, for the risk assessment and supervisory planning process. Specifically: a. Ensure that the annual supervisory strategy identifies significant risks and supervisory concerns and explains how the planned supervisory activities to be conducted during the examination cycle address the most significant risks in the operational risk assessment. (Applies to AUD-2017-010 and AUD-2017-011) b. Ensure that supervisory activities planned during an examination cycle to address the most significant risks in the operational risk assessment are completed within the examination cycle. (Applies to AUD-2017-010)
|Recommendation Number|| |
|Recommendation Status|| |
|Significant Recommendation|| |
|Additional Information|| |
The first part of the recommendation also applies to OIG's report, "FHFA Did Not Complete All Planned Supervisory Activities Related to Cybersecurity Risks at Freddie Mac for the 2016 Examination Cycle" (AUD-2017-011, September 27, 2017).
|Additional Details Link|