The CFPB Can Enhance Its Processes for Storing and Disposing of Its IT Asset Inventory

Date Issued

Tuesday, November 4, 2025

Submitting OIG

Federal Reserve Board & CFPB OIG

Agencies Reviewed/Investigated

Consumer Financial Protection Bureau

Report Number

2025-FMIC-C-013

Report Type

Audit

Agency Wide

Yes

Number of Recommendations

Questioned Costs

Funds for Better Use

Report updated under NDAA 5274

External Link

Open Recommendations

This report has 2 open recommendations.

Recommendation Number	Significant Recommendation	Recommended Questioned Costs	Recommended Funds for Better Use
1	No	$0	$0
Update relevant policies or procedures to include processes for transitioning assets through the inventory life cycle, including a. identifying IT assets that have completed their life cycle as ready for disposal or requiring a justification for retaining those assets. b. establishing a schedule for asset disposal, implementing measures to monitor the asset disposal schedule, and reporting on the agency’s progress for fulfilling disposal expectations once established.
2	No	$0	$0
Update relevant policies or procedures to establish systematic methods for storing and organizing IT assets, including a. formally designating rooms for certain assets and defining and implementing security measures for each storage room based on the room’s designated assets. b. organizing rooms to ensure that in stock assets containing hard drives are not mixed with those designated as pending disposal and creating a plan to systematically stage and prepare IT assets for disposal, including confirmation that the assets designated as pending disposal do not contain hard drives before disposing of them.