FHFA’s Disaster Recovery Exercise for Its General Support System Needs Improvement

Date Issued

Wednesday, September 25, 2024

Submitting OIG

Federal Housing Finance Agency OIG

Other Participating OIGs

Federal Housing Finance Agency OIG

Agencies Reviewed/Investigated

Federal Housing Finance Agency

Report Number

AUD-2024-010

Report Type

Audit

Agency Wide

Yes

Number of Recommendations

Questioned Costs

Funds for Better Use

Open Recommendations

This report has 3 open recommendations.

Recommendation Number	Significant Recommendation	Recommended Questioned Costs	Recommended Funds for Better Use
AUD-2024-010-3	No	$0	$0
FHFA should ensure the After Action Report is consistent with the Recovery Exercise Test Results by documenting all actions taken during the failover and failback of the disaster recovery exercise including all correct dates for when testing was conducted.
AUD-2024-010-4	No	$0	$0
FHFA should perform annual testing of the contingency plan in accordance with the recovery procedures document to ensure failover and failback are conducted as planned.
AUD-2024-010-6	No	$0	$0
FHFA should encrypt all backup data-at-rest at FHFA’s alternate site and update the existing plans of action and milestones to include compensating controls until the plans of action and milestones has been closed.