Federal Reports

The Federal Information Security Modernization Act of 2014 (FISMA) directs Inspectors General to conduct an annual evaluation of the agency information security program. FISMA, Department of Homeland Security (DHS), Office of Management and Budget (OMB) and National Institute of Standards and Technology (NIST) establish information technology (IT) security guidance and standards for Federal agencies. We conducted this evaluation to assess the overall effectiveness of the Department of Housing and Urban Development’s information security (InfoSec) program, assess their compliance with Federal guidance, and respond to OMB reporting questions for the fiscal year 2023 annual assessment. HUD’s InfoSec program averaged a score of 2.60 for the 20 core metrics and a 2.86 for the FY 2023 supplemental metrics, both of which are at the “defined” maturity level and are considered not effective. Although HUD improved overall, four of the five metrics in which HUD dropped in maturity were core metrics. HUD made commendable progress on increasing maturity on 10 metrics and should continue to focus on prioritizing maturity in the 20 core metrics and key cyber executive orders and requirements. These efforts will require a shared responsibility of proper resourcing, planning, and support from all levels of leadership across the Department. We issued 23 recommendations to improve HUD’s InfoSec program.

Opportunities Exist to Strengthen the SEC’s Office of Equal Employment Opportunity Programs and Operations, Report No. 581

OIG audited EAC’s procurements from October 1, 2019, through May 1, 2023, which were executed with internal resources and exceeded the micro-purchase threshold. This included 65 procurements totaling $14.7 million. The objectives of the audit were to determine whether EAC: (1) Complied with selected requirements of the Federal Acquisition Regulation; and (2) Complied with selected provisions of the Digital Accountability and Transparency Act of 2014.

This letter responds to the Government Charge Card Abuse Prevention Act of 2012 (Charge Card Act) reporting requirement for the Federal Trade Commission (FTC) for fiscal year 2024.

This informational report provides general program information of the IIJA EWPP funding. The scope of our work included information about EWPP from June 2021 through November 2023.

The Office of Inspector General completed a final action verification of both recommendations in our December 19, 2018, report on Food Safety and Inspection Service’s Oversight of the New Poultry Inspection System (Audit Report 24601-0006-31).