Federal Deposit Insurance Corporation
Office of Inspector General
Federal Deposit Insurance Corporation - Office of Inspector General

FDIC Office of Inspector General Ongoing Work

(Information as of February 6, 2020)

Office of Program Audits and Evaluations (PAE)

  • The FDIC’s Allocation and Retention of Safety and Soundness Examination Staff

The objectives are to determine whether:  (1) FDIC’s process for allocating examination staff and subject-matter experts to safety and soundness examinations was consistent with agency strategic goals, internal control standards, and best practices, and (2) FDIC’s activities for retaining safety and soundness examination staff and subject-matter experts were consistent with agency strategic goals, internal control standards, and best practices.

  • The FDIC’s Personnel Suitability and Security Program

The objective is to determine whether the FDIC has an effective program to: (1) complete preliminary suitability screening in a timely manner prior to an individual gaining systems access, (2) order and adjudicate background investigations commensurate with position risk designation and reciprocity rules, and (3) order re-investigations within required timeframes.

  • Evaluation of the FDIC’s Enterprise Risk Management Program

The evaluation objective is to assess the effectiveness of the ERM program implementation efforts relative to relevant criteria and best practices.

  • Anti-Sexual Harassment Program

The evaluation objective is to examine the adequacy of the FDIC's policies, procedures, and practices relating to sexual harassment and assess whether allegations of that nature are reported, handled, and addressed in a prompt and effective manner.

  • Readiness for the Next Crisis

Our evaluation objective is to assess the FDIC’s readiness to address crises.

  • Evaluation of the FDIC's Termination of Bank Secrecy Act/Anti-Money Laundering Consent Orders

Our objective is to determine whether the FDIC's monitoring process and activities were sufficient to ensure Consent Order provisions were met before termination of the orders.


Office of Information Technology Audits and Cyber (ITC)

  • Mobile Device Security and Management

The audit objective is to determine if the FDIC has established and implemented effective controls to manage and secure its mobile devices.

  • Mobile FDIC's Governance of its Mobile Device Management Solution

The audit objective is to assess the adequacy of the FDIC's governance over its mobile device management solution.

  • Receiving and Sharing Threat Information to Guide the FDIC's Supervisory Program

We plan to conduct two audits related to the sharing of threat information with FDIC examination staff and insured financial institutions.  The objective of the first audit is to determine whether the FDIC has established processes to receive relevant and actionable threat information and effectively monitor, analyze, disseminate, and use such threat information to guide its supervisory program.  This first audit is focusing on the sharing of threat information among FDIC personnel in the Headquarters, Regional, and Field Offices.   A second audit in the future will focus on how the FDIC ensures financial institutions receive and use relevant and actionable threat information.

  • Security Controls over the Regional Automated Document Distribution and Imaging System (RADD)

The audit objective is to assess the effectiveness of selected security controls for protecting the confidentiality, integrity, and availability of information in RADD.

  • Audit of Critical Building Services at FDIC-owned Buildings

The audit objective is to assess whether the FDIC has implemented effective controls to protect electrical power; heating, ventilation, and air conditioning (HVAC); and water services at its Virginia Square office buildings.

 

 

 

Print Print
Close