Federal Deposit Insurance Corporation
Office of Inspector General
Federal Deposit Insurance Corporation - Office of Inspector General

FDIC Office of Inspector General Ongoing Work

(Information as of November 1, 2019)

Office of Program Audits and Evaluations (PAE)

  • The FDIC’s Allocation and Retention of Safety and Soundness Examination Staff

The objectives are to determine whether:  (1) FDIC’s process for allocating examination staff and subject-matter experts to safety and soundness examinations was consistent with agency strategic goals, internal control standards, and best practices, and (2) FDIC’s activities for retaining safety and soundness examination staff and subject-matter experts were consistent with agency strategic goals, internal control standards, and best practices.

  • The FDIC’s Personnel Suitability and Security Program

The objective is to determine whether the FDIC has an effective program to: (1) complete preliminary suitability screening in a timely manner prior to an individual gaining systems access, (2) order and adjudicate background investigations commensurate with position risk designation and reciprocity rules, and (3) order re-investigations within required timeframes.

  • Evaluation of the FDIC’s Enterprise Risk Management Program

The evaluation objective is to assess the effectiveness of the ERM program implementation efforts relative to relevant criteria and best practices.

  • Cost-Benefit Analysis Process for Rulemaking

Our objective is to determine if the FDIC’s cost benefit analysis process for rules was consistent with best practices.

  • Anti-Sexual Harassment Program

The evaluation objective is to examine the adequacy of the FDIC's policies, procedures, and practices relating to sexual harassment and assess whether allegations of that nature are reported, handled, and addressed in a prompt and effective manner.

  • Readiness for the Next Crisis

Our evaluation objective is to assess the FDIC’s readiness to address crises.

  • Offsite Review Program

Our evaluation objectives are to assess: (1) the Offsite Review Program (ORP) in identifying institutions with emerging supervisory concerns; (2) whether the ORP results in the Division of Risk Management Supervision appropriately adjusting its supervisory strategies for these institutions in a timely manner; and (3) whether the adjusted supervisory strategies are effective.

 


Office of Information Technology Audits and Cyber (ITC)

  • Receiving and Sharing Threat Information to Guide the FDIC's Supervisory Program

We plan to conduct two audits related to the sharing of threat information with FDIC examination staff and insured financial institutions.  The objective of the first audit is to determine whether the FDIC has established processes to receive relevant and actionable threat information and effectively monitor, analyze, disseminate, and use such threat information to guide its supervisory program.  This first audit is focusing on the sharing of threat information among FDIC personnel in the Headquarters, Regional, and Field Offices.   A second audit in the future will focus on how the FDIC ensures financial institutions receive and use relevant and actionable threat information.

  • Security Controls over the Regional Automated Document Distribution and Imaging System (RADD)

The audit objective is to assess the effectiveness of selected security controls for protecting the confidentiality, integrity, and availability of information in RADD.

  • The FDIC's Privacy Program

The objective is to assess the effectiveness of the FDIC's privacy program and practices.

 

 

Print Print
Close