Federal Deposit Insurance Corporation
Office of Inspector General
Federal Deposit Insurance Corporation - Office of Inspector General

FDIC Office of Inspector General Ongoing Work

(Information as of April 28, 2021)

Office of Program Audits and Evaluations (PAE)

  • The FDIC’s Allocation and Retention of Safety and Soundness Examination Staff

The objectives are to determine whether:  (1) FDIC’s process for allocating examination staff and subject-matter experts to safety and soundness examinations was consistent with agency strategic goals, internal control standards, and best practices, and (2) FDIC’s activities for retaining safety and soundness examination staff and subject-matter experts were consistent with agency strategic goals, internal control standards, and best practices.

  • Evaluation of the FDIC's Termination of Bank Secrecy Act/Anti-Money Laundering Consent Orders

Our objective is to determine whether the FDIC's monitoring process and activities were sufficient to ensure Consent Order provisions were met before termination of the orders.

  • CIGFO Project on Forward-Looking Guidance for Crisis Readiness

The Council of Inspectors General on Financial Oversight (CIGFO) has convened a working group to compile forward-looking guidance for the Financial Stability Oversight Council (FSOC) and its members to consider in preparing for crises.  Each participating OIG, including the FDIC OIG, will identify key lessons that will be of most use to FSOC and its members in preparing for and managing future crises.  These key lessons will be identified from the experiences of Federal agencies and the OIGs during prior crises as well as those learned during the recent pandemic. The resulting forward-looking guidance will be transmitted to FSOC upon completion of the work.

  • Evaluation of Virtual Supervisory Information on the Net System (ViSION) Data Reliability

Our objective is to determine whether key supervisory information in ViSION is reliable.

  • The FDIC’s Administration and Oversight of the AT&T Telecommunications Contract

The objective of our review is to determine if the FDIC authorized and paid AT&T for services to upgrade bandwidth in FDIC field offices in accordance with its existing telecommunications contract and its policies and procedures. 

Office of Information Technology Audits and Cyber (ITC)

  • Mobile Device Security and Management

The audit objective is to determine if the FDIC has established and implemented effective controls to manage and secure its mobile devices.

  • Receiving and Sharing Threat Information to Guide the FDIC's Supervisory Program

We plan to conduct two audits related to the sharing of threat information with FDIC examination staff and insured financial institutions.  The objective of the first audit is to determine whether the FDIC has established processes to receive relevant and actionable threat information and effectively monitor, analyze, disseminate, and use such threat information to guide its supervisory program.  This first audit is focusing on the sharing of threat information among FDIC personnel in the Headquarters, Regional, and Field Offices.   A second audit in the future will focus on how the FDIC ensures financial institutions receive and use relevant and actionable threat information.

  • Audit of Security Controls Over the FDIC’s Wireless Networks  

The audit objective is to determine whether the FDIC has implemented effective security controls to protect its wireless networks.

  • Audit of Security Controls Over the Windows Active Directory 

The audit objective is to assess the effectiveness of controls for securing and managing the Windows Active Directory to protect the FDIC’s network, systems, and data.

  • The FDIC’s Information Security Program–2021  

The audit objective is to evaluate the effectiveness of the FDIC’s information security program and practices.

  • The FDIC’s Implementation of the Information Technology Risk Examination (InTREx) Program  

The audit objective is to determine the effectiveness of the InTREx program in assessing and addressing information technology and cyber risks at FDIC-supervised financial institutions.  

 

 

 

 

 

Print Print
Close