Federal Deposit Insurance Corporation
Office of Inspector General
Federal Deposit Insurance Corporation - Office of Inspector General

FDIC Office of Inspector General Ongoing Work

(Information as of December 2, 2021)

Audits, Evaluations, and Cyber

  • CIGFO Project on Forward-Looking Guidance for Crisis Readiness

The Council of Inspectors General on Financial Oversight (CIGFO) has convened a working group to compile forward-looking guidance for the Financial Stability Oversight Council (FSOC) and its members to consider in preparing for crises.  Each participating OIG, including the FDIC OIG, will identify key lessons that will be of most use to FSOC and its members in preparing for and managing future crises.  These key lessons will be identified from the experiences of Federal agencies and the OIGs during prior crises as well as those learned during the recent pandemic. The resulting forward-looking guidance will be transmitted to FSOC upon completion of the work.

  • The FDIC’s Administration and Oversight of the AT&T Telecommunications Contract

The objective of our review is to determine if the FDIC authorized and paid AT&T for services to upgrade bandwidth in FDIC field offices in accordance with its existing telecommunications contract and its policies and procedures. 

  • Receiving and Sharing Threat Information to Guide the FDIC's Supervisory Program

We plan to conduct two audits related to the sharing of threat information with FDIC examination staff and insured financial institutions.  The objective of the first audit is to determine whether the FDIC has established processes to receive relevant and actionable threat information and effectively monitor, analyze, disseminate, and use such threat information to guide its supervisory program.  This first audit is focusing on the sharing of threat information among FDIC personnel in the Headquarters, Regional, and Field Offices.   A second audit in the future will focus on how the FDIC ensures financial institutions receive and use relevant and actionable threat information.

  • Audit of Security Controls Over the FDIC’s Wireless Networks  

The audit objective is to determine whether the FDIC has implemented effective security controls to protect its wireless networks.

  • Audit of Security Controls Over the Windows Active Directory 

The audit objective is to assess the effectiveness of controls for securing and managing the Windows Active Directory to protect the FDIC’s network, systems, and data.

  • The FDIC’s Implementation of the Information Technology Risk Examination (InTREx) Program  

The audit objective is to determine the effectiveness of the InTREx program in assessing and addressing information technology and cyber risks at FDIC-supervised financial institutions.  

  • Legal Division’s Controls Over Payments to Outside Counsel 

Our objective is to determine whether the Legal Division's review and oversight of payments to outside counsel can be improved. 

  • Whistleblower Rights and Protections in FDIC Contracts

Our objective is to determine whether the FDIC operates in compliance with laws, regulations, and policies designed to ensure notice to contractors and subcontractors about their whistleblower rights and protections.

  • Supply Chain Risk Management

Our evaluation objective is to determine whether the FDIC developed and implemented its Supply Chain Risk Management Program in alignment with the Agency’s goals and best practices.

  • The FDIC's Examination of Government-Guaranteed Loans

The objective is to determine the effectiveness of the FDIC’s examinations in identifying and addressing undue risks and weak management practices for banks that participate in government-guaranteed loan programs. 

 

Print Print
Close