What professional standards do we follow?
Adhering to professional standards ensures that the products we issue can be relied upon by internal and external stakeholders and the American public. We conduct performance audits in accordance with GAO’s Government Auditing Standards, evaluations in accordance with Council of the Inspectors General on Integrity and Efficiency’s (CIGIE) Quality Standards for Inspection and Evaluation, and other reviews in accordance with CIGIE’s Quality Standards for Federal Offices of Inspector General.
We determine which standards to follow after carefully considering several factors, including the criteria we plan to use; the degree of flexibility needed to produce timely, impactful results; stakeholder needs; and the level and depth of evidence needed to draw sound conclusions. Where possible, we leverage data analytic techniques to identify the highest risk areas at the FDIC.
What are the steps in an OIG Audit or Evaluation?
Our assignment process is scalable based on the assignment type. It includes formal touch points with both OIG executive leadership and FDIC stakeholders. Each engagement involves three distinct phases:
Planning: Generally begins when we issue a Planning Memorandum to inform FDIC stakeholders. Teams define the objective(s) and the scope and identify relevant criteria. This phase culminates in the development of the assignment program.
Fieldwork: We issue an Announcement Memorandum to indicate the start of the field work phase. We follow up with FDIC management by conducting a formal entrance conference to discuss the objective, our planned approach, including the criteria we plan to use, and expected timeframes.
Teams complete work to develop the finding elements relevant to the objective. Teams gather and analyze evidence to identify the condition (i.e., status of what is relative to the criteria); the effect (difference between the condition and criteria); the cause (why there is a difference between condition and criteria). Our goal is to develop meaningful action-oriented recommendations.
We strive to keep FDIC management informed of our progress and results. We do so to foster strong working relationships, promote transparency, and consider the program office’s perspective as we develop the findings consistent with professional standards.
Reporting: At the end of field work, we hold a message design meeting with OIG executive stakeholders. Once we reach internal agreement on the report message, the team drafts the report. As part of our quality assurance process, reports are subject to internal review. We generally issue a discussion draft to the FDIC in order to solicit technical comments on the facts presented and the proposed recommendations. Shortly thereafter, we hold an Exit Conference with FDIC officials to discuss their input. We evaluate the FDIC’s input and any additional information provided to update the draft report.
We then issue a formal draft report and request a written response from the FDIC that we include in the final report. When transmitting the formal draft report, we ask FDIC officials to identify any sensitive information that should be redacted and their basis for the redaction. OIG Counsel evaluates that information for the OIG. During this phase, we also complete the OIG’s internal quality assurance process known as referencing. Our final reports are published on the FDIC OIG’s website and generally include the FDIC’s complete written response and the status of OIG recommendations.
Report Distribution. Consistent with our responsibilities under the IG Act, we distribute Final reports to the FDIC Chairman, the FDIC Board, and other FDIC program officials responsible for implementing and tracking report recommendations. We post Final reports to the FDIC OIG external Website generally within 24 hours of providing the report to FDIC internal stakeholders. FDIC OIG reports are also posted to Oversight.gov. When reports contain sensitive information, we redact the report posted to the external website or issue a summary version of the report that contains no sensitive information.
Notice: Pursuant to Pub. L. 117-263, section 5274, non-governmental organizations and business entities identified in these reports have the opportunity to submit a written response for the purpose of clarifying or providing additional context to any specific reference. Comments must be submitted to comments@fdicoig.gov within 30 days of the report publication date as reflected on this website. Any comments will be appended to this report and posted on this website. We request that submissions be Section 508 compliant and free from any proprietary or otherwise sensitive information.