Federal Deposit Insurance Corporation
Office of Inspector General
Federal Deposit Insurance Corporation - Office of Inspector General

FDIC Office of Inspector General Ongoing Work

(Information as of December 11, 2018)

Office of Program Audits and Evaluations (PAE)

  • Cost-Benefit Analysis Process for Rulemaking

The evaluation objective is to determine the effectiveness of the FDIC’s cost-benefit analysis process for ensuring that rules are efficient and appropriately tailored.

  • Anti-Sexual Harassment Program

The evaluation objective is to examine the adequacy of the FDIC's policies, procedures, and practices relating to sexual harassment and assess whether allegations of that nature are reported, handled, and addressed in a prompt and effective manner.

  • Readiness for the Next Crisis

Our evaluation objective is to assess the FDIC’s readiness to address crises.

  • Offsite Review Program

Our evaluation objectives are to assess: (1) the Offsite Review Program (ORP) in identifying institutions with emerging supervisory concerns; (2) whether the ORP results in the Division of Risk Management Supervision appropriately adjusting its supervisory strategies for these institutions in a timely manner; and (3) whether the adjusted supervisory strategies are effective.

  • Contract Oversight Management Program

The objective is to assess the FDIC's Contract Oversight Program.

  • The Minority Depository Institution (MDI) Program at the FDIC

The evaluation objective is to examine the FDIC's actions to preserve and promote MDIs and assess whether the program is achieving its goals. Our evaluation will focus on FDIC-supervised MDIs.

  • The FDIC's Loan Sampling Methodology 

The objective is to evaluate (1) the FDIC's loan sample selection methodology, including compliance with Division of Risk Management Supervision guidance and (2) whether the FDIC is generating loan samples that are representative of financial institutions' loan risk exposures.

  • Physical Security Risk Management Process

The objective is to determine the extent to which the FDIC's physical security risk management process meets federal standards and guidelines.


Office of Information Technology Audits and Cyber (ITC)

  • The FDIC's Privacy Program

The objective is to assess the effectiveness of the FDIC's privacy program and practices.

  • Controls for Preventing and Detecting Cyber Threats 

The objective is to assess the effectiveness of the FDIC's network firewalls and security information and event management (SIEM) tool in preventing and detecting cyber threats.

  • Security Configuration Changes and Software Updates to FDIC's Windows Servers

The objective is to determine whether the FDIC has established and implemented controls for managing changes to its Microsoft Windows Server operating system that are consistent with federal requirements and guidelines.  Specifically, we plan to assess FDIC's controls for managing changes to the approved baseline configurations for the Windows server operating system and addressing software updates from the Microsoft Corporation.

 

Print Print
Close