Federal Deposit Insurance Corporation
Office of Inspector General
Federal Deposit Insurance Corporation - Office of Inspector General

FDIC Office of Inspector General Ongoing Work

(Information as of May 3, 2018)

Office of Program Audits and Evaluations (PAE)

  • Contract Oversight Management Program

The objective is to assess the FDIC's Contract Oversight Program.

  • The Minority Depository Institution (MDI) Program at the FDIC

The evaluation objective is to examine the FDIC's actions to preserve and promote MDIs and assess whether the program is achieving its goals. Our evaluation will focus on FDIC-supervised MDIs.

  • The FDIC's Loan Sampling Methodology 

The objective is to evaluate (1) the FDIC's loan sample selection methodology, including compliance with Division of Risk Management Supervision guidance and (2) whether the FDIC is generating loan samples that are representative of financial institutions' loan risk exposures.

  • Implementing Forward-looking Supervision for High Growth-High Concentration Institutions

The objective is to determine whether the intended outcomes of the Forward-looking Supervision Program have been achieved—the Division of Risk Management Supervision has taken appropriate supervisory action as risks are identified, and the financial institutions have undertaken corrective measures.

  • Physical Security Risk Management Process

The objective is to determine the extent to which the FDIC's physical security risk management process meets federal standards and guidelines.

Office of Information Technology Audits and Cyber (ITC)

  • Payments to Pragmatics, Inc. Under FDIC Contract No. CORHQ-14-G-0549

The objective is to determine whether certain labor charges paid to Pragmatics, Inc. are adequately supported, allowable under the contract, and allocable to task orders.

  • Controls over System Interconnections with Outside Organizations

The audit objective is to assess the FDIC's controls for managing system interconnections with outside organizations. The audit will focus on the FDIC's controls for planning, establishing, maintaining, and terminating systems interconnections.

  • Controls for Preventing and Detecting Cyber Threats 

The objective is to assess the effectiveness of the FDIC's network firewalls and security information and event management (SIEM) tool in preventing and detecting cyber threats.

  • Governance of Information Technology Initiatives 

The objective is to identify key challenges and risks that the FDIC faces with respect to the governance of IT initiatives.  The audit is focusing on the FDIC’s IT governance structure, Enterprise Architecture, and strategic plans in relation to selected IT initiatives, including the planned migration of email operations to the cloud, the deployment of laptop computers to employees and contractor personnel, and the potential adoption of a managed services solution for mobile IT devices.

  • Security Configuration Changes and Software Updates to FDIC's Windows Servers

The objective is to determine whether the FDIC has established and implemented controls for managing changes to its Microsoft Windows Server operating system that are consistent with federal requirements and guidelines.  Specifically, we plan to assess FDIC's controls for managing changes to the approved baseline configurations for the Windows server operating system and addressing software updates from the Microsoft Corporation.


Print Print