SlideShare ist ein Scribd-Unternehmen logo

oig-work-plan

R
Rudy Alvarez
1 von 13
Downloaden Sie, um offline zu lesen
February 27, 2015 Current as of ongoing and planned audit and evaluation projects Work Plan
Work Plan | Current as of February 27, 2015 Overview The Work Plan presents the audits and evaluations that the Office of Inspector General (OIG) is conducting to assist the Board of Governors of the Federal Reserve System (Board) and the Consumer Financial Protection Bureau (CFPB) in fulfilling their respective missions. Our statutory mandates are our highest priority, and with our remaining resources, we focus on those programs and operations that pose the highest risk to achieving the Board’s and the CFPB’s strategic goals, objectives, and priorities; meeting budgetary and financial commitments; and complying with applicable laws, regulations, and guidance. The Work Plan is updated twice a month. Projects are categorized as ongoing or planned. Entries for ongoing projects include the calendar quarter in which the project is expected to be completed. For a list of completed projects, please view the Audit Reports page on our website. The OIG may be required to perform unanticipated work based on congressional requests, OIG Hotline complaints, new statutory mandates, or other input. Such work, as well as resource constraints, may result in the deferral, cancellation, or modification of projects. Our effectiveness depends on our flexibility to address other priorities as they arise. For congressional, media, or other inquiries, please e-mail oig.media@frb.gov or call John Manibusan at 202-973-5043.
Work Plan | Current as of February 27, 2015 Contents Board: Ongoing Projects 1 Board: Planned Projects 5 CFPB: Ongoing Projects 7 CFPB: Planned Projects 10
Work Plan | Current as of February 27, 2015 1 of 10 Board: Ongoing Projects with calendar quarter of expected completion Audit of the Board's Diversity and Inclusion Processes First quarter 2015 In response to a congressional request, we initiated an audit of the Board’s diversity and inclusion processes. The objective of this audit is to assess the Board’s personnel operations and other efforts to provide for equal employment opportunities, including equal opportunity for minorities and women to obtain senior management positions, and for racial, ethnic, and gender diversity in the workforce. Our work will include looking at the role of the Board’s Office of Minority and Women Inclusion in these areas. Audit of the Board's STAR Modernization Project First quarter 2015 STAR is the central computer application used by the statistics function at the Federal Reserve Banks and the Board to collect and edit over 75 periodic statistical reports from financial institutions.These data reports are subsequently delivered to end users at the Board, the Federal Reserve Bank of New York’s Trading Desk, and the Federal Reserve Banks’ Economic Research and Banking Supervision Divisions for use in performing their duties regarding monetary policy and supervision and regulation of financial institutions. STAR is also used by the Federal Reserve System’s Reserve Administration function to calculate reserve requirements, monitor reserve balances, and perform other activities. In addition, STAR produces reserve account information that can be used by depository institutions to manage their accounts effectively.The current technology is being updated to better support business needs and to include a server-based environment and support by the Federal Reserve System’s National IT.The Board began decommissioning the legacy STAR system in 2014. Our audit focus includes the adequacy and internal controls of the development process for the new system, including the cost and schedule. In addition, we are determining how security controls are being built into the system. Board Financial Statements as of and for the Years Ended December 31, 2014 and 2013, and Independent Auditors' Reports First quarter 2015 The OIG contracted with an independent public accounting firm to audit the 2014 financial statements of the Board.The OIG will oversee the activities of the independent public accounting firm to ensure compliance with generally accepted government auditing standards and Public Company Accounting Oversight Board auditing standards related to internal controls over financial reporting. Evaluation of the Board's Corporate Services First quarter 2015 The Board continues to provide corporate services, such as Mail Services, Motor Transport services, and Print Shop services, across all divisions. Our objective is to assess the extent to which Board staff use these services and to identify potential economies and efficiencies. Evaluation of the Operational Components of the Board's Law Enforcement Unit (LEU) First quarter 2015 Following the enactment of the USA Patriot Act of 2001, which granted the Board certain law enforcement authorities, the Board increased its security staff to include federal law enforcement officers.The LEU safeguards most Board-designated property and personnel 24 hours a day, 7 days a week.This evaluation is assessing the economy and efficiency of the LEU, including the various operational components within the organization.This review considers the
Work Plan | Current as of February 27, 2015 2 of 10 LEU’s staffing models, cost reduction efforts in process, and potential enhancements to LEU operations that may use security technology more effectively. Federal Financial Institutions Examination Council (FFIEC) Financial Statements as of and for the Years Ended December 31, 2014 and 2013, and Independent Auditors' Reports First quarter 2015 The OIG contracted with an independent public accounting firm to audit the 2014 financial statements of the FFIEC. (The Board performs the accounting function for the FFIEC.) The OIG will oversee the activities of the independent public accounting firm to ensure compliance with generally accepted government auditing standards. In-Depth Review of the Failure of Waccamaw Bank First quarter 2015 We determined that the failure of Waccamaw Bank, located in Whiteville, North Carolina, presented unusual circumstances warranting an in-depth review. When a loss to the Deposit Insurance Fund presents unusual circumstances, section 38(k) of the Federal Deposit Insurance Act, as amended by the Dodd-Frank Act, requires that the Inspector General conduct a material loss review. As required by the provisions of section 38(k), we are • reviewing the agency’s supervision of the failed institution, including the agency’s implementation of prompt corrective action • ascertaining why the institution’s problems resulted in a material loss to the Deposit Insurance Fund • making recommendations for preventing any such loss in the future Security Control Review of the Board’s C-SCAPE System First quarter 2015 The Federal Information Security Management Act of 2002 requires that each agency Inspector General evaluate a representative subset of the agency’s information systems. As part of meeting this requirement, we are conducting a security control review of the Board’s Consolidated Supervision Comparative Analysis, Planning and Execution (C-SCAPE) system. C-SCAPE is a data input and reporting tool used to support the supervisory program. C-SCAPE is intended to support the Large Institution Supervision Coordinating Committee’s reengineered supervisory processes for large banking organizations, foreign banking organizations, and financial market utilities. Our specific audit objective is to evaluate the adequacy of certain control techniques designed to protect data in the system from unauthorized access, modification, destruction, or disclosure. Evaluation of the Division of Banking Supervision and Regulation's (BS&R) Model Risk-Management Practices for Models Used in Support of the Annual Comprehensive Capital Analysis and Review (CCAR) Second quarter 2015 CCAR is the largest initiative of the Operating Committee of the Large Institution Supervision Coordinating Committee. CCAR is a supervisory assessment of the capital planning processes and capital adequacy of the largest, most complex bank holding companies. We are reviewing BS&R’s model risk-management practices, including model validation activities, for the supervisory models used in support of the CCAR stress testing. Audit of the Board's Data Governance Third quarter 2015 Strategic theme 2 of the Board’s Strategic Framework 2012–15 calls for redesigning data governance and management processes to enhance the Board’s data environment in the wake of the Board’s expanded
Work Plan | Current as of February 27, 2015 3 of 10 mandates under the Dodd-Frank Act.Theme 2 objectives consist of improving data governance by establishing a new Office of the Chief Data Officer and ensuring clear roles and responsibilities among data users and the Board Data Council; ensuring that all enterprise data are appropriately handled, processed, stored, and disseminated; and strengthening the Board’s data environment by establishing an infrastructure to share data and improve data integration. Our audit is focused on obtaining information on the current plans and activities to achieve the theme 2 strategic objectives and the progress made, including efforts to share data among divisions and achieve potential efficiencies in the procurement of data. Audit of the Financial Stability Oversight Council's (FSOC) Oversight of Interest Rate Risk Third quarter 2015 In 2014, the Council of Inspectors General on Financial Oversight (CIGFO) convened a working group to audit FSOC’s oversight of interest rate risk. As the independent oversight entity of the Board and the CFPB, the OIG is a member of CIGFO and the working group.The audit objective is to assess the extent to which FSOC is overseeing interest rate risk to the financial system.The CIGFO working group plans to issue a report to FSOC in April 2015. Audit of the Board's Public Release of Economic Information Fourth quarter 2015 The Board produces several economic publications and statistical releases on a periodic schedule. Many of these releases have the potential to influence market trading; therefore, the Board needs to have sufficient controls over the release of this sensitive information to the public. We are auditing the Board’s processes to ensure that these data are properly safeguarded on the day of issuance. Evaluation of the Examination Approach Used to Assess Office of Foreign Assets Control (OFAC) Compliance Fourth quarter 2015 In the past few years, there have been high-profile instances of foreign banking organizations (FBOs) operating in the United States that were facilitating payments to prohibited entities on OFAC’s list of specially designated nationals.The Federal Financial Institutions Examination Council’s Bank Secrecy Act/ Anti-Money Laundering Examination Manual contains specific examination procedures for assessing OFAC compliance programs.This evaluation seeks to assess the effectiveness of the Board’s and the Federal Reserve Banks’ approach to examining the OFAC compliance programs for FBOs operating in the United States. This evaluation will assess the extent to which the current examination approach to OFAC compliance should be updated based on (1) lessons learned from these incidents or (2) evolving expectations for OFAC compliance programs based on recent updates to the sanctions list. Evaluation of the Federal Reserve System’s Practices for Addressing Divergent Views and Making Supervisory Decisions for Large Banking Holding Companies First quarter 2016 In response to a request from the Board dated November 17, 2014, the OIG is conducting an evaluation of the Federal Reserve System’s practices for addressing divergent views and making supervisory decisions regarding large bank holding companies. The Board requested that we initiate a review related to the manner in which the Federal Reserve System conducts examinations of bank holding companies with total assets in excess of $50 billion, known as Large Institution Supervision Coordinating Committee (LISCC) firms and large banking organizations (LBOs). As part of our project, we also plan to evaluate the effectiveness of continuous monitoring as a supervisory tool for LISCC firms and LBOs. Our objectives are to (1) assess the methods for Federal Reserve System decisionmakers to obtain material
Work Plan | Current as of February 27, 2015 4 of 10 information necessary to ensure that decisions and conclusions resulting from supervisory activities at LISCC firms and LBOs are appropriate, supported by the record, and consistent with applicable policies; (2) determine whether there are adequate channels for Federal Reserve System decisionmakers to be aware of supervision staff’s divergent views about material issues regarding LISCC firms and LBOs; and (3) assess the effectiveness of continuous monitoring as a supervisory tool for LISCC firms and LBOs. Our work will include reviewing applicable Board and Federal Reserve Bank policies and procedures, meeting with staff from the Board and the Federal Reserve Banks, and reviewing documentation associated with supervisory activities. We plan to visit a sample of Federal Reserve Banks that have responsibility for supervising LISCC firms and LBOs. This project is an evaluation conducted pursuant to the Council of the Inspectors General on Integrity and Efficiency’s Quality Standards for Inspection and Evaluation and is not a criminal, civil, or administrative investigation. Unlike investigations conducted by law enforcement officials that may assess the actions of individual employees, auditors conduct evaluations that assess the effectiveness and efficiency of agency programs and operations. Our evaluations typically result in reports issued to Board officials that often include recommendations designed to improve the efficiency and effectiveness of the agency’s operations, programs, and policies.
Work Plan | Current as of February 27, 2015 5 of 10 Board: Planned Projects Audit of the Board's Contract Administration According to a recent U.S. Government Accountability Office report, agencies across the federal government increasingly rely on contractors to execute their missions.The government needs strong controls to provide reasonable assurance that these contract funds are not being lost to improper payments, waste, or mismanagement. Effective contract oversight, which includes effective internal controls throughout the contracting process, is essential to protecting government and taxpayer interests. Our focus will be to identify and assess the effectiveness of internal controls related to contract administration. Audit of the Board's C-SCAPE Project Building on lessons learned from the recent financial crisis, the Federal Reserve System has taken a number of important steps to improve its supervisory program for large financial institutions.The Consolidated Supervision Comparative Analysis, Planning and Execution (C-SCAPE) application is a data input and reporting tool used to support the supervisory program. C-SCAPE is intended to support the Large Institution Supervision Coordinating Committee’s reengineered supervisory processes for large banking organizations, foreign banking organizations, and financial market utilities. C-SCAPE is being updated to match the new framework for the consolidated supervision of large financial institutions. Our focus will be to identify and assess the effectiveness of internal controls related to project management, including the oversight provided by the Investment Review Board. Audit of the Board's Process for Supervisory Assessments of Large Bank Holding Companies and Savings and Loan Holding Companies The Dodd-Frank Act directed the Board to collect assessments, fees, and other charges for bank holding companies, savings and loan holding companies, and nonbank financial companies supervised by the Board. The collection process is new to the Board; the Federal Reserve System has not previously assessed supervised entities to cover expenses related to supervision. In addition, this process requires a coordinated effort among various divisions at the Board and with the Federal Reserve Banks.The Board issued a final rule in August 2013 that further describes the collection process for the supervised entities. We plan to evaluate the Board’s internal controls related to the collection of these assessment fees as well as their disbursement. Audit of the Board's Strategic Plan Implementation and Governance Effective strategic planning helps organizations identify priorities and mitigate risks to achieving their missions. The Board’s Strategic Framework 2012–15 contains six themes, including the importance of strengthening governance over its management processes to enable the effective implementation of the strategic framework’s goals. We plan to assess the Board’s implementation of its strategic plan, including how it measures strategic outcomes, identifies potential risks or challenges, establishes accountability, and monitors progress in implementing the framework. Board Security Control Reviews The Federal Information Security Management Act of 2002 requires that each agency Inspector General evaluate a representative subset of the agency’s information systems, including third-party systems.To meet this requirement, we will conduct security control reviews of a sample of the Board’s major applications and general support system components throughout the year. We will use automated audit scanning tools to assist with conducting the security control reviews. For 2014, we plan to focus our scanning on web application, mainframe, VMware, Apache, and IIS technologies.
Work Plan | Current as of February 27, 2015 6 of 10 Evaluation of Systemically Important Financial Institutions Supervision Teams: Preserving and Transferring Institutional Knowledge Within and Between Supervisory Teams Preserving and transferring institutional knowledge contributes to effective supervision, particularly in light of examiner rotation requirements, examiner turnover, and the Board’s and the Reserve Banks’ evolving supervisory responsibilities.This evaluation will assess Board guidance and the controls implemented by the Federal Reserve Banks of New York, San Francisco, Richmond, and Boston (the Reserve Banks responsible for supervising the systemically important financial institution portfolio) to evaluate the best practices for preserving and transferring institutional knowledge (1) within a supervisory team and (2) from an existing supervisory team to a new team. Failed Bank Reviews Section 38(k) of the Federal Deposit Insurance Act, as amended by the Dodd-Frank Act, requires that the Inspector General of the appropriate federal banking agency review the agency’s supervision of a failed institution when the associated losses to the Deposit Insurance Fund are above the materiality threshold or are at or below the threshold but exhibit unusual circumstances warranting an in-depth review. In such cases, the Inspector General must prepare a report in a manner consistent with the requirements of a material loss review. For losses to the Deposit Insurance Fund that occurred from January 1, 2012, through December 31, 2013, a $150 million threshold applies; for all such losses occurring on or after January 1, 2014, the materiality threshold is $50 million.
Work Plan | Current as of February 27, 2015 7 of 10 CFPB: Ongoing Projects with calendar quarter of expected completion Audit of the CFPB's Contract Management Process First quarter 2015 The CFPB’s procurement process follows the requirements established by the Federal Acquisition Regulation, which is the primary regulation governing the acquisition of supplies and services by all federal executive agencies.This audit is a follow-on to the evaluation of the CFPB’s contract solicitation and selection process. Our focus will be on the CFPB’s contract management processes, compliance with applicable rules established by the Federal Acquisition Regulation, and the effectiveness of the CFPB’s internal controls related to contract management. Audit of the CFPB's Diversity and Inclusion Processes First quarter 2015 In response to a congressional request, we initiated an audit of the CFPB’s diversity and inclusion processes. The objective of this audit is to assess the CFPB’s personnel operations and other efforts to provide for equal employment opportunities, including equal opportunity for minorities and women to obtain senior management positions, and for racial, ethnic, and gender diversity in the workforce. Our work will include looking at the role of the CFPB’s Office of Minority and Women Inclusion in these areas. Audit of the CFPB's Headquarters Renovation Costs First quarter 2015 In June 2014, we completed a review and issued a letter report in response to a request from the Chairman of the Subcommittee on Oversight and Investigations, House Committee on Financial Services, regarding the CFPB’s headquarters renovation budget. As a follow- on to this work, we are evaluating the reasonableness of the overall estimated and proposed costs for the CFPB’s headquarters renovation. We will also assess the effectiveness of the CFPB’s processes and controls for approving, managing, and documenting headquarters renovation costs and project decisions. Audit of the CFPB's Public Consumer Complaint Database First quarter 2015 In June 2012, the CFPB became the first federal regulator to publicly share individual-level consumer financial complaint data. While the Consumer Complaint Database initially contained only credit card complaints, the CFPB has extended the database to other consumer financial products and services covered by the CFPB. Our audit objective is to assess the effectiveness of the CFPB’s controls over the accuracy and completeness of the public complaint database. Audit of the CFPB's Space-Planning Activities First quarter 2015 The CFPB is in the process of renovating its headquarters building. As the CFPB continues to add personnel and simultaneously manage office space allocation, the funds to be expended for the renovation as well as for the additional space required for displaced and new employees will likely be significant. We will determine whether the CFPB has established adequate controls to properly manage its space needs and whether the CFPB is complying with applicable requirements. Audit of the CFPB's Tableau System First quarter 2015 The Federal Information Security Management Act of 2002 (FISMA) requires that each agency Inspector General evaluate a representative subset of the agency’s information systems, including third-party systems. As part of meeting this requirement, we are conducting a
Work Plan | Current as of February 27, 2015 8 of 10 security control review of the CFPB’s Tableau system. Tableau is an application used to develop, publish, and view business intelligence data. Our focus is to review the adequacy of certain security controls designed to protect data in the system from unauthorized access, modification, destruction, or disclosure. Evaluation of the CFPB's Hiring Process First quarter 2015 In accordance with section 1013(a)(1)(B) of the Dodd- Frank Act, the Director of the CFPB “is authorized to employ attorneys, compliance examiners, compliance supervision analysts, economists, statisticians, and other employees as may be deemed necessary to conduct the business of the Bureau.”We initiated this evaluation in response to the CFPB’s volume of hiring and its establishment of field offices.The objective of our evaluation is to assess the efficiency and effectiveness of certain CFPB recruitment and selection subprocesses, including (1) assessment and vacancy announcement creation, (2) hiring authority and vacancy announcement posting, and (3) evaluation and selection of candidates. We are also evaluating the agency’s compliance with applicable laws, regulations, and policies.This evaluation includes a review of competitive service, excepted service, and special program hiring practices. In addition, we are reviewing the CFPB’s administration of recruitment and selection incentives to recruit new employees. Joint Evaluation of Coordination Between the CFPB and Other Regulatory Agencies First quarter 2015 The Board-CFPB OIG, the Federal Deposit Insurance Corporation OIG, the National Credit Union Administration OIG, and the U.S. Department of the Treasury OIG are conducting an evaluation of the coordination between the CFPB and other regulatory agencies with respect to conducting supervisory activities.The Dodd-Frank Act requires the CFPB to coordinate its supervisory activities with the federal prudential regulatory agencies and state financial regulatory authorities. In June 2012, the CFPB and the prudential regulatory agencies issued a memorandum of understanding to clarify how the agencies will coordinate their supervisory activities.The objective of the evaluation is to confirm that the required coordination is occurring and has been effective in avoiding conflicts or duplication of efforts. Security Control Review of the CFPB's DT Complaints Database First quarter 2015 The Federal Information Security Management Act of 2002 requires that each agency Inspector General evaluate a representative subset of the agency’s information systems. As part of meeting this requirement, we are conducting a security control review of the CFPB’s DT Complaints Database.The DT Complaints Database supports the CFPB’s Public Consumer Complaint Database. Our specific audit objective is to evaluate the adequacy of certain control techniques designed to protect data in the system from unauthorized access, modification, destruction, or disclosure. Audit of the CFPB's Distribution of Funds From the Civil Penalty Fund Second quarter 2015 The Dodd-Frank Act established the Civil Penalty Fund.The CFPB must deposit any civil penalty it obtains in any judicial or administrative action under federal consumer financial law into the fund.The CFPB is to use the funds collected to compensate consumers who were harmed by activities for which civil penalties have been imposed.To the extent that victims cannot be located or payment is not practicable, the CFPB may use the funds for consumer education and financial literacy programs. Our audit is focused on internal controls related to the administration of the Civil Penalty Fund. Specifically, our audit will assess the efficiency and effectiveness of the process for identifying victims.
Work Plan | Current as of February 27, 2015 9 of 10 Evaluation of the Effectiveness of the CFPB's Examination Workpaper Documentation Second quarter 2015 The CFPB’s Supervision and Examination Manual (version 2.0) summarizes the agency’s expectations for workpaper documentation to support the results of its examination activity.The manual describes the following three principal purposes for workpaper documentation: (1) providing a record of the work performed that supports examination results, (2) maintaining the evidence necessary to support supervisory agreements or formal enforcement actions, and (3) facilitating internal quality control reviews. This evaluation will assess the CFPB’s policies and procedures for documenting examination results, the training programs and materials used to implement workpaper documentation expectations, and the extent to which each of the CFPB’s regions meets those expectations.
Work Plan | Current as of February 27, 2015 10 of 10 CFPB: Planned Projects Audit of the CFPB's Pay and Compensation Program The CFPB is required by the Dodd-Frank Act to provide employees with compensation and benefits that, at a minimum, are comparable to those of the Board, regardless of any otherwise applicable provisions of title 5 of the United States Code. We plan to audit the CFPB’s pay and compensation program for compliance with applicable statutory requirements.This audit will include assessing the controls around setting employees’ pay. Evaluation of the CFPB Enforcement Office's Processes for Protecting Confidential Information The Enforcement office within the Division of Supervision, Enforcement, and Fair Lending routinely possesses confidential information as a result of the agency exercising its enforcement powers under title X, subtitle E, of the Dodd-Frank Act. For example, the CFPB can issue civil investigative demands to compel document production when the CFPB has reason to believe that a violation of federal consumer financial law has occurred.This evaluation will assess the Enforcement office’s regulations, policies, and procedures for safeguarding confidential information and the effectiveness of its controls designed to maintain the confidentiality of such information. Evaluation of the CFPB's Compliance With the Requirements for Issuing Civil Investigative Demands (CIDs) Section 1052(c) of the Dodd-Frank Act authorizes the CFPB to issue CIDs when the agency has reason to believe that a person has documentary materials, tangible things, or any other information relevant to a possible violation of federal consumer financial law. These CIDs may be issued to produce documents, produce tangible things, or compel testimony. Section 1052(c) contains a series of compliance requirements related to the use of CID authority, ranging from mandatory content requirements to procedures for issuing CIDs.This evaluation will assess the CFPB’s (1) policies and procedures for issuing CIDs, (2) training programs and materials related to the issuance of CIDs, and (3) compliance with section 1052(c)’s requirements, applicable regulations, and the agency’s policies and procedures for issuing CIDs.

Empfohlen

Asset Manager’s Guide to SOC 1
Asset Manager’s Guide to SOC 1Asset Manager’s Guide to SOC 1
Asset Manager’s Guide to SOC 1Grant Thornton LLP
 
Q1 2020 Earnings Presentation
Q1 2020 Earnings PresentationQ1 2020 Earnings Presentation
Q1 2020 Earnings PresentationQTSDataCenters
 
Q4 15 results presentation final
Q4 15 results presentation finalQ4 15 results presentation final
Q4 15 results presentation finalInvestorMarkit
 
ACC 626 IFRS Implications on IT
ACC 626 IFRS Implications on ITACC 626 IFRS Implications on IT
ACC 626 IFRS Implications on ITMadeline Chiu
 
Dodd-Frank Executive Compensation Update – Rounding the Final Turn?
Dodd-Frank Executive Compensation Update – Rounding the Final Turn? Dodd-Frank Executive Compensation Update – Rounding the Final Turn?
Dodd-Frank Executive Compensation Update – Rounding the Final Turn? Winston & Strawn LLP
 
4Q19 Earnings Presentation
4Q19 Earnings Presentation4Q19 Earnings Presentation
4Q19 Earnings PresentationJustinHorstman1
 
2018-2019 Strategic Plan and Performance Report - Final
2018-2019 Strategic Plan and Performance Report - Final2018-2019 Strategic Plan and Performance Report - Final
2018-2019 Strategic Plan and Performance Report - FinalE.S.G. JR. Consulting, Inc.
 
Quintiles’ Second Quarter 2015 Earnings Call
Quintiles’ Second Quarter 2015 Earnings CallQuintiles’ Second Quarter 2015 Earnings Call
Quintiles’ Second Quarter 2015 Earnings CallQuintiles2014
 

Empfohlen

Asset Manager’s Guide to SOC 1
Asset Manager’s Guide to SOC 1Asset Manager’s Guide to SOC 1
Asset Manager’s Guide to SOC 1Grant Thornton LLP
 
Q1 2020 Earnings Presentation
Q1 2020 Earnings PresentationQ1 2020 Earnings Presentation
Q1 2020 Earnings PresentationQTSDataCenters
 
Q4 15 results presentation final
Q4 15 results presentation finalQ4 15 results presentation final
Q4 15 results presentation finalInvestorMarkit
 
ACC 626 IFRS Implications on IT
ACC 626 IFRS Implications on ITACC 626 IFRS Implications on IT
ACC 626 IFRS Implications on ITMadeline Chiu
 
Dodd-Frank Executive Compensation Update – Rounding the Final Turn?
Dodd-Frank Executive Compensation Update – Rounding the Final Turn? Dodd-Frank Executive Compensation Update – Rounding the Final Turn?
Dodd-Frank Executive Compensation Update – Rounding the Final Turn? Winston & Strawn LLP
 
4Q19 Earnings Presentation
4Q19 Earnings Presentation4Q19 Earnings Presentation
4Q19 Earnings PresentationJustinHorstman1
 
2018-2019 Strategic Plan and Performance Report - Final
2018-2019 Strategic Plan and Performance Report - Final2018-2019 Strategic Plan and Performance Report - Final
2018-2019 Strategic Plan and Performance Report - FinalE.S.G. JR. Consulting, Inc.
 
Quintiles’ Second Quarter 2015 Earnings Call
Quintiles’ Second Quarter 2015 Earnings CallQuintiles’ Second Quarter 2015 Earnings Call
Quintiles’ Second Quarter 2015 Earnings CallQuintiles2014
 
Rexnord Corporation (RXN) Q4 Fiscal Year 2020 Financial Results
Rexnord Corporation (RXN) Q4 Fiscal Year 2020 Financial ResultsRexnord Corporation (RXN) Q4 Fiscal Year 2020 Financial Results
Rexnord Corporation (RXN) Q4 Fiscal Year 2020 Financial ResultsRexnord
 
3Q19 Earnings Presentation (FINAL)
3Q19 Earnings Presentation (FINAL)3Q19 Earnings Presentation (FINAL)
3Q19 Earnings Presentation (FINAL)JustinHorstman1
 
201310 Risk Aggregation and Reporting. More than Just a Data Issue
201310 Risk Aggregation and Reporting. More than Just a Data Issue201310 Risk Aggregation and Reporting. More than Just a Data Issue
201310 Risk Aggregation and Reporting. More than Just a Data IssueFrancisco Calzado
 
Overview of regulations on audit and accounts 2020
Overview of regulations on audit and accounts 2020Overview of regulations on audit and accounts 2020
Overview of regulations on audit and accounts 2020soniabedi4
 
Financial management modernization at the usda positively impacts mission
Financial management modernization at the usda positively impacts missionFinancial management modernization at the usda positively impacts mission
Financial management modernization at the usda positively impacts missioncathylums
 
Lesson 20 Basic Elements of Control
Lesson 20 Basic Elements of ControlLesson 20 Basic Elements of Control
Lesson 20 Basic Elements of ControlDR. RHEA SANTILLAN
 
Marketing Accounting Firms: presentation for the HKICPA
Marketing Accounting Firms: presentation for the HKICPAMarketing Accounting Firms: presentation for the HKICPA
Marketing Accounting Firms: presentation for the HKICPARobert_Sawhney
 
PFS Web Corporate Presentation January 2016
PFS Web Corporate Presentation January 2016PFS Web Corporate Presentation January 2016
PFS Web Corporate Presentation January 2016Company Spotlight
 
Teck’s Q2 2019 Financial Results and Investors’ Conference Call
Teck’s Q2 2019 Financial Results and Investors’ Conference CallTeck’s Q2 2019 Financial Results and Investors’ Conference Call
Teck’s Q2 2019 Financial Results and Investors’ Conference CallTeckResourcesLtd
 
TCF 1Q20 Earnings Presentation
TCF 1Q20 Earnings PresentationTCF 1Q20 Earnings Presentation
TCF 1Q20 Earnings PresentationJustinHorstman1
 
Are Your Internal Controls in Order?
Are Your Internal Controls in Order? Are Your Internal Controls in Order?
Are Your Internal Controls in Order? Rachel Werner, MPA, GPC, PMP
 
Banks brace for risk data aggregation and reporting
Banks brace for risk data aggregation and reportingBanks brace for risk data aggregation and reporting
Banks brace for risk data aggregation and reportingMarkit
 
ISA 402 Audit Considerations Relating to an Entity Using a Service Organisation
ISA 402 Audit Considerations Relating to an Entity Using a Service OrganisationISA 402 Audit Considerations Relating to an Entity Using a Service Organisation
ISA 402 Audit Considerations Relating to an Entity Using a Service OrganisationSazzad Hossain, ITP, MBA, CSCA™
 
PCI Media Impact Inc - 2015 FS and OMB Uniform Guidance
PCI Media Impact Inc - 2015 FS and OMB Uniform GuidancePCI Media Impact Inc - 2015 FS and OMB Uniform Guidance
PCI Media Impact Inc - 2015 FS and OMB Uniform GuidancePCIMediaImpact
 
Financial audit
Financial auditFinancial audit
Financial auditEMAC Consulting Group
 
TCF 2Q20 Earnings Presentation
TCF 2Q20 Earnings PresentationTCF 2Q20 Earnings Presentation
TCF 2Q20 Earnings PresentationJustinHorstman1
 
Q3 earnings slides final tel
Q3 earnings slides final telQ3 earnings slides final tel
Q3 earnings slides final telTEConnectivityltd
 
TE Connectivity Q3 2016 Earnings Presentation
TE Connectivity Q3 2016 Earnings PresentationTE Connectivity Q3 2016 Earnings Presentation
TE Connectivity Q3 2016 Earnings PresentationTEConnectivityltd
 
Investor deck for website 5-16-14 v4
Investor deck for website 5-16-14 v4Investor deck for website 5-16-14 v4
Investor deck for website 5-16-14 v4InvestorSymantec
 
VikramN2015
VikramN2015VikramN2015
VikramN2015Vikram Nawale
 
BKD Operational Assessment
BKD Operational AssessmentBKD Operational Assessment
BKD Operational AssessmentIndiana Bureau of Motor Vehicles
 
Auditing and Assurance Update on Non-Financial Information
Auditing and Assurance Update on Non-Financial InformationAuditing and Assurance Update on Non-Financial Information
Auditing and Assurance Update on Non-Financial InformationWorkiva
 

Weitere ähnliche Inhalte

Was ist angesagt?

Rexnord Corporation (RXN) Q4 Fiscal Year 2020 Financial Results
Rexnord Corporation (RXN) Q4 Fiscal Year 2020 Financial ResultsRexnord Corporation (RXN) Q4 Fiscal Year 2020 Financial Results
Rexnord Corporation (RXN) Q4 Fiscal Year 2020 Financial ResultsRexnord
 
3Q19 Earnings Presentation (FINAL)
3Q19 Earnings Presentation (FINAL)3Q19 Earnings Presentation (FINAL)
3Q19 Earnings Presentation (FINAL)JustinHorstman1
 
201310 Risk Aggregation and Reporting. More than Just a Data Issue
201310 Risk Aggregation and Reporting. More than Just a Data Issue201310 Risk Aggregation and Reporting. More than Just a Data Issue
201310 Risk Aggregation and Reporting. More than Just a Data IssueFrancisco Calzado
 
Overview of regulations on audit and accounts 2020
Overview of regulations on audit and accounts 2020Overview of regulations on audit and accounts 2020
Overview of regulations on audit and accounts 2020soniabedi4
 
Financial management modernization at the usda positively impacts mission
Financial management modernization at the usda positively impacts missionFinancial management modernization at the usda positively impacts mission
Financial management modernization at the usda positively impacts missioncathylums
 
Lesson 20 Basic Elements of Control
Lesson 20 Basic Elements of ControlLesson 20 Basic Elements of Control
Lesson 20 Basic Elements of ControlDR. RHEA SANTILLAN
 
Marketing Accounting Firms: presentation for the HKICPA
Marketing Accounting Firms: presentation for the HKICPAMarketing Accounting Firms: presentation for the HKICPA
Marketing Accounting Firms: presentation for the HKICPARobert_Sawhney
 
PFS Web Corporate Presentation January 2016
PFS Web Corporate Presentation January 2016PFS Web Corporate Presentation January 2016
PFS Web Corporate Presentation January 2016Company Spotlight
 
Teck’s Q2 2019 Financial Results and Investors’ Conference Call
Teck’s Q2 2019 Financial Results and Investors’ Conference CallTeck’s Q2 2019 Financial Results and Investors’ Conference Call
Teck’s Q2 2019 Financial Results and Investors’ Conference CallTeckResourcesLtd
 
TCF 1Q20 Earnings Presentation
TCF 1Q20 Earnings PresentationTCF 1Q20 Earnings Presentation
TCF 1Q20 Earnings PresentationJustinHorstman1
 
Banks brace for risk data aggregation and reporting
Banks brace for risk data aggregation and reportingBanks brace for risk data aggregation and reporting
Banks brace for risk data aggregation and reportingMarkit
 
ISA 402 Audit Considerations Relating to an Entity Using a Service Organisation
ISA 402 Audit Considerations Relating to an Entity Using a Service OrganisationISA 402 Audit Considerations Relating to an Entity Using a Service Organisation
ISA 402 Audit Considerations Relating to an Entity Using a Service OrganisationSazzad Hossain, ITP, MBA, CSCA™
 
PCI Media Impact Inc - 2015 FS and OMB Uniform Guidance
PCI Media Impact Inc - 2015 FS and OMB Uniform GuidancePCI Media Impact Inc - 2015 FS and OMB Uniform Guidance
PCI Media Impact Inc - 2015 FS and OMB Uniform GuidancePCIMediaImpact
 
TCF 2Q20 Earnings Presentation
TCF 2Q20 Earnings PresentationTCF 2Q20 Earnings Presentation
TCF 2Q20 Earnings PresentationJustinHorstman1
 
Q3 earnings slides final tel
Q3 earnings slides final telQ3 earnings slides final tel
Q3 earnings slides final telTEConnectivityltd
 
TE Connectivity Q3 2016 Earnings Presentation
TE Connectivity Q3 2016 Earnings PresentationTE Connectivity Q3 2016 Earnings Presentation
TE Connectivity Q3 2016 Earnings PresentationTEConnectivityltd
 
Investor deck for website 5-16-14 v4
Investor deck for website 5-16-14 v4Investor deck for website 5-16-14 v4
Investor deck for website 5-16-14 v4InvestorSymantec
 

Was ist angesagt? (20)

Rexnord Corporation (RXN) Q4 Fiscal Year 2020 Financial Results
Rexnord Corporation (RXN) Q4 Fiscal Year 2020 Financial ResultsRexnord Corporation (RXN) Q4 Fiscal Year 2020 Financial Results
Rexnord Corporation (RXN) Q4 Fiscal Year 2020 Financial Results
 
3Q19 Earnings Presentation (FINAL)
3Q19 Earnings Presentation (FINAL)3Q19 Earnings Presentation (FINAL)
3Q19 Earnings Presentation (FINAL)
 
201310 Risk Aggregation and Reporting. More than Just a Data Issue
201310 Risk Aggregation and Reporting. More than Just a Data Issue201310 Risk Aggregation and Reporting. More than Just a Data Issue
201310 Risk Aggregation and Reporting. More than Just a Data Issue
 
Overview of regulations on audit and accounts 2020
Overview of regulations on audit and accounts 2020Overview of regulations on audit and accounts 2020
Overview of regulations on audit and accounts 2020
 
Financial management modernization at the usda positively impacts mission
Financial management modernization at the usda positively impacts missionFinancial management modernization at the usda positively impacts mission
Financial management modernization at the usda positively impacts mission
 
Lesson 20 Basic Elements of Control
Lesson 20 Basic Elements of ControlLesson 20 Basic Elements of Control
Lesson 20 Basic Elements of Control
 
Marketing Accounting Firms: presentation for the HKICPA
Marketing Accounting Firms: presentation for the HKICPAMarketing Accounting Firms: presentation for the HKICPA
Marketing Accounting Firms: presentation for the HKICPA
 
PFS Web Corporate Presentation January 2016
PFS Web Corporate Presentation January 2016PFS Web Corporate Presentation January 2016
PFS Web Corporate Presentation January 2016
 
Teck’s Q2 2019 Financial Results and Investors’ Conference Call
Teck’s Q2 2019 Financial Results and Investors’ Conference CallTeck’s Q2 2019 Financial Results and Investors’ Conference Call
Teck’s Q2 2019 Financial Results and Investors’ Conference Call
 
TCF 1Q20 Earnings Presentation
TCF 1Q20 Earnings PresentationTCF 1Q20 Earnings Presentation
TCF 1Q20 Earnings Presentation
 
Are Your Internal Controls in Order?
Are Your Internal Controls in Order? Are Your Internal Controls in Order?
Are Your Internal Controls in Order?
 
Banks brace for risk data aggregation and reporting
Banks brace for risk data aggregation and reportingBanks brace for risk data aggregation and reporting
Banks brace for risk data aggregation and reporting
 
ISA 402 Audit Considerations Relating to an Entity Using a Service Organisation
ISA 402 Audit Considerations Relating to an Entity Using a Service OrganisationISA 402 Audit Considerations Relating to an Entity Using a Service Organisation
ISA 402 Audit Considerations Relating to an Entity Using a Service Organisation
 
PCI Media Impact Inc - 2015 FS and OMB Uniform Guidance
PCI Media Impact Inc - 2015 FS and OMB Uniform GuidancePCI Media Impact Inc - 2015 FS and OMB Uniform Guidance
PCI Media Impact Inc - 2015 FS and OMB Uniform Guidance
 
Financial audit
Financial auditFinancial audit
Financial audit
 
TCF 2Q20 Earnings Presentation
TCF 2Q20 Earnings PresentationTCF 2Q20 Earnings Presentation
TCF 2Q20 Earnings Presentation
 
Q3 earnings slides final tel
Q3 earnings slides final telQ3 earnings slides final tel
Q3 earnings slides final tel
 
TE Connectivity Q3 2016 Earnings Presentation
TE Connectivity Q3 2016 Earnings PresentationTE Connectivity Q3 2016 Earnings Presentation
TE Connectivity Q3 2016 Earnings Presentation
 
Investor deck for website 5-16-14 v4
Investor deck for website 5-16-14 v4Investor deck for website 5-16-14 v4
Investor deck for website 5-16-14 v4
 
VikramN2015
VikramN2015VikramN2015
VikramN2015
 

Ähnlich wie oig-work-plan

Auditing and Assurance Update on Non-Financial Information
Auditing and Assurance Update on Non-Financial InformationAuditing and Assurance Update on Non-Financial Information
Auditing and Assurance Update on Non-Financial InformationWorkiva
 
What is the procedure for financial statement audit.pdf
What is the procedure for financial statement audit.pdfWhat is the procedure for financial statement audit.pdf
What is the procedure for financial statement audit.pdfRathnakarReddy17
 
Audit of Internal Financial Control over Financial Reporting (IFCR) A complet...
Audit of Internal Financial Control over Financial Reporting (IFCR) A complet...Audit of Internal Financial Control over Financial Reporting (IFCR) A complet...
Audit of Internal Financial Control over Financial Reporting (IFCR) A complet...Taufir Alam
 
Stress Testing Conference - FinRep 6.23.15
Stress Testing Conference - FinRep 6.23.15Stress Testing Conference - FinRep 6.23.15
Stress Testing Conference - FinRep 6.23.15Robert Fournier
 
Wahid’s clarification – the objective of external audit
Wahid’s clarification – the objective of external auditWahid’s clarification – the objective of external audit
Wahid’s clarification – the objective of external auditMohammad Wahid Abdullah Khan
 
Finance Department COSO Implementation Memo
Finance Department COSO Implementation MemoFinance Department COSO Implementation Memo
Finance Department COSO Implementation MemoTownofAddison
 
Pwc 2015 Technology Sector Sec Comment Letter Trends
Pwc 2015 Technology Sector Sec Comment Letter TrendsPwc 2015 Technology Sector Sec Comment Letter Trends
Pwc 2015 Technology Sector Sec Comment Letter TrendsPwC
 
auditpresentation-121006061658-phpapp02.pdf
auditpresentation-121006061658-phpapp02.pdfauditpresentation-121006061658-phpapp02.pdf
auditpresentation-121006061658-phpapp02.pdfowaissayyed0041
 
Internal Audit Plan 2015
Internal Audit Plan 2015Internal Audit Plan 2015
Internal Audit Plan 2015Mohammad Kashif
 
Wahid techniques – the significance and dependability manner for performance ...
Wahid techniques – the significance and dependability manner for performance ...Wahid techniques – the significance and dependability manner for performance ...
Wahid techniques – the significance and dependability manner for performance ...Mohammad Wahid Abdullah Khan
 
Audit Assignments for Chartered Accountants.pdf
Audit Assignments for Chartered Accountants.pdfAudit Assignments for Chartered Accountants.pdf
Audit Assignments for Chartered Accountants.pdfPaul Watson
 

Ähnlich wie oig-work-plan (20)

BKD Operational Assessment
BKD Operational AssessmentBKD Operational Assessment
BKD Operational Assessment
 
Auditing and Assurance Update on Non-Financial Information
Auditing and Assurance Update on Non-Financial InformationAuditing and Assurance Update on Non-Financial Information
Auditing and Assurance Update on Non-Financial Information
 
What is the procedure for financial statement audit.pdf
What is the procedure for financial statement audit.pdfWhat is the procedure for financial statement audit.pdf
What is the procedure for financial statement audit.pdf
 
Audit of Internal Financial Control over Financial Reporting (IFCR) A complet...
Audit of Internal Financial Control over Financial Reporting (IFCR) A complet...Audit of Internal Financial Control over Financial Reporting (IFCR) A complet...
Audit of Internal Financial Control over Financial Reporting (IFCR) A complet...
 
Stress Testing Conference - FinRep 6.23.15
Stress Testing Conference - FinRep 6.23.15Stress Testing Conference - FinRep 6.23.15
Stress Testing Conference - FinRep 6.23.15
 
Wahid’s clarification – the objective of external audit
Wahid’s clarification – the objective of external auditWahid’s clarification – the objective of external audit
Wahid’s clarification – the objective of external audit
 
Finance Department COSO Implementation Memo
Finance Department COSO Implementation MemoFinance Department COSO Implementation Memo
Finance Department COSO Implementation Memo
 
Mark McKoy - Resume 16
Mark McKoy - Resume 16Mark McKoy - Resume 16
Mark McKoy - Resume 16
 
איל הורוביץ-סוגים של ביקורת
איל הורוביץ-סוגים של ביקורתאיל הורוביץ-סוגים של ביקורת
איל הורוביץ-סוגים של ביקורת
 
CV Nimisha
CV NimishaCV Nimisha
CV Nimisha
 
Pwc 2015 Technology Sector Sec Comment Letter Trends
Pwc 2015 Technology Sector Sec Comment Letter TrendsPwc 2015 Technology Sector Sec Comment Letter Trends
Pwc 2015 Technology Sector Sec Comment Letter Trends
 
SOX 2016 - PART I - COSO 2013
SOX 2016 - PART I - COSO 2013SOX 2016 - PART I - COSO 2013
SOX 2016 - PART I - COSO 2013
 
auditpresentation-121006061658-phpapp02.pdf
auditpresentation-121006061658-phpapp02.pdfauditpresentation-121006061658-phpapp02.pdf
auditpresentation-121006061658-phpapp02.pdf
 
AOP Template
AOP TemplateAOP Template
AOP Template
 
Internal Audit Plan 2015
Internal Audit Plan 2015Internal Audit Plan 2015
Internal Audit Plan 2015
 
Wahid techniques – the significance and dependability manner for performance ...
Wahid techniques – the significance and dependability manner for performance ...Wahid techniques – the significance and dependability manner for performance ...
Wahid techniques – the significance and dependability manner for performance ...
 
Audit presentation
Audit presentationAudit presentation
Audit presentation
 
06304021
0630402106304021
06304021
 
Audit Assignments for Chartered Accountants.pdf
Audit Assignments for Chartered Accountants.pdfAudit Assignments for Chartered Accountants.pdf
Audit Assignments for Chartered Accountants.pdf
 
Internal auditing for “one & all”
Internal auditing for “one & all”Internal auditing for “one & all”
Internal auditing for “one & all”
 

oig-work-plan

  • 1. February 27, 2015 Current as of ongoing and planned audit and evaluation projects Work Plan
  • 2. Work Plan | Current as of February 27, 2015 Overview The Work Plan presents the audits and evaluations that the Office of Inspector General (OIG) is conducting to assist the Board of Governors of the Federal Reserve System (Board) and the Consumer Financial Protection Bureau (CFPB) in fulfilling their respective missions. Our statutory mandates are our highest priority, and with our remaining resources, we focus on those programs and operations that pose the highest risk to achieving the Board’s and the CFPB’s strategic goals, objectives, and priorities; meeting budgetary and financial commitments; and complying with applicable laws, regulations, and guidance. The Work Plan is updated twice a month. Projects are categorized as ongoing or planned. Entries for ongoing projects include the calendar quarter in which the project is expected to be completed. For a list of completed projects, please view the Audit Reports page on our website. The OIG may be required to perform unanticipated work based on congressional requests, OIG Hotline complaints, new statutory mandates, or other input. Such work, as well as resource constraints, may result in the deferral, cancellation, or modification of projects. Our effectiveness depends on our flexibility to address other priorities as they arise. For congressional, media, or other inquiries, please e-mail oig.media@frb.gov or call John Manibusan at 202-973-5043.
  • 3. Work Plan | Current as of February 27, 2015 Contents Board: Ongoing Projects 1 Board: Planned Projects 5 CFPB: Ongoing Projects 7 CFPB: Planned Projects 10
  • 4. Work Plan | Current as of February 27, 2015 1 of 10 Board: Ongoing Projects with calendar quarter of expected completion Audit of the Board's Diversity and Inclusion Processes First quarter 2015 In response to a congressional request, we initiated an audit of the Board’s diversity and inclusion processes. The objective of this audit is to assess the Board’s personnel operations and other efforts to provide for equal employment opportunities, including equal opportunity for minorities and women to obtain senior management positions, and for racial, ethnic, and gender diversity in the workforce. Our work will include looking at the role of the Board’s Office of Minority and Women Inclusion in these areas. Audit of the Board's STAR Modernization Project First quarter 2015 STAR is the central computer application used by the statistics function at the Federal Reserve Banks and the Board to collect and edit over 75 periodic statistical reports from financial institutions.These data reports are subsequently delivered to end users at the Board, the Federal Reserve Bank of New York’s Trading Desk, and the Federal Reserve Banks’ Economic Research and Banking Supervision Divisions for use in performing their duties regarding monetary policy and supervision and regulation of financial institutions. STAR is also used by the Federal Reserve System’s Reserve Administration function to calculate reserve requirements, monitor reserve balances, and perform other activities. In addition, STAR produces reserve account information that can be used by depository institutions to manage their accounts effectively.The current technology is being updated to better support business needs and to include a server-based environment and support by the Federal Reserve System’s National IT.The Board began decommissioning the legacy STAR system in 2014. Our audit focus includes the adequacy and internal controls of the development process for the new system, including the cost and schedule. In addition, we are determining how security controls are being built into the system. Board Financial Statements as of and for the Years Ended December 31, 2014 and 2013, and Independent Auditors' Reports First quarter 2015 The OIG contracted with an independent public accounting firm to audit the 2014 financial statements of the Board.The OIG will oversee the activities of the independent public accounting firm to ensure compliance with generally accepted government auditing standards and Public Company Accounting Oversight Board auditing standards related to internal controls over financial reporting. Evaluation of the Board's Corporate Services First quarter 2015 The Board continues to provide corporate services, such as Mail Services, Motor Transport services, and Print Shop services, across all divisions. Our objective is to assess the extent to which Board staff use these services and to identify potential economies and efficiencies. Evaluation of the Operational Components of the Board's Law Enforcement Unit (LEU) First quarter 2015 Following the enactment of the USA Patriot Act of 2001, which granted the Board certain law enforcement authorities, the Board increased its security staff to include federal law enforcement officers.The LEU safeguards most Board-designated property and personnel 24 hours a day, 7 days a week.This evaluation is assessing the economy and efficiency of the LEU, including the various operational components within the organization.This review considers the
  • 5. Work Plan | Current as of February 27, 2015 2 of 10 LEU’s staffing models, cost reduction efforts in process, and potential enhancements to LEU operations that may use security technology more effectively. Federal Financial Institutions Examination Council (FFIEC) Financial Statements as of and for the Years Ended December 31, 2014 and 2013, and Independent Auditors' Reports First quarter 2015 The OIG contracted with an independent public accounting firm to audit the 2014 financial statements of the FFIEC. (The Board performs the accounting function for the FFIEC.) The OIG will oversee the activities of the independent public accounting firm to ensure compliance with generally accepted government auditing standards. In-Depth Review of the Failure of Waccamaw Bank First quarter 2015 We determined that the failure of Waccamaw Bank, located in Whiteville, North Carolina, presented unusual circumstances warranting an in-depth review. When a loss to the Deposit Insurance Fund presents unusual circumstances, section 38(k) of the Federal Deposit Insurance Act, as amended by the Dodd-Frank Act, requires that the Inspector General conduct a material loss review. As required by the provisions of section 38(k), we are • reviewing the agency’s supervision of the failed institution, including the agency’s implementation of prompt corrective action • ascertaining why the institution’s problems resulted in a material loss to the Deposit Insurance Fund • making recommendations for preventing any such loss in the future Security Control Review of the Board’s C-SCAPE System First quarter 2015 The Federal Information Security Management Act of 2002 requires that each agency Inspector General evaluate a representative subset of the agency’s information systems. As part of meeting this requirement, we are conducting a security control review of the Board’s Consolidated Supervision Comparative Analysis, Planning and Execution (C-SCAPE) system. C-SCAPE is a data input and reporting tool used to support the supervisory program. C-SCAPE is intended to support the Large Institution Supervision Coordinating Committee’s reengineered supervisory processes for large banking organizations, foreign banking organizations, and financial market utilities. Our specific audit objective is to evaluate the adequacy of certain control techniques designed to protect data in the system from unauthorized access, modification, destruction, or disclosure. Evaluation of the Division of Banking Supervision and Regulation's (BS&R) Model Risk-Management Practices for Models Used in Support of the Annual Comprehensive Capital Analysis and Review (CCAR) Second quarter 2015 CCAR is the largest initiative of the Operating Committee of the Large Institution Supervision Coordinating Committee. CCAR is a supervisory assessment of the capital planning processes and capital adequacy of the largest, most complex bank holding companies. We are reviewing BS&R’s model risk-management practices, including model validation activities, for the supervisory models used in support of the CCAR stress testing. Audit of the Board's Data Governance Third quarter 2015 Strategic theme 2 of the Board’s Strategic Framework 2012–15 calls for redesigning data governance and management processes to enhance the Board’s data environment in the wake of the Board’s expanded
  • 6. Work Plan | Current as of February 27, 2015 3 of 10 mandates under the Dodd-Frank Act.Theme 2 objectives consist of improving data governance by establishing a new Office of the Chief Data Officer and ensuring clear roles and responsibilities among data users and the Board Data Council; ensuring that all enterprise data are appropriately handled, processed, stored, and disseminated; and strengthening the Board’s data environment by establishing an infrastructure to share data and improve data integration. Our audit is focused on obtaining information on the current plans and activities to achieve the theme 2 strategic objectives and the progress made, including efforts to share data among divisions and achieve potential efficiencies in the procurement of data. Audit of the Financial Stability Oversight Council's (FSOC) Oversight of Interest Rate Risk Third quarter 2015 In 2014, the Council of Inspectors General on Financial Oversight (CIGFO) convened a working group to audit FSOC’s oversight of interest rate risk. As the independent oversight entity of the Board and the CFPB, the OIG is a member of CIGFO and the working group.The audit objective is to assess the extent to which FSOC is overseeing interest rate risk to the financial system.The CIGFO working group plans to issue a report to FSOC in April 2015. Audit of the Board's Public Release of Economic Information Fourth quarter 2015 The Board produces several economic publications and statistical releases on a periodic schedule. Many of these releases have the potential to influence market trading; therefore, the Board needs to have sufficient controls over the release of this sensitive information to the public. We are auditing the Board’s processes to ensure that these data are properly safeguarded on the day of issuance. Evaluation of the Examination Approach Used to Assess Office of Foreign Assets Control (OFAC) Compliance Fourth quarter 2015 In the past few years, there have been high-profile instances of foreign banking organizations (FBOs) operating in the United States that were facilitating payments to prohibited entities on OFAC’s list of specially designated nationals.The Federal Financial Institutions Examination Council’s Bank Secrecy Act/ Anti-Money Laundering Examination Manual contains specific examination procedures for assessing OFAC compliance programs.This evaluation seeks to assess the effectiveness of the Board’s and the Federal Reserve Banks’ approach to examining the OFAC compliance programs for FBOs operating in the United States. This evaluation will assess the extent to which the current examination approach to OFAC compliance should be updated based on (1) lessons learned from these incidents or (2) evolving expectations for OFAC compliance programs based on recent updates to the sanctions list. Evaluation of the Federal Reserve System’s Practices for Addressing Divergent Views and Making Supervisory Decisions for Large Banking Holding Companies First quarter 2016 In response to a request from the Board dated November 17, 2014, the OIG is conducting an evaluation of the Federal Reserve System’s practices for addressing divergent views and making supervisory decisions regarding large bank holding companies. The Board requested that we initiate a review related to the manner in which the Federal Reserve System conducts examinations of bank holding companies with total assets in excess of $50 billion, known as Large Institution Supervision Coordinating Committee (LISCC) firms and large banking organizations (LBOs). As part of our project, we also plan to evaluate the effectiveness of continuous monitoring as a supervisory tool for LISCC firms and LBOs. Our objectives are to (1) assess the methods for Federal Reserve System decisionmakers to obtain material
  • 7. Work Plan | Current as of February 27, 2015 4 of 10 information necessary to ensure that decisions and conclusions resulting from supervisory activities at LISCC firms and LBOs are appropriate, supported by the record, and consistent with applicable policies; (2) determine whether there are adequate channels for Federal Reserve System decisionmakers to be aware of supervision staff’s divergent views about material issues regarding LISCC firms and LBOs; and (3) assess the effectiveness of continuous monitoring as a supervisory tool for LISCC firms and LBOs. Our work will include reviewing applicable Board and Federal Reserve Bank policies and procedures, meeting with staff from the Board and the Federal Reserve Banks, and reviewing documentation associated with supervisory activities. We plan to visit a sample of Federal Reserve Banks that have responsibility for supervising LISCC firms and LBOs. This project is an evaluation conducted pursuant to the Council of the Inspectors General on Integrity and Efficiency’s Quality Standards for Inspection and Evaluation and is not a criminal, civil, or administrative investigation. Unlike investigations conducted by law enforcement officials that may assess the actions of individual employees, auditors conduct evaluations that assess the effectiveness and efficiency of agency programs and operations. Our evaluations typically result in reports issued to Board officials that often include recommendations designed to improve the efficiency and effectiveness of the agency’s operations, programs, and policies.
  • 8. Work Plan | Current as of February 27, 2015 5 of 10 Board: Planned Projects Audit of the Board's Contract Administration According to a recent U.S. Government Accountability Office report, agencies across the federal government increasingly rely on contractors to execute their missions.The government needs strong controls to provide reasonable assurance that these contract funds are not being lost to improper payments, waste, or mismanagement. Effective contract oversight, which includes effective internal controls throughout the contracting process, is essential to protecting government and taxpayer interests. Our focus will be to identify and assess the effectiveness of internal controls related to contract administration. Audit of the Board's C-SCAPE Project Building on lessons learned from the recent financial crisis, the Federal Reserve System has taken a number of important steps to improve its supervisory program for large financial institutions.The Consolidated Supervision Comparative Analysis, Planning and Execution (C-SCAPE) application is a data input and reporting tool used to support the supervisory program. C-SCAPE is intended to support the Large Institution Supervision Coordinating Committee’s reengineered supervisory processes for large banking organizations, foreign banking organizations, and financial market utilities. C-SCAPE is being updated to match the new framework for the consolidated supervision of large financial institutions. Our focus will be to identify and assess the effectiveness of internal controls related to project management, including the oversight provided by the Investment Review Board. Audit of the Board's Process for Supervisory Assessments of Large Bank Holding Companies and Savings and Loan Holding Companies The Dodd-Frank Act directed the Board to collect assessments, fees, and other charges for bank holding companies, savings and loan holding companies, and nonbank financial companies supervised by the Board. The collection process is new to the Board; the Federal Reserve System has not previously assessed supervised entities to cover expenses related to supervision. In addition, this process requires a coordinated effort among various divisions at the Board and with the Federal Reserve Banks.The Board issued a final rule in August 2013 that further describes the collection process for the supervised entities. We plan to evaluate the Board’s internal controls related to the collection of these assessment fees as well as their disbursement. Audit of the Board's Strategic Plan Implementation and Governance Effective strategic planning helps organizations identify priorities and mitigate risks to achieving their missions. The Board’s Strategic Framework 2012–15 contains six themes, including the importance of strengthening governance over its management processes to enable the effective implementation of the strategic framework’s goals. We plan to assess the Board’s implementation of its strategic plan, including how it measures strategic outcomes, identifies potential risks or challenges, establishes accountability, and monitors progress in implementing the framework. Board Security Control Reviews The Federal Information Security Management Act of 2002 requires that each agency Inspector General evaluate a representative subset of the agency’s information systems, including third-party systems.To meet this requirement, we will conduct security control reviews of a sample of the Board’s major applications and general support system components throughout the year. We will use automated audit scanning tools to assist with conducting the security control reviews. For 2014, we plan to focus our scanning on web application, mainframe, VMware, Apache, and IIS technologies.
  • 9. Work Plan | Current as of February 27, 2015 6 of 10 Evaluation of Systemically Important Financial Institutions Supervision Teams: Preserving and Transferring Institutional Knowledge Within and Between Supervisory Teams Preserving and transferring institutional knowledge contributes to effective supervision, particularly in light of examiner rotation requirements, examiner turnover, and the Board’s and the Reserve Banks’ evolving supervisory responsibilities.This evaluation will assess Board guidance and the controls implemented by the Federal Reserve Banks of New York, San Francisco, Richmond, and Boston (the Reserve Banks responsible for supervising the systemically important financial institution portfolio) to evaluate the best practices for preserving and transferring institutional knowledge (1) within a supervisory team and (2) from an existing supervisory team to a new team. Failed Bank Reviews Section 38(k) of the Federal Deposit Insurance Act, as amended by the Dodd-Frank Act, requires that the Inspector General of the appropriate federal banking agency review the agency’s supervision of a failed institution when the associated losses to the Deposit Insurance Fund are above the materiality threshold or are at or below the threshold but exhibit unusual circumstances warranting an in-depth review. In such cases, the Inspector General must prepare a report in a manner consistent with the requirements of a material loss review. For losses to the Deposit Insurance Fund that occurred from January 1, 2012, through December 31, 2013, a $150 million threshold applies; for all such losses occurring on or after January 1, 2014, the materiality threshold is $50 million.
  • 10. Work Plan | Current as of February 27, 2015 7 of 10 CFPB: Ongoing Projects with calendar quarter of expected completion Audit of the CFPB's Contract Management Process First quarter 2015 The CFPB’s procurement process follows the requirements established by the Federal Acquisition Regulation, which is the primary regulation governing the acquisition of supplies and services by all federal executive agencies.This audit is a follow-on to the evaluation of the CFPB’s contract solicitation and selection process. Our focus will be on the CFPB’s contract management processes, compliance with applicable rules established by the Federal Acquisition Regulation, and the effectiveness of the CFPB’s internal controls related to contract management. Audit of the CFPB's Diversity and Inclusion Processes First quarter 2015 In response to a congressional request, we initiated an audit of the CFPB’s diversity and inclusion processes. The objective of this audit is to assess the CFPB’s personnel operations and other efforts to provide for equal employment opportunities, including equal opportunity for minorities and women to obtain senior management positions, and for racial, ethnic, and gender diversity in the workforce. Our work will include looking at the role of the CFPB’s Office of Minority and Women Inclusion in these areas. Audit of the CFPB's Headquarters Renovation Costs First quarter 2015 In June 2014, we completed a review and issued a letter report in response to a request from the Chairman of the Subcommittee on Oversight and Investigations, House Committee on Financial Services, regarding the CFPB’s headquarters renovation budget. As a follow- on to this work, we are evaluating the reasonableness of the overall estimated and proposed costs for the CFPB’s headquarters renovation. We will also assess the effectiveness of the CFPB’s processes and controls for approving, managing, and documenting headquarters renovation costs and project decisions. Audit of the CFPB's Public Consumer Complaint Database First quarter 2015 In June 2012, the CFPB became the first federal regulator to publicly share individual-level consumer financial complaint data. While the Consumer Complaint Database initially contained only credit card complaints, the CFPB has extended the database to other consumer financial products and services covered by the CFPB. Our audit objective is to assess the effectiveness of the CFPB’s controls over the accuracy and completeness of the public complaint database. Audit of the CFPB's Space-Planning Activities First quarter 2015 The CFPB is in the process of renovating its headquarters building. As the CFPB continues to add personnel and simultaneously manage office space allocation, the funds to be expended for the renovation as well as for the additional space required for displaced and new employees will likely be significant. We will determine whether the CFPB has established adequate controls to properly manage its space needs and whether the CFPB is complying with applicable requirements. Audit of the CFPB's Tableau System First quarter 2015 The Federal Information Security Management Act of 2002 (FISMA) requires that each agency Inspector General evaluate a representative subset of the agency’s information systems, including third-party systems. As part of meeting this requirement, we are conducting a
  • 11. Work Plan | Current as of February 27, 2015 8 of 10 security control review of the CFPB’s Tableau system. Tableau is an application used to develop, publish, and view business intelligence data. Our focus is to review the adequacy of certain security controls designed to protect data in the system from unauthorized access, modification, destruction, or disclosure. Evaluation of the CFPB's Hiring Process First quarter 2015 In accordance with section 1013(a)(1)(B) of the Dodd- Frank Act, the Director of the CFPB “is authorized to employ attorneys, compliance examiners, compliance supervision analysts, economists, statisticians, and other employees as may be deemed necessary to conduct the business of the Bureau.”We initiated this evaluation in response to the CFPB’s volume of hiring and its establishment of field offices.The objective of our evaluation is to assess the efficiency and effectiveness of certain CFPB recruitment and selection subprocesses, including (1) assessment and vacancy announcement creation, (2) hiring authority and vacancy announcement posting, and (3) evaluation and selection of candidates. We are also evaluating the agency’s compliance with applicable laws, regulations, and policies.This evaluation includes a review of competitive service, excepted service, and special program hiring practices. In addition, we are reviewing the CFPB’s administration of recruitment and selection incentives to recruit new employees. Joint Evaluation of Coordination Between the CFPB and Other Regulatory Agencies First quarter 2015 The Board-CFPB OIG, the Federal Deposit Insurance Corporation OIG, the National Credit Union Administration OIG, and the U.S. Department of the Treasury OIG are conducting an evaluation of the coordination between the CFPB and other regulatory agencies with respect to conducting supervisory activities.The Dodd-Frank Act requires the CFPB to coordinate its supervisory activities with the federal prudential regulatory agencies and state financial regulatory authorities. In June 2012, the CFPB and the prudential regulatory agencies issued a memorandum of understanding to clarify how the agencies will coordinate their supervisory activities.The objective of the evaluation is to confirm that the required coordination is occurring and has been effective in avoiding conflicts or duplication of efforts. Security Control Review of the CFPB's DT Complaints Database First quarter 2015 The Federal Information Security Management Act of 2002 requires that each agency Inspector General evaluate a representative subset of the agency’s information systems. As part of meeting this requirement, we are conducting a security control review of the CFPB’s DT Complaints Database.The DT Complaints Database supports the CFPB’s Public Consumer Complaint Database. Our specific audit objective is to evaluate the adequacy of certain control techniques designed to protect data in the system from unauthorized access, modification, destruction, or disclosure. Audit of the CFPB's Distribution of Funds From the Civil Penalty Fund Second quarter 2015 The Dodd-Frank Act established the Civil Penalty Fund.The CFPB must deposit any civil penalty it obtains in any judicial or administrative action under federal consumer financial law into the fund.The CFPB is to use the funds collected to compensate consumers who were harmed by activities for which civil penalties have been imposed.To the extent that victims cannot be located or payment is not practicable, the CFPB may use the funds for consumer education and financial literacy programs. Our audit is focused on internal controls related to the administration of the Civil Penalty Fund. Specifically, our audit will assess the efficiency and effectiveness of the process for identifying victims.
  • 12. Work Plan | Current as of February 27, 2015 9 of 10 Evaluation of the Effectiveness of the CFPB's Examination Workpaper Documentation Second quarter 2015 The CFPB’s Supervision and Examination Manual (version 2.0) summarizes the agency’s expectations for workpaper documentation to support the results of its examination activity.The manual describes the following three principal purposes for workpaper documentation: (1) providing a record of the work performed that supports examination results, (2) maintaining the evidence necessary to support supervisory agreements or formal enforcement actions, and (3) facilitating internal quality control reviews. This evaluation will assess the CFPB’s policies and procedures for documenting examination results, the training programs and materials used to implement workpaper documentation expectations, and the extent to which each of the CFPB’s regions meets those expectations.
  • 13. Work Plan | Current as of February 27, 2015 10 of 10 CFPB: Planned Projects Audit of the CFPB's Pay and Compensation Program The CFPB is required by the Dodd-Frank Act to provide employees with compensation and benefits that, at a minimum, are comparable to those of the Board, regardless of any otherwise applicable provisions of title 5 of the United States Code. We plan to audit the CFPB’s pay and compensation program for compliance with applicable statutory requirements.This audit will include assessing the controls around setting employees’ pay. Evaluation of the CFPB Enforcement Office's Processes for Protecting Confidential Information The Enforcement office within the Division of Supervision, Enforcement, and Fair Lending routinely possesses confidential information as a result of the agency exercising its enforcement powers under title X, subtitle E, of the Dodd-Frank Act. For example, the CFPB can issue civil investigative demands to compel document production when the CFPB has reason to believe that a violation of federal consumer financial law has occurred.This evaluation will assess the Enforcement office’s regulations, policies, and procedures for safeguarding confidential information and the effectiveness of its controls designed to maintain the confidentiality of such information. Evaluation of the CFPB's Compliance With the Requirements for Issuing Civil Investigative Demands (CIDs) Section 1052(c) of the Dodd-Frank Act authorizes the CFPB to issue CIDs when the agency has reason to believe that a person has documentary materials, tangible things, or any other information relevant to a possible violation of federal consumer financial law. These CIDs may be issued to produce documents, produce tangible things, or compel testimony. Section 1052(c) contains a series of compliance requirements related to the use of CID authority, ranging from mandatory content requirements to procedures for issuing CIDs.This evaluation will assess the CFPB’s (1) policies and procedures for issuing CIDs, (2) training programs and materials related to the issuance of CIDs, and (3) compliance with section 1052(c)’s requirements, applicable regulations, and the agency’s policies and procedures for issuing CIDs.