The NCUA's Office of the Inspector General released its list of 2016 audits as part of its performance plan for the coming year.

Among the audits slated for 2016 are a review of NCUSIF material losses of more than $25 million, as required by the Dodd-Frank Act. The audit will determine causes for credit union failures and the resulting loss to the NCUSIF, and will assess the NCUA's supervision of the credit unions.

The Federal Information Security Management Act requires the OIG to evaluate the agency's IT security policies, procedures and practices, as well perform an assessment of compliance and privacy mandates. The OIG must determine if the agency was in compliance with FISMA and prepare an annual report for the Office of Management and Budget on the NCUA's IT security management program.

Further, the Inspector General will conduct a review of the agency's purchase and travel card program; participate in a joint review of NCUA's closing package to support the Sept. 30 year-end government-wide consolidated financial statements, along with the OMB, the Department of Treasury's Financial Management Service and the Government Accountability Office. It will also conduct a review of the NCUA's reporting entities, including the NCUSIF, the NCUA operating fund, Central Liquidity Facility, Community Development Revolving Loan Fund and Temporary Corporate Credit Union Stabilization Fund for reports to be released by Feb. 15, 2017.

The OIG will also evaluate the NCUA's DATA Act readiness review on reports containing financial and payment data.

In addition, the OIG is considering a discretionary audits to determine whether the NCUA provides adequate oversight of credit union cybersecurity to assess whether credit unions are taking sufficient measures to protect the confidentiality, availability, and integrity of credit union assets and sensitive credit union data.

Also, it will determine whether the NCUA's procurement process is fair and effective and determine whether NCUA examiners adequately assess credit union real estate loan portfolios, associated risks and credit union actions to mitigate the risks.

The OIG will also determine whether the NCUA adequately limits or controls employee and contractors access to sensitive NCUA and credit union data stored within the NCUA's IT infrastructure, and assess the NCUA's Office of Small Credit Union Initiatives' process over eligibility determination when selecting grant recipients, and determine whether grant expenditures are used for their intended purposes.

Instant Insights /

Cybersecurity on 2016 NCUA OIG Audit List

Related Stories

Recommended For You