1: Federal Reserve Board’s Programs and Operations 1.1.1: Financial Statement Audits 1.3.4: Internal Functions & Operations 1.3.4.1: Security Requirements 1.3.4.2: Procurement & Contracts 1.3.4.3: Information Technology 1.2.1: Monetary Policy Making Assessment 1.2.2: Security Investigations 1.2.3: Sensitive Information Systems 1.2.4: Recruitment & Retention 1.3.2: Nonbank Financial Companies 1.3.3: Large Banks & Important Nonbank Financial Companies 1.3.4: Savings & Loan Holding Companies 1.3.5: Supervision & Financial Stability 1.4.1: Payment, Clearing & Settlement Services 1.4.3: Reserve Bank Review Process 1.4.4: Law Enforcement Operations 1.5: Consumer & Community Affairs 2: Bureau of Consumer Financial Protection’s Programs & Operations 2.1: Governance, Functions & Operations 2.1.1: Planning, Governance & Controls 2.1.6: Information Systems & Security 2.1.7: Physical Infrastructure 2.3: Supervision & Enforcement 2.5: Financial Products & Services 2.7: Fraud, Waste, Abuse & Misconduct 3: OIG’s Operations & Communications 3.1.2: Career Development & Succession Planning 3.1.4: Performance Environment 3.3.2: Information, Cooperation & Coordination 3.5: Technology Infrastructure 3.5.2: Project Management Software | StrategicPlan Strategic Plan 2011 – 2015 The Office of Inspector General (OIG)is pleased to present its Strategic Plan 2011 – 2015. Since we issued our last plan, the global financial crisis has resulted in sweeping changes in the financial sector and the enactment of the Dodd-Frank Wall Street Reform and Consumer Protection Act (Dodd-Frank Act). Among other things, the Dodd-Frank Act expanded the responsibilities of the Board of Governors of the Federal Reserve System (Board). In addition, it created the Bureau of Consumer Financial Protection (Bureau)to implement and enforce federal consumer financial protection law and designated our office as the Bureau’s OIG. These changes are reflected in this Strategic Plan. We will continue to have a results-oriented and risk-focused vision for our office. Our first priority will be to meet our statutory and legislative requirements. We also plan to target our resources on those Board and Bureau programs and operations that pose the highest risk to achieving their respective strategic goals, objectives, and priorities; meeting budgetary and financial commitments; and complying with applicable laws, regulations, and guidance. Internally, we will continue to build our human resources, communications, business processes, and technological infrastructure to achieve our goals and objectives. Further, we will seek to build constructive and strategic working relationships with our stakeholders that will enhance our ability to achieve results. Ultimately, we will work to improve the economy, efficiency, and effectiveness of Board and Bureau programs and operations; prevent and detect fraud, waste, and abuse; and strengthen accountability to Congress and the public. Source: Start: 2011-04-29 End: 2015-09-30 Publication Date: 2013-05-11
The OIG promotes positive change, achieves results, fosters constructive working relationships with stakeholders, and protects the public interest through independent and risk-focused oversight of Board and Bureau programs and operations. The Office of Inspector General (OIG) conducts independent and objective audits, inspections, evaluations, investigations, and other reviews related to the programs and operations of the Board of Governors of the Federal Reserve System (Board) and the Bureau of Consumer Financial Protection (Bureau). Through this work, the OIG promotesintegrity, economy, efficiency, and effectiveness; helps prevent and detect fraud, waste, and abuse; and strengthensthe agencies’ accountability to Congress and the public. Through our oversight role, the OIG supports • the Board in fostering the stability, integrity, and efficiency of the nation’s monetary, financial, and payment systems to promote optimal macroeconomic performance; and • the Bureau in implementing and enforcing federal consumer financial law to ensure that consumers have access to fair, transparent, and competitive financial markets, products, and services. Values Independence: Independence is a fundamental value guiding the OIG’s operations and our relationship with the Board and the Bureau. In all matters, we will make independent and objective judgmentsfree from • undue internal and external influences or pressures or other organizational impairments. • actual or perceived personal bias, financial conflicts of interest, or other personal impairments or conflicts of interest. Integrity: The OIG adheres to the highest standards of integrity in its dealings with its stakeholders, including the Board, the Bureau, Congress, and the public. We will • operate under the highest ethical principles. • be honest, candid, and fair. • conduct our work in an objective, fact-based, non-partisan, and non-ideological manner. • use government information, resources, and positions for official purposes only. Excellence: Achieving our mission demands quality; high performance standards; and an experienced, skilled, and motivated professional workforce. We will • provide high-quality results on time and in a fiscally responsible manner. • issue well-supported reports that make constructive recommendations to address problems and issues, with proper consideration of the Board’s and the Bureau’s missions, goals, functions, and risks. • direct our recruitment, hiring, training and development, assignment, and evaluation processes to ensure a highly competent workforce with the appropriate knowledge, skills, and abilities. • build efficiency, effectiveness, quality assurance, and security into our technology infrastructure, internal operations, and work processes. Professionalism: We effectively use our knowledge, skills, and experience to perform our duties, in good faith and with integrity. In our day-to-day work, we will • exercise good judgment and common sense. • treat others with respect and dignity. • follow applicable laws, regulations, and standards. • conduct our work in a constructive manner. Empowerment: The OIG recognizes the need to effectively manage its human resources and remains committed to ensuring a working environment that empowers employee initiative, productivity, accountability, and professional growth. We will • reward for excellence. • foster continuous improvement. • promote teamwork, innovative thinking, and information sharing. • provide work-life balance that strives to be family-friendly and considers organization and employee goals and objectives. Diversity: The OIG recognizes and respects individuals’ differences and unique contributions, and fosters a work environment that optimizes the potential of all employees. We will • seek to recruit and maintain a diverse workforce. • treat employees fairly and equitably. • respect cultural differences. • foster continuing education. Public Interest: The public interest is defined as the collective well-being of the community of people and entities that we serve. We will seek to • protect the public interest. • preserve the public trust. Goal 1: Federal Reserve Board’s Programs and Operations Enhance Economy, Efficiency, and Effectiveness; Limit Risk; Detect and Prevent Fraud and Abuse; and Ensure Compliance in the Federal Reserve Board’s Programs and Operations Objective(s): 1.1.1: Financial Statement Audits 1.3.4: Internal Functions & Operations 1.3.4.1: Security Requirements 1.3.4.2: Procurement & Contracts 1.3.4.3: Information Technology 1.2.1: Monetary Policy Making Assessment 1.2.2: Security Investigations 1.2.3: Sensitive Information Systems 1.2.4: Recruitment & Retention 1.3.2: Nonbank Financial Companies 1.3.3: Large Banks & Important Nonbank Financial Companies 1.3.4: Savings & Loan Holding Companies 1.3.5: Supervision & Financial Stability 1.4.1: Payment, Clearing & Settlement Services 1.4.3: Reserve Bank Review Process 1.4.4: Law Enforcement Operations 1.5: Consumer & Community Affairs Other Information: Through our oversight role, the OIG supports the Board’s mission to foster the stability, integrity, and efficiency of the nation’s monetary, financial, and payment systems to promote optimal macroeconomic performance. The IG Act establishes broad requirements for conducting independent audits, investigations, inspections, evaluations, and other reviews of the Board’s programs and operations. As discussed earlier, we have other legislative mandates to conduct specific work in Board programs, activities, or functions, and we have identified additional areas that are high risk or otherwise warrant our review. We will focus our Goal 1 oversight efforts on the strategic objectives described below. Objective 1.1: Governance Oversight Continue to oversee Board governance Objective 1.1.1: Financial Statement Audits Contract with an independent public accounting (IPA) firm to annually audit the financial statements of the Board and the FFIEC. Stakeholder(s): Federal Reserve Board FFIEC Other Information: The Board’s and the FFIEC’s annual financial statement audits. In 1988, the Board delegated to the OIG the authority to contract for the annual independent audit of the Board’s financial statements, consistent with the IG Act’s requirement that audit-like functions being performed by the Board be transferred to the OIG. Section 726 of the Gramm-Leach-Bliley Act of 1999 amended the Federal Reserve Act by adding section 11B, which mandated annual independent audits of the financial statements of each Federal Reserve Bank and of the Board, thus codifying the Board’s long-standing practice that such audits be conducted. The OIG contracts with an independent public accounting (IPA) firm to annually audit the financial statements of the Board and the FFIEC (the Board performs the accounting function for the FFIEC). The OIG oversees the activities of the IPA firm to ensure compliance with generally accepted government auditing standards and certain Public Company Accounting Oversight Board auditing standards. The audit objective is to express an opinion on the Board’s and the FFIEC’s financial statements and obtain reasonable assurance about whether the financial statements are free of material misstatement. The auditors also assess the Board’s and the FFIEC’s compliance with certain laws and regulations. The IPA firm also expresses an opinion on the operating effectiveness of the Board’s internal controls over financial reporting, in accordance with Government Auditing Standards and the Public Company Accounting Oversight Board Auditing Standard No. 5 based upon criteria established in the Internal Control—Integrated Framework issued by the Committee of Sponsoring Organizations of the Treadway Commission. Objective 1.1.2: Information Security Identify and perform programmatic audits, inspections, and evaluations on information security topics. Other Information: The Board’s information security program. FISMA requires agencies to ensure the effectiveness of information security controls over information resources that support federal operations and assets. FISMA requires that each agency develop and implement an agency-wide program to provide information security throughout the life cycle of all agency systems, including systems managed on behalf of the agency by another agency, a contractor, or another source. FISMA also requires that each OIG conduct an annual independent evaluation of their respective agency’s information security program and practices. The evaluation is designed to test the effectiveness of controls and techniques for a representative subset of the agency’s information systems and to assess compliance with FISMA requirements. In April 2010, the Office of Management and Budget (OMB) issued new reporting requirements for OIGs’ analysis of their respective agency’s information security management performance, to include the following areas: certification and accreditation, continuous monitoring, plans of action and milestones, account and identity management, remote access, security configuration management, security training, contractor oversight, contingency planning, and incident response and reporting. To optimize our IT resources, we will continue to rotate our review of the major systems maintained by the Board, as well as the Federal Reserve Bank systems used in support of Board programs and operations. We will also identify and perform programmatic audits, inspections, and evaluations on information security topics to help fulfill our statutory requirement to evaluate the Board’s overall security program and practices and to respond to areas of interest identified by OMB as part of its annual reporting guidance. Objective 1.1.3: Law Enforcement Conduct biennial audits, inspections, and evaluations of the LEU and PSU. Stakeholder(s): FRB's Law Enforcement Unit (LEU):
The LEU consists of uniformed officers who are responsible for protecting and safeguarding the premises, grounds, property, personnel, and operations conducted by or on behalf of the Board. FRB's Protective Services Unit (PSU):
The PSU’s mission is to protect the Board’s Chairman. Other Information: The Board’s law enforcement activities. The USA PATRIOT Act granted the Board certain federal law enforcement authorities and established the Board’s Law Enforcement Unit (LEU) and Protective Services Unit (PSU)... To implement its authorities, the Board promulgated the Uniform Regulations for Federal Reserve Law Enforcement Officers, which designated the Board’s OIG as the EOF responsible for reviewing and evaluating the Board’s law enforcement programs and operations. We fulfill our EOF responsibilities by conducting biennial audits, inspections, and evaluations of the LEU and PSU. We plan to address topics such as force structure and deployment, contingency planning and readiness, training, performance evaluations, use of equipment and technology, firearms and ammunition inventory procedures, and succession planning. Objective 1.3.4: Internal Functions & Operations Other Information: The Board’s internal management functions and operations. The Board’s internal management function covers many diverse responsibilities, including financial management, human resource management, facilities management, security, legal services, records management, publications and communication, and information technology management. Budgeting and staffing considerations associated with increased work demands related to the financial crisis and Dodd-Frank Act requirements will continue to place competing pressures on the Board’s infrastructure, and staff will be challenged to maintain cost-effective, quality support to all of the Board’s mission areas. Our level of effort will continue to be commensurate with the varied programmatic responsibilities and resulting significant resource commitments of the Board’s internal operations. To continue providing value-added support to the Board’s internal operations over the next five years, we envision focusing on the following areas: Objective 1.3.4.1: Security Requirements Analyze the emerging threats, the associated risks, and the Board’s mitigation strategies to identify additional opportunities to assist the Board in maintaining a secure environment. Stakeholder(s): Federal Reserve Board Other Information: Ongoing and emerging security requirements, including physical and technological infrastructures, and continuity of operations. Threats to both physical and information security will continue, and likely increase, in the coming years. Beyond our legislatively-mandated responsibilities under FISMA and the USA PATRIOT Act, we will also analyze the emerging threats, the associated risks, and the Board’s mitigation strategies to identify additional opportunities to assist the Board in maintaining a secure environment conducive to efficient and effective operations. Objective 1.3.4.2: Procurement & Contracts Ensure that adequate controls are in place throughout the procurement and contracting processes. Other Information: Procurement and contract management activities. Investments in infrastructure enhancements—both physical and technological—will require potentially large acquisitions and capital outlays. Our work in this area will be designed to ensure that adequate controls are in place throughout the procurement and contracting processes and will include evaluating the reliability and integrity of reported information; compliance with laws, regulations, policies, and procedures; and the economical and efficient use of Board resources. Based on the resources and risks involved, we will monitor and evaluate the Board’s Martin building renovation and visitors center design project. Objective 1.3.4.3: Information Technology Monitor the life-cycle management process for high-profile Board IT projects to help ensure that IT division resources and best practices are efficiently and effectively used and that security controls are properly included. Stakeholder(s): FRB's Division of IT Other Information: Information technology life-cycle management. One of the objectives of the Board’s Division of IT is to provide quality support for customer projects in a timely manner. To support this objective, the IT division has developed a quality assurance process designed to ensure that systems developed, deployed, and maintained by the division meet the business requirements of its client community and follow standard quality processes to reduce business risks. We plan to monitor the life-cycle management process for high-profile Board IT projects to help ensure that IT division resources and best practices are efficiently and effectively used and that security controls are properly included in the application development process. Objective 1.3.4.4: HR & Training Examine the Board’s HR and training activities to assess their effectiveness. Stakeholder(s): Federal Reserve Board Other Information: Human resources (HR) and training. Maintaining a well-qualified, diverse staff remains a challenge for the Board. Tight labor markets for key job families can constrain the Board’s ability to recruit and retain certain highly skilled staff. Staff training also can provide challenges. We plan to examine the Board’s HR and training activities to assess their effectiveness. In addition, the Dodd-Frank Act requires that the Board and each Federal Reserve Bank establish a diversity and inclusion office that will be responsible for matters relating to diversity in management, employment, and business activities. Specifically, the Board’s office will focus on fostering diversity in Board procurements, with attention on minority-owned and women-owned businesses, and playing an integral role in the development of standards to assess the diversity practices of the entities the Board regulates. We plan to review the office’s activities to assess whether they appropriately implement the requirements of the Dodd-Frank Act. Objective 1.2: Functional Reviews Review the Board’s functions related to monetary policy and financial stability. Stakeholder(s): Federal Reserve Board Federal Open Market Committee (FOMC) FRB's Division of Monetary Affairs FRB's Division of Research and Statistics FRB's Division of International Finance Other Information: The members of the Board comprise a majority of the voting membership of the Federal Open Market Committee (FOMC), which is responsible for the conduct of the nation’s monetary policy. The goals of monetary policy are specified in the Federal Reserve Act, which indicates that the Board of Governors and the FOMC should seek “to promote effectively the goals of maximum employment, stable prices, and moderate long-term interest rates.” Board staff support this responsibility by conducting research and performing analysis related to domestic and international financial and economic matters. These activities are mainly carried out by the Division of Monetary Affairs, the Division of Research and Statistics, and the Division of International Finance. Objective 1.2.1: Monetary Policy Making Assessment Assess the economy, efficiency, and integrity of the processes and activities of the Board that support monetary policymaking. Stakeholder(s): Federal Reserve Board Other Information: The Board’s monetary policy activities and process. The OIG is authorized to assess the economy, efficiency, and integrity of the processes and activities of the Board that support monetary policymaking. The OIG will initiate an overall scoping review to determine those areas most appropriate for detailed review. Objective 1.2.2: Security Investigations Investigate apparent breaches of FOMC information security. Stakeholder(s): FOMC FOMC General Counsel Other Information: Security of sensitive information. The Board and the FOMC have agreed that the Board’s IG will be responsible for investigating apparent breaches of FOMC information security whenever such an investigation is requested by the FOMC’s General Counsel, who is also the General Counsel for the Board. Objective 1.2.3: Sensitive Information Systems Assess Board information systems that collect, employ, and maintain data to support the monetary policy-related activities and processes. Stakeholder(s): Federal Reserve Board Other Information: Security controls over sensitive information systems. Secure handling and transmission of economic information and data is a paramount concern. Our FISMA work will include assessing Board information systems that collect, employ, and maintain data to support the monetary policy-related activities and processes. Our work may include identifying best practices for handling sensitive economic data to determine whether opportunities exist to enhance the Board’s practices. Objective 1.2.4: Recruitment & Retention Examine the effectiveness of the Board’s recruitment and retention activities. Stakeholder(s): Economists Analysts Financial Experts Federal Reserve Board Other Information: Recruitment and retention. Recruitment and retention of highly qualified economists, analysts, and other experts is critical to achieving the Board’s mission relative to monetary policy and financial stability. The OIG plans to examine the effectiveness of the Board’s recruitment and retention activities. Objective 1.2.5: Financial Stability Evaluate the effectiveness and internal operations of the FSOC. Stakeholder(s): FSOC Other Information: Financial stability oversight. The Dodd-Frank Act created the FSOC to, among other things, identify and respond to threats to the U.S. financial system. The FSOC is composed of 10 voting members (including the Chairman of the Board) and 5 non-voting members. Its responsibilities include designating nonbank financial companies that may pose a systemic risk. The FSOC may make recommendations to primary financial regulatory agencies to apply new or heightened standards and safeguards for financial activities or practices that could create or increase risks of significant liquidity, credit, or other problems spreading among bank holding companies, nonbank financial companies, and U.S. financial markets. The Board is required to establish, independently or based on an FSOC recommendation, heightened prudential standards for two types of institutions: (1) nonbank financial companies designated by the FSOC as systemically important and (2) bank holding companies with total consolidated assets of $50 billion or more. As discussed previously, the Dodd-Frank Act also established the CIGFO and named the Board’s IG as a member. The CIGFO is authorized to establish working groups to evaluate the effectiveness and internal operations of the FSOC. Each IG within the CIGFO may detail staff and resources to such a working group, and the working group must submit regular reports to the FSOC and Congress regarding its oversight work. Objective 1.3: Supervision & Regulation Assess the Board’s responsibilities related to supervision and regulation. Objective 1.3.1: State Banks Conduct reviews of state member bank failures as required. Stakeholder(s): State Banks Other Information: State member bank failures. Section 38(k) of the FDI Act requires the OIG to review failed financial institutions supervised by the Board that result in a material loss to the DIF. The material loss review provisions of section 38(k) require that the IG review the Board’s supervision of the institution, including the agency’s implementation of prompt corrective action; ascertain why the institution’s problems resulted in a material loss to the DIF; and make recommendations for preventing any such loss in the future. The Dodd-Frank Act amended section 38(k) of the FDI Act to raise the materiality threshold from either exceeding $25 million or 2 percent of the institution’s total assets, whichever was higher, to $200 million for losses that occur during the period January 1, 2010, through December 31, 2011. However, it reduces the threshold in subsequent years. As of January 1, 2014, the threshold will remain at $50 million. In addition, the Dodd-Frank Act amended section 38(k) to require that the OIG prepare a written report in a manner consistent with the requirements of a material loss review for any nonmaterial losses to the DIF that exhibit unusual circumstances warranting an in-depth review. We will continue to conduct reviews of state member bank failures as required. Objective 1.3.2: Nonbank Financial Companies Enhance our staff’s technical expertise to ensure that we can meet new reporting requirements related to nonbank financial companies. Stakeholder(s): Nonbank Financial Companies Other Information: Supervision of failed nonbank financial companies designated as systemically important. Section 211(f) of the Dodd-Frank Act requires that the OIG review the Board’s supervision of any nonbank financial company designated as systemically important that is placed into receivership. The OIG is also required to produce a report that evaluates the effectiveness of the Board’s supervision, identifies any acts or omissions by the Board that contributed to or could have prevented the company’s receivership status, and recommends appropriate administrative or legislative action. We will continue to enhance our staff’s technical expertise to ensure that we can meet these new reporting requirements. Objective 1.3.3: Large Banks & Important Nonbank Financial Companies Monitor the actions taken by BS&R to implement its new framework and will assess the effectiveness of the initiatives relating to large bank holding companies and important nonbank financial companies. Stakeholder(s): FRB's Division of Banking Supervision and Regulation (BS&R) Large Bank Holding Companies Important Nonbank Financial Companies Other Information: New framework for supervision of large bank holding companies and systemically important nonbank financial companies. The Dodd-Frank Act requiresthat the Board establish a new framework for the supervision of large bank holding companies and systemically important nonbank financial companies. The Board’s Division of Banking Supervision and Regulation (BS&R) is leading the effort to create this new framework by conducting studies and developing and implementing rules, regulations, and guidelines. BS&R will also support the Board’s new Office of Financial Stability Policy and Research as part of the Board’s enhanced role in financial stability. We will continue to monitor the actions taken by BS&R to implement its new framework and will assess the effectiveness of these initiatives. Objective 1.3.4: Savings & Loan Holding Companies Continue to review the Board’s implementation of its plan to transfer of functions, authorities, and resources from the OTS. Stakeholder(s): Savings & Loan Holding Companies Federal Reserve Board Other Information: Transfer of supervisory responsibility for savings and loan holding companies to the Board, and wind down of the OTS. The Dodd-Frank Act abolishes the OTS and transfers its supervisory responsibilities to the Board, the FDIC, and the OCC. These agencies, along with the OTS, submitted a plan to Congress and the IGs for the Treasury, the FDIC, and the Board outlining the steps they are taking to implement the Dodd-Frank Act provisions related to the orderly transfer of functions, authorities, and resources from the OTS to the other regulators. Our office reviewed the plan, which addresses, among other things, the incorporation of the supervision of savings and loan holding companies into the Board’s bank holding company supervision program. We will continue to review the Board’s implementation of the plan until implementation is complete. Objective 1.3.5: Supervision & Financial Stability Conduct audits of the Board’s approach, activities, and infrastructure to support supervision and financial stability in response to the Dodd-Frank Act. Stakeholder(s): Federal Reserve Board Other Information: Responsibilities for supervision and financial stability under the Dodd-Frank Act. Our office will conduct audits of the Board’s approach, activities, and infrastructure to support supervision and financial stability in response to the Dodd-Frank Act. We have gathered initial information related to BS&R’s activities for (1) supervising bank holding companies and systemically important nonbank financial institutions, and (2) monitoring and responding to emerging systemic risks in the U.S. financial system in support of the Board’s role as a member of the FSOC. We will perform auditsto review specific Board activities. Objective 1.4: Oversight Review the Board’s oversight of the Federal Reserve Banks’ operations. Stakeholder(s): FRB's Division of Reserve Bank Operations and Payment Systems (RBOPS) Other Information: The Federal Reserve Act of 1913 and the Monetary Control Act of 1980 provide the legal framework for the Federal Reserve’s role in the nation’s payment systems, which is to foster the integrity, efficiency, and accessibility of U.S. dollar payment and settlement systems. This mission is fulfilled in part by providing financial services to depository institutions and serving as the fiscal agent and depository for the U.S. government. The Federal Reserve Banks and the private sector operate payment, clearing, and settlement activities. Federal Reserve Banks perform fiscal agency responsibilities on behalf of the Treasury and maintain the Treasury’s bank account, accept deposits of federal taxes and fees, pay checks drawn on the Treasury’s account, and handle electronic payments. The Federal Reserve also provides cash services to depository institutions to foster efficient distribution that meets both domestic and international demands. The Board’s Division of Reserve Bank Operations and Payment Systems (RBOPS) oversees the Federal Reserve Banks’ provision of financial services to depository institutions and fiscal agency services to the Treasury and other government agencies, as well as the Banks’ internal support functions. RBOPS also develops policies and regulations to promote the efficiency and integrity of the U.S. payment systems, works with other central banks and international organizations to improve the payment systems more broadly, and conducts research on payment issues. Below are several areas that the OIG may review during the period covered by this strategic plan. Objective 1.4.1: Payment, Clearing & Settlement Services Monitor and evaluate the Board’s actions taken with respect to payment, clearing, and settlement services. Stakeholder(s): Federal Reserve Board Payment Services Clearing Services Settlement Services Other Information: Board’s oversight of payment, clearing, and settlement services. To support the Federal Reserve’s mission of fostering the integrity, efficiency, and accessibility of U.S. dollar payment and settlement systems, the Board performs ongoing analysis of the operations, rules, and risk-management practices of payment, clearing, and settlement services crucial to the operation of financial markets. Both the Reserve Banks and the private sector operate key systems, such as check clearing, automated clearing house (ACH) services, wire (fund) transfers, and securities transfers. In addition, the Monetary Control Act of 1980 requires the Board to approve the fees for the priced services provided by the Reserve Banks in order to recover costs associated with providing these services. We plan to review the Board’s oversight of the Federal Reserve System’s payment, clearing, and settlement services, to include the pricing of these services. If private sector entities that provide payment, clearing, or settlement services are designated as systemically important, we will monitor and evaluate the Board’s actions taken with respect to these entities. Objective 1.4.2: FOIA Exemptions Complete a study of certain FOIA exemptions applicable to emergency lending, discount window loans, and open market transactions. Other Information: FOIA exemption review. The Dodd-Frank Act also required that, within 30 months of enactment, the OIG must complete a study of certain FOIA exemptions applicable to emergency lending, discount window loans, and open market transactions. We will conduct this study as required. Objective 1.4.3: Reserve Bank Review Process Examine RBOPS’s Reserve Bank review process and identify areas for further assessment. Stakeholder(s): RBOPS Other Information: RBOPS’s Reserve Bank review activities. We plan to examine RBOPS’s Reserve Bank review process and identify areas for further assessment, particularly in light of changes made to the Board’s supervision of financial market utilities (FMUs) and payment, clearing, and settlement systems pursuant to Title VIII of the Dodd-Frank Act. We also plan to review the Board’s oversight of the annual independent audits of (1) the individual Reserve Bank financial statements and (2) the combined Federal Reserve Bank financial statements, which are conducted by an IPA firm under contract with RBOPS. Objective 1.4.4: Law Enforcement Operations Assess RBOPS’ effectiveness in overseeing the Reserve Bank LEU and fulfilling its EOF responsibilities. Stakeholder(s): RBOPS Reserve Bank LEU Other Information: Board oversight of Federal Reserve Bank law enforcement operations. Given the inherent high risk in federal law enforcement activities, strong oversight is an essential component of the internal control and risk mitigation framework. While the OIG serves as the EOF for the Board’s law enforcement programs, the Uniform Regulations for Federal Reserve Law Enforcement Officers designates RBOPS as the EOF for the Federal Reserve Bank law enforcement programs. We plan to assess RBOPS’ effectiveness in overseeing the Reserve Bank LEU and fulfilling its EOF responsibilities. Objective 1.5: Consumer & Community Affairs Evaluate the Board’s consumer and community affairs programs. Other Information: Although the enactment of the Dodd-Frank Act led to the transfer of certain rulemaking responsibilities of the Board’s Division of Consumer and Community Affairs (DCCA) to the Bureau, which we address under Goal 2, DCCA retains a key role in maintaining consumer financial protection through compliance examinations and enforcement responsibilities for Board-regulated banks with total assets of $10 billion or less. In addition, the Board retains rulemaking authority under o the Community Reinvestment Act, o the National Flood Insurance Act, o the interchange fees provision of the Electronic Funds Transfer Act, and o several provisions of the Fair Credit Reporting Act. Also, consumer protection rulemaking for auto dealersremains with the current agencies, including the Board. We will initiate scoping activities to assess the risks associated with the various responsibilities and functional changes in DCCA as a result of the Dodd-Frank Act. In addition, we plan to review DCCA’s compliance examination and enforcement activities for Board-regulated banks with total assets of $10 billion or less, as well as other actions planned to meet the requirements of the Dodd-Frank Act. Objective 1.6: Investigations Conduct investigations of possible fraud, waste, abuse, and misconduct associated with Board programs and operations. Other Information: Under the authority of the IG Act, the OIG conducts criminal, civil, and administrative investigations of alleged fraud, waste, abuse, and misconduct related to the programs and operations of the Board. In addition, the OIG uses its knowledge of banking, finance, and the Federal Reserve System to support the criminal and civil investigations of the Department of Justice. Over the next five years, the OIG envisions that its joint work with the Department of Justice will continue to evolve, with a focus on detecting and preventing Bank Secrecy Act violations, money laundering, terrorist financing, fraud, and other financial crimes. The OIG also expects that its criminal investigative activities will include leading or participating in multi-agency task forces relating to bank fraud, terrorist financing, and money laundering. Goal 2: Bureau of Consumer Financial Protection’s Programs & Operations Enhance Economy, Efficiency, and Effectiveness; Limit Risk; Detect and Prevent Fraud and Abuse; and Ensure Compliance in the Bureau of Consumer Financial Protection’s Programs and Operations Stakeholder(s): Bureau of Consumer Financial Protection Objective(s): 2.1: Governance, Functions & Operations 2.1.1: Planning, Governance & Controls 2.1.6: Information Systems & Security 2.1.7: Physical Infrastructure 2.3: Supervision & Enforcement 2.5: Financial Products & Services 2.7: Fraud, Waste, Abuse & Misconduct Other Information: The OIG is establishing the foundation for its oversight of the Bureau’s developing functions and responsibilities and will build upon that structure to ensure comprehensive coverage of the Bureau’s activities. The Bureau is considered an “executive agency,” as defined in 5 U.S.C. §105, so certain laws, regulations, and guidance may apply to the Bureau that do not apply to the Board. We recognize that the Bureau’s evolving mission and operations will influence our approach to this goal; therefore, we will build flexibility into our plans to adapt to the Bureau’s changing priorities and operational direction. The OIG will use a risk-based oversight approach that considers the Bureau’s strategic objectives, financial impacts, and potential operational and compliance risks to the Bureau’s functions. We will focus our Goal 2 oversight efforts on the strategic objectives described below. Objective 2.1: Governance, Functions & Operations Address current and emerging issues related to the governance, transfer of functions, and internal operations of the Bureau. Stakeholder(s): Bureau of Consumer Financial Protection Other Information: On an interim basis, the Treasury is authorized to perform certain functions to establish the Bureau. While the Treasury is performing this role, both the Board OIG and the Treasury OIG have a role in overseeing the Bureau and are coordinating and cooperating on audits, evaluations, and other reviews of the Bureau’s operations, as appropriate. During this interim period and the first critical months after the designated transfer date, we plan to closely monitor the Bureau’s status relative to Dodd-Frank Act requirements, emerging issues related to the Bureau’s governance and organizational structures, and the transfer of functions to the Bureau from other federal agencies. The following are OIG areas of interest over the strategic planning time horizon. Objective 2.1.1: Planning, Governance & Controls Assess the Bureau’s progress in planning, coordinating, and implementing its funding and expenditures; assumption of functions from other agencies; and organizational structure and staffing. Stakeholder(s): Bureau of Consumer Financial Protection Other Information: The Bureau’s planning, governance, and controls. Strategic and tactical planning, strong governance, and effective internal controls will be necessary for the Bureau to successfully merge functions from seven different regulatory agencies. We plan to assess the Bureau’s progress in planning, coordinating, and implementing its funding and expenditures; assumption of functions from other agencies; and organizational structure and staffing. We also plan to consult with other recently merged federal agencies to identify best practices and lessons learned related to establishing a new agency, which will further our evaluation of the effectiveness of interagency coordination in establishing the Bureau. Objective 2.1.2: Budget Monitor and review the Bureau’s budgeted and actual use of funds and will assess the adequacy of associated internal controls. Stakeholder(s): Bureau of Consumer Financial Protection Other Information: Budget formulation and execution. As mandated by the Dodd-Frank Act, the Bureau receives its funding, to a certain limit, from the Board. Until the designated transfer date, the Treasury is responsible for budgeting, tracking, and accounting for all monies disbursed by the Board to the Bureau. The OIG will monitor and review the Bureau’s budgeted and actual use of funds and will assess the adequacy of associated internal controls. Objective 2.1.3: Transfers of Functions Assess the Bureau’s compliance with the Dodd-Frank Act’s organizational and transfer of function requirements. Stakeholder(s): Bureau of Consumer Financial Protection Other Information: Compliance with implementation requirements. The Dodd-Frank Act contains several requirements related to the transfer of functions to the Bureau and establishing the agency’s organizational components. For example, the Bureau must establish offices to assist specific consumer groups, including an Office of Service Member Affairs and an Office of Financial Protection for Older Americans. The OIG will assess the Bureau’s compliance with the Dodd-Frank Act’s organizational and transfer of function requirements. Monitor the Bureau’s emerging HR function and will conduct specific audits, evaluations, and inspections, as appropriate. Stakeholder(s): Bureau of Consumer Financial Protection Other Information: Human resources, benefits, and retirement systems. Since the Bureau projects that it will grow to more than 1,200 employees by the end of fiscal year 2012, a comprehensive HR system will be a critical success factor for the new agency. Moreover, the complexity of the benefits and retirement programs necessary to accommodate the transfer of employees from various agencies and meet certain requirements of the Dodd Frank Act will pose a challenge for the Bureau’s developing HR function. The OIG will monitor the Bureau’s emerging HR function and will conduct specific audits, evaluations, and inspections, as appropriate. Objective 2.1.5: Training Monitor the Bureau’s training activities to ensure that the agency provides appropriate and timely training for both new and transferred employees. Stakeholder(s): Bureau of Consumer Financial Protection Other Information: Training programs. The development of consistent training programs, policies, and procedures and their subsequent implementation will require significant planning and resources. The OIG plans to monitor the Bureau’s training activities to ensure that the agency provides appropriate and timely training for both new and transferred employees. Objective 2.1.6: Information Systems & Security Employ our control assessment tool to review the Board’s information technology platforms. Stakeholder(s): Federal Reserve Board Other Information: Information systems and security. Under FISMA, the Bureau must develop and implement an agency-wide program to provide information security throughout the life cycle of all agency automated systems. FISMA also requires that each OIG perform an annual independent evaluation of its respective agency’s information security program and practices. Each agency head must submit the results of the OIG’s independent evaluation—along with the agency’s reports of the adequacy and effectiveness of information security policies, procedures, and practices—to the director of OMB on an annual basis. To meet the FISMA control testing requirement for the Bureau, the OIG will employ the control assessment tool it uses to review the Board’s information technology platforms. Moreover, the OIG will assess some of the security controls that affect Bureau-wide operations and identify and perform programmatic audits, inspections, and evaluations on information security topics in accordance with our statutory requirement. Because the Bureau will collect a significant amount of consumer data in newly designed and implemented IT systems, appropriate security controls for the handling and transmission of consumer data must be implemented. As part of our FISMA-mandated work, we will focus on the major information systems that collect, employ, and maintain sensitive consumer information. Objective 2.1.7: Physical Infrastructure Conduct reviews to ensure that procurement activities comply with applicable regulations and that adequate controls exist to detect and reduce the likelihood of inefficient use of funds as well as the potential for fraudulent activities. Stakeholder(s): Bureau of Consumer Financial Protection Other Information: Physical infrastructure decisions. The Bureau will be making significant investments and entering into potentially complex contracts for office space and equipment as it establishes its Washington, DC, office and any regional offices. We will conduct reviews to ensure that procurement activities comply with applicable regulations and that adequate controls exist to detect and reduce the likelihood of inefficient use of funds as well as the potential for fraudulent activities. Objective 2.2: Rules, Orders & Guidance Review the Bureau’s processes for formulating and issuing rules, orders, and guidance implementing federal consumer financial law. Other Information: Consistent with the Dodd-Frank Act, the Bureau will have the authority to prescribe rules, issue orders, and produce guidance related to certain federal consumer financial laws that were within the authority of the Board, the OCC, the OTS, the FDIC, the NCUA, the Federal Trade Commission (FTC), and the HUD. For example, the Bureau takes on all consumer protection functions of the Secretary of the HUD relating to the Real Estate Settlement Procedures Act of 1974 (12 U.S.C. 2601 et seq.). In addition, the Bureau has new rulemaking authorities related to unfair, deceptive, and abusive acts or practices that are not related to transferred functions. The OIG will review the Bureau’s rulemaking processes to ensure compliance with the Dodd-Frank Act as well as other applicable rulemaking standards. Further, consistent with the IG Act, we will review existing and proposed Bureau-related legislation and regulations to assess their impact on the economy and efficiency of the Bureau’s programs and operations or the prevention and detection of fraud and abuse in Bureau programs and operations. Objective 2.3: Supervision & Enforcement Assess the Bureau’s implementation of its supervision and enforcement activities. Other Information: The Dodd-Frank Act authorizes the Bureau to conduct consumer compliance examinations of banks, savings associations, and credit unions with total assets in excess of $10 billion. In addition, the Bureau is authorized to supervise specific nondepository institutions engaged in consumer finance activities. The Bureau also is charged with prohibiting unfair, deceptive, or abusive acts or practices in connection with consumer financial products and services. The OIG will monitor the Bureau’s supervision and enforcement activities related to these institutions and, as appropriate, may assess the adequacy of the Bureau’s associated examination policies and procedures. Objective 2.4: Financial Education Identify and review key aspects of the Bureau’s role in establishing and implementing financial education programs for consumers of financial services and products. Other Information: The Bureau is responsible for developing and implementing initiatives intended to educate and empower consumers to make better financial decisions. In consultation with the Financial Literacy and Education Commission, the Bureau must develop and implement a strategy to improve financial literacy. The OIG will monitor the Bureau’s development and implementation of education programs for consumers of financial services and products to ensure that Bureau resources are used effectively and efficiently. We plan to coordinate our work with the Government Accountability Office (GAO), which is responsible for studying certain aspects of the Bureau’s financial literacy and personal finance education programs. Objective 2.5: Financial Products & Services Evaluate the Bureau’s functions related to collecting data, researching trends, and tracking and publishing market information on consumer financial products and services. Other Information: The Bureau is responsible for researching, analyzing, and reporting on (1) developments in markets for consumer financial products and services; (2) access to fair and affordable credit for traditionally underserved communities; (3) consumer awareness, understanding, and use of disclosures and communications regarding consumer financial products or services; (4) consumer awareness and understanding of costs, risks, and benefits of consumer financial products or services; (5) consumer behavior with respect to consumer financial products or services; and (6) experiences of traditionally underserved consumers. To meet these responsibilities, the Bureau will collect and have access to a significant amount of data. Records in its data collection system may contain sensitive and personally identifiable information, including names, social security numbers, account numbers, and dates of birth. The OIG will review the Bureau’s internal controls related to protecting such information and, as appropriate, suggest improvements to strengthen the privacy of its data processes. In addition, we will monitor the work of the Bureau’s research unit to determine specific areas for OIG review. We anticipate assessing the breadth of data collected by the various Bureau studies to ensure the research unit fulfills the requirements of the DoddFrank Act Objective 2.6: Consumer Complaints Conduct work on the Bureau’s approach to collecting, researching, and responding to consumer complaints. Stakeholder(s): Consumers Other Information: The Dodd-Frank Act requires that the Bureau establish a consumer complaints response function that includes a single, toll-free telephone number; a website; and a database to facilitate centrally collecting, monitoring, and responding to consumer complaints regarding consumer financial products and services. In addition, the consumer complaint response unit must coordinate and share information with the FTC and other federal and state agencies to appropriately respond to consumer complaints. The Director of the Bureau must annually report to Congress on the consumer financial products and services complaints that the agency received in the prior year. As the Bureau develops its consumer complaints response function, the procedures and practices established to handle complaints will be critical to ensuring that the appropriate agency addresses complaints efficiently and adequately. We will conduct reviews to ensure that the Bureau establishes processes and controls to properly collect, research, monitor, respond to, and track consumer complaints. The OIG will review the operations of the Bureau’s response function, which includes the toll-free telephone number, the website, and the complaint database. In addition, the OIG will assess the information sharing process among the Bureau, the FTC, and other federal and state agencies to determine whether complaints are properly routed and disseminated. Our work in this area will ensure the complaint function meets the requirements of the Dodd-Frank Act, including the annual report to Congress. Objective 2.7: Fraud, Waste, Abuse & Misconduct Conduct investigations of possible fraud, waste, abuse, and misconduct associated with Bureau programs and operations. Other Information: The OIG will perform criminal, civil, and administrative investigations of alleged fraud, waste, abuse, and misconduct that relate to programs and operations of the Bureau. Goal 3: OIG’s Operations & Communications Enhance the Efficiency and Effectiveness of the OIG’s Operations and Communications Objective(s): 3.1.2: Career Development & Succession Planning 3.1.4: Performance Environment 3.3.2: Information, Cooperation & Coordination 3.5: Technology Infrastructure 3.5.2: Project Management Software Other Information: Consistent with our mission to evaluate the programs and operations of the Board and the Bureau, we continually search for ways to enhance our capabilities, strengthen our service delivery and internal processes, and improve our communication methods. We continue to make great strides in our staff development and evaluation processes to meet the ongoing challenge of maintaining an effective workforce. We also continue to enhance our technology infrastructure and major business processes. We recognize that we will most effectively achieve our mission by building effective working relationships and maintaining open communications not only with Board and Bureau management, but also with Congress, the Reserve Banks, the broader OIG community, and other key stakeholders. We also will review and evaluate our internal policies, procedures, and practices to ensure that our operations and communications are efficient and effective. Objective 3.1: Human Resources Enhance human resources management. Other Information: Our people are our most valuable resource. Each individual brings unique knowledge, skills, and abilities to help achieve our mission and goals. Human resource considerations are an integral part of our vision, values, goals, objectives, and strategies. During this planning period, strengthening our human resource management processes will remain one of our highest priorities. Specifically, we plan to continue focusing on the following: Objective 3.1.1: KSAs Build staff knowledge, skills, and abilities. Other Information: Implementation of the Dodd-Frank Act poses new challenges for us because it requires us to broaden our knowledge ofthe Bureau’s activities and the Board’s new functions and responsibilities. Our staff members must collectively possess an understanding ofthe broad range of Board and Bureau programs and operations, as well as the skills and abilities required to fulfill our oversight responsibilities. We will continue to recruit highly skilled staff, with a particular emphasis on individuals with the knowledge, skills, and abilities required to perform our new responsibilities. In addition, the OIG will continue to build a robust training program that includesformal and on-the-job training that is tailored to help OIG employees effectively perform their work. We plan to review our technical and management core competencies to ensure that OIG employees have a benchmark forthe knowledge, skills, and abilities necessary for individualsuccess within the OIG, consistent with our mission, vision, values, and goals. Furthermore, we are establishing mission area teams that will develop subject matter expertise in key Board and Bureau mission areas, so they may serve as a resource when we conduct reviews in their respective areas. We also will enhance our internal reference materials through the technology available in our audit and investigative software. Objective 3.1.2: Career Development & Succession Planning Strengthen our career development and succession planning processes. Other Information: Since the previous strategic planning period, we have developed an organizational structure to support our growth and ensure appropriate oversight consistent with the Dodd-Frank Act. Our continued growth coupled with senior staff approaching retirement eligibility necessitates continued emphasis on these efforts. We will continue to build our cadre of mid-level managers and provide training and experiences that will prepare them to assume higher-level positions. A key facet of our career development and succession planning program is our annual individual development plan process, which tailorstraining and other developmental assignments to each individual employee. In addition, we are assessing our job descriptions and career ladders to ensure that they are up-to-date and consistent with other Board organizations. We will also apply “knowledge management” concepts to facilitate the sharing and transfer of knowledge from the senior members of the organization to future managers and officers, and we are working to establish an OIG mentoring program. Further, we will continuously review our organizational structure to ensure it meets our evolving needs. Objective 3.1.3: Employee Orientation Enhance orientation of new employees. Other Information: Our continued growth has highlighted the need to develop a more comprehensive orientation process for new employees. A working group comprised of a cross-section of staff is developing a formal program that will help ensure that new employees better understand the operations of the OIG, the Board, and the Bureau; have a structured training plan; and are provided with ready access to key documents, such as OIG policies and procedures. Objective 3.1.4: Performance Environment Foster a performance environment that engenders high achievement, continuous professional growth, and effective communication. Other Information: We plan to assess our performance measurement program and make any appropriate revisions to enhance employee feedback, reward desired behaviors and outcomes, and identify training opportunities. We will assess our performance standards to ensure that they are capturing critical core competencies and behavioral factors. Objective 3.2: Internal Communications Continue to enhance internal communications. Other Information: Effective internal communications is a central focus in successfully achieving the OIG mission. As our office grows, timely and effective internal communications become more of a challenge. As a result, we have initiated an enhancement of our intranet website for OIG staff that will (1) contain information and resources to help new employees in their transition to the organization; (2) allow the immediate dissemination of important information to all staff; and (3) permit continuous updates of resources and other information. Objective 3.3: External Communications Further expand external communications. Stakeholder(s): Federal Reserve Board Bureau of Consumer Financial Protection Federal Reserve System Congress The Public Other Information: Effective communication with our stakeholders, including the Board, the Bureau, the Federal Reserve System, Congress, and the public, is critical to achieving the OIG mission. In addition, the OIG has a duty and responsibility to keep Congress fully and currently informed by means of semiannual and other reports concerning fraud and other serious problems, abuses, and deficiencies relating to the programs and operations ofthe Board and the Bureau. At the same time, we are charged with recommending corrective actions and reporting on the progress made in implementing these corrective actions. We are also members of the broader IG and other professional communities. In this role, we will continue to work with other IGs to promote professionalism and coordination among the Council of the Inspectors General on Integrity and Efficiency (CIGIE) membership on shared concerns. In addition, our continued coordination with other IGs in the financial regulatory agencies promotes consistency in our work and potentially provides a broader assessment of common issues that warrant attention. We plan to emphasize the following areas under this objective: Objective 3.3.1: Coordination Coordinate with key Board staff, Bureau staff, and other stakeholders to help ensure that we are addressing the areas of highest risk. Other Information: Through our strategic and annual planning processes, we strive to direct our resources to provide the highest level of value-added services to the Board, the Bureau, Congress, and other key stakeholders. We also build flexibility into our planning so we may be responsive to unexpected work. We will continue to look for opportunities to strengthen our interactions with the members of the Board, division directors, and other key Board and Bureau officials so that we understand planned and ongoing initiatives and allocate our audit, inspection, and investigative resources accordingly. Objective 3.3.2: Information, Cooperation & Coordination Better inform the Board, the Bureau, and the Federal Reserve Banks about our mission and the duty to cooperate and coordinate with our office. Other Information: Having information about the OIG readily available to employees of the Board, the Bureau, and the Federal Reserve Banks helps to promote a clear understanding of the OIG’s roles and responsibilities; facilitate effective communication, cooperation, and coordination; and foster constructive working relationships. In addition, highlighting the OIG Hotline number and other contact information provides employees with appropriate access to the OIG for reporting any suspected fraud, waste, abuse, or misconduct. We plan to enhance and develop various communication materials, such as a pamphlet and protocol documents, to inform others about the OIG. We will also coordinate with Board, Bureau, and Federal Reserve Bank officials to integrate information about the OIG into ongoing programs, such as the orientation and ethics programs. Objective 3.3.3: Working Relationships Continue to build effective working relationships with members of the OIG community and related groups. Other Information: While our primary mission is to enhance Board and Bureau programs and operations, we actively participate in the broader IG and other professional communities. Coordination with other IGs, particularly in the financial regulatory agencies, can promote consistency in our approaches and priorities, help address areas of common vulnerability, and provide a broader perspective of issues that warrant attention. We will continue to participate actively as a member of the CIGIE, the Council of Counselsto the IG, and related community-wide groups in the audit, inspection, evaluation, and investigative program areas. Consistent with the Dodd-Frank Act, we will also actively serve on the newly established CIGFO comprised of nine financial regulatory IGs to oversee the efficiency and effectiveness of the FSOC and to focus on issues of concern that may apply to the broader financial sector. While looking to the community for best practices and creative ways to meet workload demands, we will also be open to sharing our tools, techniques, and results to maintain a two-way communications approach that promotes goodwill and strengthens oversight activities throughout the federal government. Objective 3.3.4: Hotline Enhance communications associated with our Hotline. Other Information: To improve the effectiveness of our Hotline operations, the OIG increased itsstaffing and is establishing systemic processes and timeframes for handling complaints and appropriately communicating with involved parties. Objective 3.3.5: Product Assessment Continually assess our product line to enhance and streamline our presentation of information. Other Information: We will assess our product line and, to the extent possible, design formats to help distinguish OIG products and assist users in quickly determining a report’s main message and locating relevant information. Providing timely, accurate, and useful information regarding the results of our audit, attestation, inspection, evaluation, and investigative projects is critical to meeting the mandates of the IG Act. Because our reports must convey a wide range of information, meet the needs of different audiences, and comply with different sets of standards, we recognize that “one-size-fits-all” reporting is not feasible, and we will continue to look for the most optimal reporting mechanisms to meet our varied requirements. We will also develop criteria and guidelines to help streamline and enhance the report writing and production processes. Objective 3.4: Business Processes Continue to improve our business processes. Other Information: The responsibilities of the agencies that the OIG concurrently oversees are subject to change. The standards under which we perform our work are updated to reflect new requirements and environments, and our internal policies, procedures, and practices must also be refined and updated to remain in compliance. In addition, new methodologies, tools, and techniques continue to become available at a rapid pace, with features that have the potential to further enhance our business processes. To ensure that our operations continue to be state-of-the-art, we must be willing to question the status quo and adopt alternative methods to accomplish our work more efficiently without sacrificing quality or failing to meet applicable standards. Over the strategic planning time horizon, we will Objective 3.4.1: Quality & Efficiency Continue to ensure the quality and efficiency of OIG audits, attestations, inspections, evaluations, and investigations. Other Information: We continually review our internal business processes to ensure that quality is incorporated throughout a project’s life cycle and that management receives meaningful project status information. Proposed changes to GAO’s Government Auditing Standards may necessitate revising our audit policies for financial audits, performance audits, and attestations. We will continue to strengthen the scoping and planning phase of our audit assignments to incorporate compliance with standards in each assignment as early as possible. For each audit, inspection, and evaluation, we will set clear objectives, develop an appropriate methodology to address these objectives, and set realistic project timeframes. We recently implemented a revised quality assurance monitoring program designed to further enhance the quality of our audits and attestations. We anticipate expanding this program to encompass our inspections and evaluations. Based upon the results of the program to date, we have identified internal policies and procedures that can be enhanced, and we have established a team to accomplish this task. Furthermore, within the next three years, both our audit and investigative programs are due to undergo external peer reviews, and we will be conducting peer reviews of other OIGs. There are lessons to be learned from both undergoing and conducting a peer review. These reviews provide valuable insight into how other OIGs perform their duties and identify ways we may improve the efficiency and effectiveness of our programs. Objective 3.4.2: Data Mining Increase our use of data mining to support individual audits, inspections, evaluations, and investigations, as well as a continuous data flow. Other Information: We have successfully employed data mining technology on multiple projects over the last several years. We plan to build upon this success to expand our capabilitiesthrough increased staff training. Objective 3.4.3: Process Enhancement Continue to enhance processes to track actions on open recommendations. Other Information: An efficient and effective review resolution and follow-up process is a key component of an agency’s internal control framework that helps agency management identify and manage relevant risks. We have been implementing an automated tracking system in Board divisions that allows the Board and the OIG to better track the status of actions being taken to address recommendations until closure. The database captures recommendations and associated management decisions, establishes accountability and action plans, monitors progress, and tracks results. As the Bureau becomes operational, we will also implement the system in its divisions. Objective 3.4.4: Tools & Techniques Employ additional tools and techniques. Other Information: We will continue to look for tools and techniques that may enhance the efficiency and effectiveness of our operations. In addition to the data mining technology discussed above, we will explore tools to increase our statistical and quantitative data analysis capabilities. We will also evaluate additional tools that will allow our IT auditors to perform scanning, vulnerability analysis, and other testing. Further, we will look to upgrade and expand our computer forensics capabilities within our Investigations section. Objective 3.5: Technology Infrastructure Further strengthen our technology infrastructure. Other Information: IT plays an expanding role in the OIG’s internal operations. Over the years, we have used IT to automate and streamline our operations. Going forward, we will continue to seek ways to enhance our performance through the use of IT. Our emphasis will be on information sharing to increase productivity, improve communication, and reduce overall cost of operations. We plan to focus on the following areas: Objective 3.5.1: Business Needs Continue to enhance our IT infrastructure to effectively support our business needs, in compliance with applicable security standards and guidance. Other Information: We continue to enhance, maintain, and optimize our IT services and resources to effectively achieve our mission. Technology continues to offer more efficient and effective approaches to streamlining our processes. We continue to maintain our information technology infrastructure to meet the requirements established by the Board and to comply with OMB’s FISMA guidance. Objective 3.5.2: Project Management Software Ensure that our project management software continues to effectively meet our business needs. Other Information: We will continue to assess the capabilities of our project management software against alternative technologies to ensure that our business needs are effectively addressed. While we prefer to employ commercially available software, we recognize that at least some degree of customization may best meet our needs. We will ensure that oursoftware complies with government standards and serves to enhance our functionality. Objective 3.5.3: New Technologies Employ new technologies to enhance productivity, leverage scarce resources, and improve employee morale. Other Information: We recognize the vast potential that information technologies offer for enhancing our operations and productivity. Our office has successfully incorporated telecommuting as an option forimproving productivity and employee work-life balance through technology, while helping to conserve resources and reduce traffic congestion. As mentioned previously, we are enhancing our intranet website to more effectively disseminate information to our growing staff. We also plan to employ electronic communication media, such as webcasts, web conferencing, virtual meetings, and internet videos. In addition, we are participating in a CIGIE working group that is examining the potential role of social media in the OIG environment. |