FHFA Did Not Complete All Planned Supervisory Activities Related to Cybersecurity Risks at Freddie Mac for the 2016 Examination Cycle (Redacted) [open pdf - 1MB]
From the Executive Summary: "The Federal Housing Finance Agency (FHFA) is charged with ensuring that the Federal National Mortgage Association (Fannie Mae) and the Federal Home Loan Mortgage Corporation (Freddie Mac) (together, the Enterprises) operate in a safe and sound manner. Within FHFA, the Division of Enterprise gulation (DER) is responsible for the supervision of the Enterprises. [...] We performed this audit to address two objectives. First, we sought to determine whether the supervisory activities planned by DER relating to Freddie Mac's cybersecurity risks for the 2016 examination cycle addressed the cybersecurity risks highlighted in its risk assessment and supervisory strategy. [...] Second, we sought to determine whether the planned supervisory activities for the 2016 examination cycle were completed during that cycle in light of FHFA's representations in its 2015 PAR [Performance and Accountability Report] that 'a key objective of FHFA's supervisory work' during 2016 would be oversight of how Freddie Mac managed its cyber risk and addressed vulnerabilities."
Federal Housing Finance Agency, Office of the Inspector General Audit Report No. AUD-2017-011
Federal Housing Finance Agency Office of Inspector General: https://www.fhfaoig.gov/