HUD/FHA
Name of Agency: Department of Housing & Urban Development (HUD) Federal Housing Administration (FHA)
Contract Number:
R-FTW-00415
 Subcontractor to: N/A Contract Name: OMB Circular NO. A-123, Appendix A Implementation Internal Control Over Financial Reporting Assessment that includes OMB A-130 Security Assessment and Review
Contract Type: FFP
Period of Performance: October 2005 – Present Contract Amount 2.9
Brief Contract Description:
OMB Circular No. A-123 Appendix A Internal Controls over Financial Reporting and the Federal Managers Financial Integrity Act (FMFIA) stipulates that management has a fundamental responsibility to develop and maintain effective internal control. This assessment describes FHA internal controls based on executive, legislative, departmental, and technical guidelines. The Department of Housing and Urban Development Guidelines and the Federal Housing Administration Guidance establishes the policy, as well as organizational and management responsibility to implement the Federal Managers Financial Integrity Act of 1982 “Computer Security Act of 1987” and Office of Management and Budget (OMB) Circular A-123, Internal Controls Over Financial Reporting “Office of Management and Budget (OMB) Circular A-130, Management of Federal Information Resources” “Presidential Decision Directive 63 (PDD 63)” . The assessment methodology “Methodology” is adapted from OMB Circular No. A-123 Implementation Guide lines, June 2005, Federal Information Security Management Act (FISMA), and National Institute of Standard Technology (NIST) standards “NIST Risk Management Guide for Information Technology Systems, SP 800-30”. The combined guidelines serve as a baseline to ensure management has established and maintained internal controls activities that comply with the standards for Control Environment; Risk Assessment; Control Activities; Information and Communications; and Monitoring.

JAVIS makes recommendation to FHA Chief Financial Officer and Staff for the annual statement of assurance as to the overall adequacy and effectiveness of agency internal control, for fiscal year (FY 2006 -2008). JAVIS reviews FHA’s annual financial statements, Performance and Accountability Report (PAR), annual independent audit, OMB Circular A-127 Financial Reviews and OMB A-130 Security Reviews, and corrective action plans.

OMB A-130 Security Documentation Assessments: JAVIS evaluated twenty (20) primary systems compliance with NIST security standards (Certification and Accreditation, Risk Assessment, Contingency Plan, Test Plan and Plan of Action and Milestones). JAVIS developed Systems Security Management Plan, Contingency Plan, Business Impact Analysis and Test Plan.

History: All Work performed on schedule and in accordance with the SOW and COTR requirements.