ENTERPRISE INCOME VERIFICATION (EIV) SECURITY AWARENESS TRAINING QUESTIONNAIRES



Similar documents
External (Non-HUD Coordinator/User) Instructions for Applying for EIV Access for Multifamily Housing Programs

Enterprise Income Verification (EIV 9.3)

Albuquerque Housing Authority. EIV Security and Procedure Policy

CONTRACT MANAGEMENT SERVICES

INFORMATION EXCHANGE AGREEMENT BETWEEN THE SOCIAL SECURITY ADMINISTRATION (SSA) AND THE [NAME OF STATE] (STATE)

Internet Banking Internal Control Questionnaire

Low-Income Telephone and Electric Discount Programs (LITE-UP) Enrollment Form

EPA and HUD Real Estate Notification and Disclosure Rule Questions and Answers The Rule

Questions and Answers on the Eligibility of Students for Assisted Housing Under the Multifamily Housing Project-based Section 8 Program

Privacy Impact Assessment

Training Requirements and Guidelines

LIFELINE AND LINK-UP ASSISTANCE APPLICATION

CHANGE REPORT FORM HEAD OF HOUSEHOLD S . Mark all that apply

CHAPTER 7. RECERTIFICATION, UNIT TRANSFERS, AND GROSS RENT CHANGES

114.5 CMR: DIVISION OF HEALTH CARE FINANCE AND POLICY

Independent Verification

First Notice of Claim for Unemployment Benefits

CERTIFICATION AND LICENSING (CLS) PROVIDER HANDBOOK APPLICATION PROCESS

956 CMR: COMMONWEALTH HEALTH INSURANCE CONNECTOR AUTHORITY

First Notice of Claim for Unemployment Benefits

Intel Enhanced Data Security Assessment Form

U.S. DEPARTMENT OF HOUSING AND URBAN DEVELOPMENT WASHINGTON, DC

Trumbull Career and Technical Center 528 Educational Highway Warren, Ohio Toll Free

Work Opportunity Tax Credit (WOTC)

Dependent Verification

Eligible individuals need to meet the requirements of the Federal Communications Commission Lifeline Program outlined below.

Web Time and Attendance

APPLICATION CHECK LIST

Department of the Interior Privacy Impact Assessment

We will contact you via telephone to confirm receipt of your application.

The Initial Registration Process. During the initial registration process, this guide assumes the user has been provided a login ID.

Eligibility and Documentation

Federal Bureau of Prisons. Privacy Impact Assessment for the HR Automation System. Issued by: Sonya D. Thompson Deputy Assistant Director/CIO

Apply for a Free Mobile Phone & Free Service

Georgia Bulk Requestor Re-certification Package Must Include:

AUSTIN INDEPENDENT SCHOOL DISTRICT INTERNAL AUDIT DEPARTMENT TRANSPORTATION AUDIT PROGRAM

NATIONWIDE HIPAA NOTICE OF PRIVACY PRACTICES

First Notice of Claim for Unemployment Benefits

EMERGENCY FINANCIAL ASSISTANCE APPLICATION PACKET

Resident Management Corporations; Resident Councils Cross References: PIH Notice

Federal Trade Commission Privacy Impact Assessment. for the: Analytics Consulting LLC Claims Management System and Online Claim Submission Website

Medication Administration Training Program Overview. Online Registration and Payment. Course Outline. Pennsylvania Department of Public Welfare

AUSTIN INDEPENDENT SCHOOL DISTRICT INTERNAL AUDIT DEPARTMENT PAYROLL AUDIT PROGRAM

U.S. Securities and Exchange Commission. Mailroom Package Tracking System (MPTS) PRIVACY IMPACT ASSESSMENT (PIA)

SECTION V COMPLIANCE MONITORING PROCEDURES

MOR FREQUENTLY ASKED QUESTIONS

APPLICATION FOR ADMISSION TO RIVERWALK PLACE. If you need assistance with filling out this application, please contact the office of RiverWalk Place.

University of La Verne I-9 Compliance Training. February 2012

ECONOMIC HARDSHIP DEFERMENT REQUEST Federal Family Education Loan Program

*125* Last First MI Maiden. Street Address or P.O. Box City State Zip Code. Home Work Message. Disabled or Handicapped. Full Time

Electronic Communication In Your Practice. How To Use & Mobile Devices While Maintaining Compliance & Security

GREAT AMERICAN TITLE OF HOUSTON, LLC D/B/A GREAT AMERICAN TITLE COMPANY EXAMINATION REPORT NOVEMBER 24, 2015

Supportive Housing Program (SHP) Self-Monitoring Tools

Employee Leasing Company (PEO) Registration Application

FTA Computer Security Workshop. Security Awareness Training

5:31-7 Appendix B LOCAL AUTHORITIES - ACCOUNTING AND AUDITING IF ANY ARE NOT APPLICABLE, INSERT N/A AS YOUR ANSWER. FIRE DISTRICT YEAR UNDER AUDIT

Rialto Housing Authority Mortgage Assistance Program Application

(Including DCED PROPERTIES) YEAR ENDING DECEMBER 31, Number of occupied units 80% and below.

DEPARTMENT OF HEALTH DETERMINING MEDICAID ELIGIBILITY. Report 2005-S-42 OFFICE OF THE NEW YORK STATE COMPTROLLER DIVISION OF STATE SERVICES

Neighborhood Roofing Replacement Program

Application for Employment

Frequently Asked Questions. PIH Notice : Public Housing and Housing Choice Voucher Programs Temporary Compliance Assistance

E-QIP/CLICK TO SIGN!!

CHARITY CARE APPLICATION REQUIRED DOCUMENTATION CHECK LIST

Enrollment Forms Packet (EFP)

Reporting & Records Retention

HOUSING AUTHORITY OF THE CITY OF AUSTIN. Community Service and Self Sufficiency Requirement

eloccs Registration GUIDE

APPLICATION FOR THERAPEUTIC MASSAGE THERAPIST LICENSE

If eligible, I understand this is a direct assistance loan which is a 0% loan to be paid upon sale or transfer of title.

Disclosure and Authorization to Obtain Information

Emptech s Electronic I-9 Administration

AFFORDABLE HOUSING APPLICATION

Documentation Needed for Rehabilitation Program:

Apply for Free and Reduced Price Meals OR Prepay for Meals Online!

Dear Contractor: If you have any questions about the Program or your Application, please feel free to call our office at

HUD HANDBOOK : OCCUPANCY REQUIREMENTS OF SUBSIDIZED MULTIFAMILY HOUSING PROGRAMS SUMMARY FOR PROPERTY OWNER

PCI DSS FAQ. The twelve requirements of the PCI DSS are defined as follows:

Transcription:

ENTERPRISE INCOME VERIFICATION (EIV) SECURITY AWARENESS TRAINING QUESTIONNAIRES FOR MULTIFAMILY HOUSING PROGRAMS Background EIV contains personal information that is covered by the Privacy Act such as Social Security Numbers (SSNs), Social Security (SS)/Supplemental Security Income (SSI) benefit, wage, unemployment compensation, and new hire (W-4) information concerning persons participating in HUD-subsidized programs. Therefore, the Department strongly encourages new and existing EIV users to have security awareness training, at least annually, as a crucial aspect of ensuring the security of the EIV system and the data contained in the system. The Department s provided security awareness training in June 2007 and intends to provide another such training in July 2008 via satellite broadcast (See EIV Training and Outreach for Multifamily Housing Programs web page). This Office has also developed security awareness training questionnaires for EIV user applicants: one for EIV User applicants and one for EIV Coordinator applicants. To reinforce the importance of respecting the privacy of data, users are strongly encouraged to also conduct security awareness training, onsite, at least annually. Instructions A. Complete and sign. The appropriate questionnaire should be completed by all new EIV user applicants (Coordinators and Users) applying for initial access, meaning the applicant is requesting EIV access for the first time and does not have access to EIV for any contract(s) and/or property(ies) in his or her portfolio in Web Access Secure Systems (WASS), and at least annually by existing EIV user applicants applying for re-certification of EIV access, meaning the applicant has a contract(s) or property(ies) that is currently Certified in EIV, but needs to be re-certified in EIV by a certain date to avoid expiration. Please note that completion of the appropriate questionnaire is completely voluntary. However, HUD s Multifamily Helpdesk cannot approve EIV Coordinator applicants, whether for new or re-certification of existing access, who do not complete and sign the appropriate security awareness training questionnaire; and, approved EIV Coordinators cannot approve EIV User applicants, whether for new or re-certification of existing access, who do not complete and sign the appropriate questionnaire. May 2008

B. Certify. As confirmation of completion, new applicants for EIV Coordinator access must certify on the Coordinator Access Authorization Form (CAAF) to the completion of the Security Awareness Training Questionnaire for EIV Coordinators. In the case of new applicants for EIV User access, these applicants must certify on the User Access Authorization Form (UAAF) to the completion of the Security Awareness Training Questionnaire for EIV Users. EIV Coordinator and User applicants applying for re-certification of existing EIV access are asked to certify, within EIV, to the completion of the applicable questionnaire in order to be re-certified for EIV access. Please note that certification to the completion of the appropriate questionnaire is completely voluntary. However, HUD s Multifamily Helpdesk cannot approve EIV Coordinator applicants, whether for new or re-certification of existing access, who do not certify to the completion of the appropriate security awareness training questionnaire; and, approved EIV Coordinators cannot approve EIV User applicants, whether for new or re-certification of existing access, who do not certify to the completion of the appropriate questionnaire. C. Maintain for Review. Whether approved for new or re-certification of existing access, EIV Coordinators and Users must maintain the appropriate questionnaire on file and make it available for review, upon request, during a Management and Occupancy Review (MOR) or audit. If not presented upon request, the EIV Coordinator s and/or User s access will be terminated until such time as the appropriate completed and signed questionnaire can be presented to the reviewer or auditor. Thank you, in advance, for your cooperation in helping HUD to ensure the integrity of HUD s EIV data and secure system. Following are the subject questionnaires for completion. 2

Security Awareness Training Questionnaire for EIV Coordinators Please print clearly. For items with an asterisk (*), complete the one that applies to you. Name: Date: * Name of Owner of Multifamily Housing Property * Name of Management Agent * Name of Contract Administrator * Name of Service Bureau Position Title Telephone Number Advisory: For existing EIV Coordinator applicants, the Security Awareness Training Questionnaire for EIV Coordinators needs to be completed annually; for new EIV Coordinator applicants, the Security Awareness Training Questionnaire for EIV Coordinators needs to be completed at the time of application for EIV access and annually thereafter at the time of application for recertification. The questionnaire must be maintained on file, along with the Coordinator s approved Coordinator Access Authorization Form (CAAF) and owner and/or authorizing CA letter(s) of approval. These documents must be made available for HUD or CA review during an annual Management and Occupancy Review (MOR) or audit. Security Awareness Training Questionnaire for EIV Coordinators QUESTION 1 Is a Management Agent s or Service Bureau s authorization to represent the owner as Web Access Secure System (WASS) Coordinator sufficient authorization for EIV access? See Instructions for Applying for EIV Access for Multifamily Housing Programs at: 2 Are Management Agents and Service Bureaus permitted to submit a CAAF to HUD s Multifamily Helpdesk for approval prior to receiving written EIV-specific approval from the Owner? See Instructions for Applying for EIV Access for Multifamily Housing Programs at: ANSWER 3

3 Are approved EIV Coordinators allowed to assign EIV Coordinator access authorization rights to other persons, onsite or otherwise, in need of EIV Coordinator access authorization? See Instructions for Applying for EIV Access for Multifamily Housing Programs at: 4 Can multiple users share one WASS ID for the agency or property? See Instructions for Applying for EIV Access for Multifamily Housing Programs at: 5 If the answer to the above question is No, are there any circumstances under which multiple users are permitted to share one WASS ID for the agency or property? See Instructions for Applying for EIV Access for Multifamily Housing Programs at: If Yes, please explain; Otherwise, state No 6 Can the income data contained in EIV be shared with staff at other government agencies, for example, State agencies that administer the Temporary Assistance for Needy Families (TANF)? See page 10 of the Security EIV Training presentation: http://www.hud.gov/offices/hsg/mfh/rhiip/eiv/wc/security.pdf 7 For what purpose(s) can the EIV data be used? See page 9 of the EIV Security Training presentation: http://www.hud.gov/offices/hsg/mfh/rhiip/eiv/wc/security.pdf 8 Can Owners and Agents (O/As) view the data in EIV without having a valid form HUD-9887 on file for the tenant? If not applicable, indicate N/A. See Legal Warning Page in EIV, page 15 of the EIV Security Training Presentation: http://www.hud.gov/offices/hsg/mfh/rhiip/eiv/wc/security.pdf, or page 5-5 of the EIV User Manual for 8.1 at: http://www.hud.gov/offices/hsg/mfh/rhiip/eiv/usermanual.pdf. 9 Must Contract Administrators (CAs) verify during an MOR that the O/A has a valid from HUD-9887 on file for tenants? If not applicable, indicate N/A. See Legal Warning Page in EIV, page 10 of the EIV Security Training Presentation: http://www.hud.gov/offices/hsg/mfh/rhiip/eiv/wc/security.pdf, or page 5-5 of the EIV User Manual for 8.1 at: http://www.hud.gov/offices/hsg/mfh/rhiip/eiv/usermanual.pdf Yes, No, or N/A? Yes, No, or N/A? 10 What are the penalties for unauthorized disclosure and unauthorized inspection of EIV data? See CAAF, page 12 of the EIV Security Training Presentation: http://www.hud.gov/offices/hsg/mfh/rhiip/eiv/wc/security.pdf, or Legal Warning page in EIV. 4

11 What are the three minimum safeguards that should be taken to protect the data contained in EIV? See the EIV System Security Measures web page at: http://www.hud.gov/offices/hsg/mfh/rhiip/eiv/security.cfm 12 Should EIV income reports be left in an Office or on a desk in open view and/or unattended at any time? See CAAF or page 6 of the EIV Security Training Presentation: http://www.hud.gov/offices/hsg/mfh/rhiip/eiv/wc/security.pdf. EIV Coordinator Applicant Signature Date 5

Security Awareness Training Questionnaire for EIV Users Please print clearly. For stared items with an asterisk (*(, complete the one that applies to you. Name (First, Last): Date: * Name of Owner of Multifamily Housing Property * Name of Management Agent * Name of Contract Administrator * Name of Service Bureau Position Title Telephone Number Advisory: For existing EIV User applicants, the Security Awareness Training Questionnaire for EIV Users needs to be completed annually; for new EIV User applicants, the Security Awareness Training Questionnaire for EIV Users needs to be completed at the time of application for EIV access and annually thereafter. The questionnaire must be maintained on file, along with the User s approved User Access Authorization Form (UAAF). These documents must be made available for HUD or CA review during an annual Management and Occupancy Review (MOR) or audit. Security Awareness Training Questionnaire for EIV Users Question 1 Can multiple users share one WASS ID for the agency or property? See Instructions for Applying for EIV Access for Multifamily Housing Programs at: 2 If the answer to the above question is No, are there any circumstances under which multiple users are permitted to share one WASS ID for the agency or property? See Instructions for Applying for EIV Access for Multifamily Housing Programs at: Answer If Yes, please explain; Otherwise, state No 6

3 Under what circumstance(s) can a user reveal or allow use of his or her password by another person? See User Agreement in the UAAF. 4 Can the income data contained in EIV be shared with staff at other government agencies, for example, State agencies that administer the Temporary Assistance for Needy Families (TANF)? See page 10 of the Security EIV Training presentation: http://www.hud.gov/offices/hsg/mfh/rhiip/eiv/wc/security.pdf 5 For what purpose(s) can the EIV data be used? See page 9 of the EIV Security Training presentation: http://www.hud.gov/offices/hsg/mfh/rhiip/eiv/wc/security.pdf 6 Can Owners and Agents (O/As) view the data in EIV without having a valid form HUD-9887 on file for the tenant? If not applicable, indicate N/A. See Legal Warning Page in EIV, page 15 of the EIV Security Training Presentation: http://www.hud.gov/offices/hsg/mfh/rhiip/eiv/wc/security.pdf, or page 5-5 of the EIV User Manual for 8.0 at: http://www.hud.gov/offices/hsg/mfh/rhiip/eiv/usermanual.pdf. 8 Must Contract Administrators (CAs) verify during an MOR that the O/A has a valid from HUD-9887 on file for tenants? If not applicable, indicate N/A. See Legal Warning Page in EIV, page 10 of the EIV Security Training Presentation: http://www.hud.gov/offices/hsg/mfh/rhiip/eiv/wc/security.pdf, or page 5-5 of the EIV User Manual for 8.0 at: http://www.hud.gov/offices/hsg/mfh/rhiip/eiv/usermanual.pdf Yes, No, or N/A? Yes, No, or N/A? 8 What are the penalties for unauthorized disclosure and unauthorized inspection of EIV data? See CAAF, page 12 of the EIV Security Training Presentation: http://www.hud.gov/offices/hsg/mfh/rhiip/eiv/wc/security.pdf, or Legal Warning page in EIV. 9 What are the three minimum safeguards that should be taken to protect the data contained in EIV? See the EIV System Security Measures web page at: http://www.hud.gov/offices/hsg/mfh/rhiip/eiv/security.cfm 10 Should EIV income reports be left in an Office or on a desk in open view and/or unattended at any time? See UAAF or page 6 of the EIV Security Training Presentation: http://www.hud.gov/offices/hsg/mfh/rhiip/eiv/wc/security.pdf. 7

11 Who will be held accountable for his or her (or their) actions while accessing the system? See Rules of Behavior in the UAAF. EIV User Applicant Signature Date 8

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information