Exams or Audits

 View Only
  • 1.  Risk Assessments or Audits

    This message was posted by a user wishing to remain anonymous
    Posted 15 days ago
    This message was posted by a user wishing to remain anonymous

    ​​Hello everyone,

    I just recently came across the below request and don't know if or how to begin implementing this request.
    We currently use outside servicers for our mortgage loans servicing.

    Freddie Mac Annual Eligibility Certification Report Questions -
    Guide Section 1302.2(b)(v) will be effective on 01/13/2022 and it says:

    Vendor risk management program

    Seller/Servicers must implement a vendor risk management program to formally evaluate, track and measure third-party risk; to assess its impact on aspects of the organization's business; and to develop compensating controls or other forms of mitigation to safeguard and protect Freddie Mac's information, data and PPI from unauthorized persons, malicious software or other harmful computer information, commands, codes or programs.

    We conduct due diligence on our servicers, but the request is for a privacy risk assessment or audit of third party vendors ability to safe guard NPPI according to the above guide.

    Can I request the vendor to provide me with their privacy risk assessment or their audit?

  • 2.  RE: Risk Assessments or Audits

    Posted 15 days ago

    At minimum Info Security policy





    Aimee Forrett

    Compliance Manager

    Premium Mortgage Corporation


  • 3.  RE: Risk Assessments or Audits

    Posted 10 days ago
    Thank you Aimee.