The Peace Corps – an independent Federal agency that dispatches volunteers around the world – has made “significant progress” in enhancing its information security posture over the past year, but it is “falling short” of meeting what the White House defines as an “effective level of security.” […]

GSA General Services Administration
Biometrics

The Office of the Inspector General (OIG) at the Board of Governors of the Federal Reserve System (FRB) found in its latest evaluation report that the board needs to clarify its cybersecurity incident response processes to effectively respond to cyber incidents at institutions that FRB supervises.   […]

FDIC

The Federal Deposit Insurance Corporation (FDIC) – which has been much in the news in recent weeks due to banking sector turmoil – has more work to do to improve security of its user identification and authentication technology, according to the agency’s inspector general. […]

Jeff Robinson has been tapped to be the new assistant director for Cybersecurity and Information Technology Audits at the Department of Health and Human Services (HHS) Office of the Inspector General (OIG), according to his LinkedIn account. […]

FDIC

The Federal Deposit Insurance Corp (FDIC) needs to figure out better ways to effectively assess cybersecurity concerns at the financial institutions that it regulators, according to a recent report from the agency’s Office of Inspector General (OIG). […]

CX Customer experience -min

A team of government-contracted “red team” hackers managed to gain unauthorized and undetected control of critical Census Bureau systems in a simulated attack test revealing major cybersecurity weaknesses within the Federal agency, according to a new report by the Commerce Department Office of Inspector General (IG). […]

IRS
Veterans Affairs

A new audit released by the Department of Veterans Affairs (VA) Office of Inspector General (OIG) is predicting that the agency will reach full compliance with its obligations under the Geospatial Data Act in the near future. […]

The Department of Labor’s (DoL) Office of Inspector General (OIG) determined that the agency – along with state workforce agencies – has paid more than $45 billion in unemployment insurance (UI) pandemic benefits to fraudsters, according to an alert memorandum published on Sept. 21. […]

Veterans Affairs

The Department of Veteran Affairs (VA) was served a management advisory memorandum from the VA Office of the Inspector General (OIG) due to faulty electronic systems that improperly collected debt, according to a report released on September 7. […]

Veterans Affairs

Senior staff at the Department of Veterans Affairs (VA) responsible for overseeing new training for the electronic health record (EHR) system at the Mann-Grandstaff VA Medical Center in Spokane, Wash., submitted inaccurate data to inspectors, according to a new report from the VA’s Office of Inspector General (OIG). […]

VA
DoD Pentagon Military
EHR

In a new report, the Department of Veterans Affairs (VA) Office of Inspector General (OIG) found that the agency’s first deployment site for its Electronic Health Records Modernization (EHRM) program lacks access to critical EHR metrics, and said that puts the hospital’s accreditation status at risk. […]

A Small Business Administration (SBA) Office of Inspector General (OIG) report summarizing the results of its fiscal year (FY) 2021 Federal Information Security Modernization Act (FISMA) evaluation rates SBA’s overall program of information security as “not effective.” […]

USPS Postal Service
NASA

NASA officials will consider implementing an insider threat program to cover its unclassified systems and data following release of a recent study by the NASA Office of Inspector General (OIG) that found including unclassified systems may better protect agency resources. […]

EPA Environmental Protection Agency

According to a recent audit by the Department of Commerce Inspector General (IG), the National Oceanic and Atmospheric Administration’s (NOAA) current program launch plans may be increasing risk in the development of its environmental satellites. […]

SBA

Facing over $4.6 billion in potentially fraudulent Paycheck Protection Program (PPP) loans and continuing challenges with IT investments, the Small Business Administration (SBA) has yet to meet its goal to revise the agency’s Certify system by the end of 2021, according to SBA Inspector General Hannibal “Mike” Ware. […]

Information security remains a prevalent concern for the State Department based on numerous previous recommendations regarding fundamental information technology-related issues that still require close attention, according to a recent agency Office of Inspector General (OIG) report.

The report assesses 107 unclassified, open OIG recommendations from 19 reports addressed to the Bureau of Information Resource Management (IRM) as of July 30, 2021. OIG found that IRM had addressed three of the 107 recommendations and closed one duplicative recommendation related to risk management, one related to data protection and privacy, and one related to general IT policies. Additionally, OIG closed 14 recommendations in August 2021 as part of its normal compliance process.

However, the remaining 90 recommendations – 57 percent of which dated back to fiscal 2019 or earlier – remain relevant and require “close attention to close them,” the report read.

A larger number of the recommendations involve configuration management of products and systems to ensure information security. The other unaddressed recommendations pertain to several areas including as risk management, IT investments, contingency planning, and shared services.

To facilitate closing the remaining recommendations addressed to IRM, OIG made two recommendations to Carol Perez, the agency’s under secretary for management. OIG recommended her office develop a method for periodically reviewing IRM’s efforts – and indicated that step has since been taken.

OIG also recommended that Perez’s office verify IRM plans of action and milestones (POA&M) documented for all 90 recommendations. However, Perez disagreed with that recommendation, explaining that if the end goal is for IRM to solve open recommendations, developing an individual action plan for each recommendation is “overly cumbersome.”

“IRM’s staff, time, and resources are better spent working on compliance-related activities, maintaining a high standard of day-to-day operations, and communicating directly with OIG,” Perez wrote in her response to OIG.

However, OIG argued that under guidance from the National Institutes of Standards and Technology, agencies are required to develop a POA&M, and that Perez must submit a POA for the recommendation. […]

health

A recent report from the Department of Veterans Affairs (VA) Office of Inspector General (OIG) revealed limitations with the VA’s patient scheduling system, a component of the agency’s new electronic health record (EHR) system. […]

State Department
1 2 3

Categories