Editor’s Note: The VA FISMA audit is attached here. Below is one of the audit report’s key recommendations.
From: Assistant Inspector General for Audits and Evaluations/Department of Veterans Affairs
Recommendation 22:
We recommend the Acting Assistant Secretary for Information and Technology implement effective continuous monitoring processes to identify and prevent the use of unauthorized application software, hardware (including personal storage devices), and system configurations on its networks. (This is a repeat recommendation from last year.)
OIT Response:
Concur. VA utilizes many tools such as Intrusion Protection System, Firewalls, Wireless Access Firewall, Tivoli Endpoint Management (Big Fix), anti-virus and Sanctuary to detect the presence and use of unauthorized software and hardware. The only item left to proactively monitor, prevent installation and remove unauthorized software is in development. The effort to design the solution is underway.
[Emphasis added]
Leave a Reply