The General Services Administration’ Office of Inspector General conducted a review of the agency’s information technology security program pursuant to an OMB FISMA directive. The IG’s FISMA Review found “that additional steps are needed to strengthen GSA’s IT security program in four key areas: (1) secure configuration of agency systems, (2) oversight of audit logging and monitoring practices, (3) implementation of multifactor authentication for systems processing sensitive information, and (4) encryption of data on agency laptop computers.”
The IG Audit Report is attached below.
Leave a Reply