Date Issued
Report Number
AR 14-002
Report Type
Inspection / Evaluation
Description
The Federal Information Security Management Act of 2002 (FISMA) provides a comprehensive framework for ensuring the effectiveness of technical, administrative, and physical security controls over federal information resources. The Act mandates an annual OIG evaluation of compliance with FISMA requirements and related information security policies, procedures, standards, and guidelines and assessment of the level of security afforded to associated information assets. These evaluations aim to determine the effectiveness of overall security programs, ensure the confidentiality and integrity of data entrusted to the FTC, and develop strategies and best practices for cost-effectively improving information security. The OIG's independent FISMA evaluation for FY 2013 determined that the FTC was in substantial compliance with applicable security and privacy requirements. The OIG also recommended that program consistency and compliance needed to be reinforced through visible monitoring and oversight by FTC IT governance boards and senior management.
Joint Report
No
Agency Wide
Yes (agency-wide)
Questioned Costs
$0
Funds for Better Use
$0