Home / News / Inspector General: 23 OPM Data Systems Lack Authorization

Inspector General: 23 OPM Data Systems Lack Authorization

cybersecurityThe Office of Personnel Management’s inspector general has evaluated OPM’s compliance with the Federal Information Security Modernization Act and found that up to 23 of its data networks operate without valid system authorizations.

OPM IG said in a Nov 10. audit report that it performed the audit at the agency’s Washington headquarters between April 2015 and September 2015.

The IG said it found the reorganization in the OPM’s office of the chief information officer has helped to improve agency’s information security governance.

The report cited that the CIO office at OPM did not craft configuration baselines for all operating systems despite its efforts to enforce a configuration management policy for information systems.

OPM also set up an enterprise network security operations center that oversees cyber incident detection and response operations, according to the report.

Other security issues found in the audit include gaps in OPM’s inventory of network devices, servers and databases; failure to implement the agency’s lifecycle policy for all system development programs; and lack of an adequate continuous monitoring program.

Check Also

Leidos Awarded $47M Contract to Provide Technical Support Services for U.S. Air Force; Ed Whitehouse Quoted

The U.S. Air Force has awarded Leidos a potential six-year, $47 million indefinite delivery/indefinite quantity contract to provide support services for the Air Force Technical Applications Center's (AFTAC) U.S. National Data Center (U.S. NDC), Leidos announced on Friday.

Leave a Reply

Your email address will not be published. Required fields are marked *