GSA IG: Agency’s TTS & IT Office Should Address 18F Compliance with IT Security Policy

The General Services Administration‘s Office of the Inspector General has recommended the Technology Transformation Service and GSA Information Technology offices to identify all 18F information systems and address compliance with the agency’s IT security policy.

According to a report published Tuesday, GSA OIG also said TTS and GSA IT should oversee 18F’s compliance with the Federal Information Technology Acquisition Reform Act as well as address the use of unofficial email accounts on federal record exchanges.

The IG also recommended GSA IT develop training strategies for senior level leaders on IT security roles and responsibilities.

The GSA OIG Office of Inspections and Forensic Auditing led an evaluation of the 18F office due to concerns from senior GSA officials regarding potential deficiencies in business operations.

The review discovered that 18F did not follow GSA information security policies because as a result of a lack of sufficient guidance and oversight from agency leaders to meet required levels of awareness and compliance.

OIG’s review also found IT policy violations from 18F personnel including enabled authorizations through the online messaging and collaboration application called Slack which had potentially exposed personally identifiable information throughout a five-month period.

You may also be interested in...

Nickolas Guertin

Carnegie Mellon’s Nickolas Guertin in Line to Become Next Defense OT&E Director

Nickolas Guertin, a senior software systems engineer at Carnegie Mellon University, has been nominated by President Biden to become the Department of Defense's (DoD) director of operational test and evaluation (DOT&E). The Reading, Connecticut native was a former U.S. Navy serviceman with experience in ship construction and maintenance, systems engineering, weapons testing and development, and submarine operations, the White House said Thursday.

Leave a Reply

Your email address will not be published. Required fields are marked *