Home / News / Report: VA Outlines Efforts to Address Inspector General’s 33 Cybersecurity Recommendations

Report: VA Outlines Efforts to Address Inspector General’s 33 Cybersecurity Recommendations

The Department of Veterans Affairs’ office of information and technology has asked VA’s inspector general to close 18 out of 33 recommendations since it has implemented measures to update its information security efforts, Federal News Radio reported Friday.

The office’s statement is in response to the IG’s Federal Information Security Management Act audit report for fiscal 2016, which found that VA failed to address cybersecurity weaknesses for 18 consecutive years.

OI&T said VA updated information systems that require authority to operate by the end of calendar year 2016 and that the department’s enterprise cybersecurity strategy team has begun to implement the authorizations approach in compliance with the Office of Management and Budget’s updated Circular A-130.

VA said ECST also has made changes to its password management efforts, such as the implementation of single sign-on measures and use of smart identity cards.

The department also expects to fully field an event management and security incident tool and ensure that patches and security vulnerabilities are addressed by June 30.

VA also expects to address eight recommendations by Sept. 30 and the remaining five by the end of December.

“As VA provides documentation to support the corrective actions taken on any recommendation, we will review it and make the determination on whether we can close that recommendation,” Linda Halliday, VA’s deputy inspector general, told the station in an email.

Check Also

Air Force Boosting Contractor Work in IT Modernization

The U.S. Air Force launched a pilot program allowing private companies to handle information technology-related tasks assigned to service members, C4ISRNet reported Friday. The Enterprise IT as a Service program comes as part of the ongoing reorganization for the service. 

Leave a Reply

Your email address will not be published. Required fields are marked *