Home / News / Report: SEC Failed to Fully Implement 2017 Cloud Strategy

Report: SEC Failed to Fully Implement 2017 Cloud Strategy

The Securities and Exchange Commission’s  Office of Inspector General released a report stating that the agency “did not fully implement its cloud strategy” and failed to execute an enterprise information technology approach to cloud migration.

According to the report, SEC lacked progress in its 2017 cloud strategy and launched only two pilot programs slated for implementation across an enterprise network. The IG also found that SEC’s contracts didn’t include security requirements and that there were incomplete or missing security assessment reports as well as Federal Risk and Authorization Management Program baseline controls.

“The conditions we observed occurred because the Office of IT  had not developed policies and procedures specific to cloud system security, or adequate processes to ensure compliance with FedRAMP baseline controls and enhancements for which the agency is responsible,” the report noted.

“As a result, the SEC has not yet fully realized the potential performance and economic benefits attributed to cloud computing services.”

Check Also

USAF, Northrop Conclude Critical Design Review of Polar Satcom Program

The U.S. Air Force and Northrop Grumman have completed a critical design review under a program that aims to deploy satellite communications payloads in the North Polar Region. The Enhanced Polar System Recapitalization program would deliver eXtended Data Rate payloads that would operate in the region until USAF gets access to polar variants of protected and evolved satcom technology in the 2030s, Los Angeles AF Base said Monday.