Submitting OIG:
Report Description:
The objective of this audit was to determine the effectiveness of security measures for select IT systems that support the 2020 Census. Our audit scope included the Bureau’s risk management program, security operations center (SOC) capabilities, security of Active Directory, and implementation of multi-factor authentication. We found the following: (1) The Bureau’s inadequate risk management program left significant risks present in decennial IT systems. (2) The Bureau’s Decennial security operations center lacked fundamental capabilities during periods of decennial census data collection. (3) The Bureau inadequately managed its Active Directory that supports decennial census operations. (4) The Bureau had not fully enforced personal identity verification in accordance with federal and Department requirements.
Date Issued:
Thursday, January 7, 2021
Agency Reviewed / Investigated:
Submitting OIG-Specific Report Number:
OIG-21-018-A
Component, if applicable:
U.S. Census Bureau
Location(s):
Agency-Wide
Type of Report:
Audit
Questioned Costs:
$0
Funds for Better Use:
$0
Number of Recommendations:
4
View Document:
Attachment | Size |
---|---|
OIG-21-018.pdf | 7.31 MB |
Additional Details Link: