Skip to main content
Date Issued
Submitting OIG
Department of Transportation OIG
Other Participating OIGs
Department of Transportation OIG
Agencies Reviewed/Investigated
Department of Transportation
Components
Office of the Special Trustee for American Indians
Office of the Secretary of Transportation
Report Number
22T3004T000
Report Description

What We Looked AtThis report presents the results of our quality control review (QCR) of an audit of the Department of Transportation’s (DOT) information security program and practices. The Federal Information Security Modernization Act of 2014 (FISMA) requires agencies to develop, implement, and document agencywide information security programs and practices. FISMA also requires inspectors general to conduct annual reviews of their agencies’ information security programs and report the results to the Office of Management and Budget. To meet this requirement, we contracted with CliftonLarsonAllen LLP (CLA) to conduct this audit subject to our oversight. The audit objective was to determine the effectiveness of DOT’s information security program and practices in five function areas—Identify, Protect, Detect, Respond, and Recover. What We FoundOur QCR disclosed no instances in which CLA did not comply, in all material respects, with generally accepted Government auditing standards. Our RecommendationsDOT concurs with all eight of CLA’s recommendations. CLA considers all eight recommendations resolved but open pending completion of planned actions.

Report Type
Audit
Agency Wide
Yes
Number of Recommendations
0
Questioned Costs
$0
Funds for Better Use
$0

Department of Transportation OIG

United States