Submitting OIG:
Report Description:
Overall, the Department continues to implement changes to strengthen its enterprise-wide information security program. However, opportunities were identified that will allow HHS to continue to enhance its enterprise-wide information security program. We identified several reportable exceptions in the Department's security program. Areas for improvement were identified in the Department's Continuous Monitoring Management, Configuration Management, Identity and Access Management, Incident Response and Reporting, Risk Management, Security Training, Plan of Action and Milestones, Remote Access Management, Contingency Planning, and Contractor Systems.
Date Issued:
Wednesday, March 2, 2016
Agency Reviewed / Investigated:
Submitting OIG-Specific Report Number:
A-18-15-30300
Component, if applicable:
Office of the Secretary
Location(s):
Agency-Wide
Type of Report:
Audit
Questioned Costs:
$0
Funds for Better Use:
$0
Number of Recommendations:
6
View Document:
Attachment | Size |
---|---|
181530300.pdf | 2.33 MB |
Additional Details Link: