Submitting OIG:
Report Description:
The Office of the Inspector General OIG audited the Tennessee Valley Authority’s (TVA) use of remote application and desktop virtualization due to the risk of increased remote users during the COVID-19 pandemic and recent publicized remote access vulnerabilities. We found several areas where TVA was consistent with cybersecurity remote access best practices. However, we identified gaps in TVA’s configuration settings, architectural design, and administrative procedures. We recommend the Vice President and Chief Information and Digital Officer, Technology & Information, review the identified gaps and remediate as appropriate. Specifics of the identified issues were omitted from this report due to their sensitive nature in relation to TVA’s cybersecurity but were formally communicated to TVA management in a briefing on November 15, 2021.
Date Issued:
Tuesday, January 11, 2022
Agency Reviewed / Investigated:
Submitting OIG-Specific Report Number:
2021-15804
Location(s):
Agency-Wide
Type of Report:
Audit
Special Projects:
Questioned Costs:
$0
Funds for Better Use:
$0
Number of Recommendations:
1
View Document:
| Attachment | Size |
|---|---|
 2021-15804.pdf | 536.5 KB |