Submitting OIG:
Report Description:
Background
Cybersecurity, a major enterprise risk consideration, is the practice of protecting systems, networks, and programs from cyberattacks. Cyberattacks targeting the critical infrastructure are increasing in frequency and sophistication, making a well-defined, proactive cybersecurity approach critical. To address these threats, the U.S. Postal Service’s Corporate Information Security Office (CISO) focuses on five cybersecurity strategic objectives: protect, monitor, respond, manage, and innovate.
What We Did
Our objective was to assess the effectiveness of the Postal Service’s state of cybersecurity, specifically evaluating its (1) risk profile and organizational alignment with the cybersecurity strategy, (2) cybersecurity risk management process and vulnerability management program for consistency and appropriateness, and (3) enterprise security architecture processes for alignment with best practices.
Date Issued:
Monday, August 15, 2022
Agency Reviewed / Investigated:
Submitting OIG-Specific Report Number:
21-205-R22
Location(s):
Agency-Wide
Type of Report:
Audit
Questioned Costs:
$0
Funds for Better Use:
$0
Number of Recommendations:
6
View Document:
Attachment | Size |
---|---|
21-205-R22.pdf | 2.91 MB |