Submitting OIG:
Report Description:
The objective of this review was to perform an independent assessment of the Peace Corps’ information security program, including testing the effectiveness of security controls for a subset of systems as required, for FY 2017. Our results demonstrate that the Peace Corps lacks an effective information security program because of problems related to people, processes, technology, and culture. The Peace Corps needs to embrace a risk-based culture and place greater emphasis on the importance of a robust information security program by involving senior leadership, ensuring agency policies are comprehensive, and prioritizing the time and resources necessary to become fully compliant with Federal laws and eliminate weaknesses.
Date Issued:
Tuesday, October 31, 2017
Agency Reviewed / Investigated:
Component, if applicable:
Agency-wide
Location(s):
Agency-Wide
Type of Report:
Review
Number of Recommendations:
20
View Document:
Attachment | Size |
---|---|
2017 FISMA Final Report.pdf | 178.93 KB |