Submitting OIG:
Report Description:
The objective of this audit was to assess to what extent the Smithsonian had processes in place to prevent, detect, and resolve security vulnerabilities on the Smithsonian’s publicly accessible websites. The audit focused on obtaining an inventory of publicly accessible websites; conducting vulnerability testing, which included an in-depth test of websites to simulate a focused attack by a skilled adversary; and reviewing the Smithsonian’s policies, procedures, and processes to manage website security.
Date Issued:
Wednesday, September 27, 2017
Agency Reviewed / Investigated:
Submitting OIG-Specific Report Number:
OIG-A-17-05
Component, if applicable:
Office of the Chief Information Officer
Location(s):
Washington
Agency-WideType of Report:
Audit
Questioned Costs:
$0
Funds for Better Use:
$0
Number of Recommendations:
4
View Document:
Attachment | Size |
---|---|
OIG_A_17_05.pdf | 3.98 MB |