Hydro Generation Cybersecurity Controls

The Office of the Inspector General audited TVA’s Hydro Generation’s cybersecurity controls. We found TVA had (1) a potential single point of failure that could affect TVA’s ability to operate effectively in the event of a disaster, (2) not configured network devices in a consistent manner, and (3) not maintained updated network documentation. TVA management provided their planned actions to address the recommendations.