Where To Report Waste

Fraud, Abuse, Or Retaliation

Ransomware

Submitting OIG:

Tennessee Valley Authority OIG

Report Description:

The Office of the Inspector General audited TVA’s controls in place to prevent, detect, and respond to ransomware incidents. In summary, we found TVA management generally has appropriate controls in place to prevent, detect, and respond to a ransomware incident. However, for one selected system, we found inappropriate administrative access. To strengthen access controls, TVA currently has an ongoing project to identify, track, and monitor administrative accounts, which is expected to be complete in 2020. In addition, we found improvements were needed in the Ransomware Incident Action Plan. TVA’s Cybersecurity updated the Ransomware Incident Action Plan during our audit.

Date Issued:

Wednesday, November 14, 2018

Agency Reviewed / Investigated:

Tennessee Valley Authority

Submitting OIG-Specific Report Number:

2018-15529

Location(s):

Agency-Wide

Type of Report:

Audit

Questioned Costs:

$0

Funds for Better Use:

$0

Number of Recommendations:

2

View Document:

Attachment	Size
2018-15529.pdf	560.81 KB

Related Open Recommendations

No Recommendations found for this Report.

Tennessee Valley Authority OIG

Tennessee Valley Authority

Over the past 30 years, OIG reviews have focused on helping TVA improve the efficiency and effectiveness of TVA operations, save or recover money, and serve as a deterrent to misconduct and fraud. While the results from some reviews are diffcult to quantify, the results impacted many areas of TVA including: (1) improving key business processes; (2) improving governance functions and regulatory activities; (3) improving the protection of critical infrastructure and privacy information; and (4) improving the effectiveness of risk mitigation activities on areas of high risk. Even without a monetary value attached, these reviews provide information to help TVA operate in the most efficient manner and avoid losses from risks that are not properly mitigated. In addition, much of our reviews, primarily in the contract compliance audits and contract preaward reviews and certain investigations, have helped TVA recover and save substantial money.

http://oig.tva.gov/