Cybersecurity Incident Response Maturity Assessment

View Report

Title Full

Audit Report: Cybersecurity Incident Response Maturity Assessment, Report Number OIG-26-06

Date Issued

Monday, March 30, 2026

Submitting OIG

Government Publishing Office OIG

Agencies Reviewed/Investigated

Government Publishing Office

Report Number

26-06

Report Description

The U.S. Government Publishing Office, Office of the Inspector General, conducted an audit to assess the maturity of cybersecurity incident response capabilities for detection, analysis, and handling, Project Number A-2025-002.The OIG reported two findings and made three recommendations to improve cybersecurity incident response.

Report Type

Audit

Agency Wide

Yes

Number of Recommendations

Questioned Costs

Funds for Better Use

Report updated under NDAA 5274

Open Recommendations

This report has 3 open recommendations.

Recommendation Number	Significant Recommendation	Recommended Questioned Costs	Recommended Funds for Better Use
26-06-01	No	$0	$0
Update the CSIRT Framework and Procedures. Include detailed procedures for the following areas: a. Handling specific incident types during the Detection and Analysis phase. b. Incident containment strategies for incident types. c. Incident eradication activities.
26-06-02	No	$0	$0
Ensure that Triage Coordinators fully document key information in the incident ticket, including (1) the determination of whether or not the event is a computer security incident and (2) the steps taken for incident containment, eradication, and recovery.
26-06-03	No	$0	$0
Ensure tickets identified in Tables 1 and 2 are correctly categorized as “Computer Security Incident” or reclassified as “problem” tickets in the service ticketing system.