FISMA: USAID Implemented an Effective Information Security Program for Fiscal Year 2024 but Longstanding Weaknesses Persist

Date Issued

Thursday, September 19, 2024

Submitting OIG

U.S. Agency for International Development OIG

Agencies Reviewed/Investigated

U.S. Agency for International Development

Report Number

A-000-24-005-C

Report Type

Audit

Agency Wide

Yes

Number of Recommendations

Questioned Costs

Funds for Better Use

Report updated under NDAA 5274

Open Recommendations

This report has 2 open recommendations.

Recommendation Number	Significant Recommendation	Recommended Questioned Costs	Recommended Funds for Better Use
1	No	$0	$0
We recommend that USAID's Chief Information Officer request its cognizant Management Council on Risk and Internal Control to report and track as a significant deficiency to the Agency the risk of not timely disabling network accounts for separated employees and contractors, as identified in Office of Inspector General Report No. A-000-21-004-C, Recommendation 2.
2	No	$0	$0
We recommend that USAID's Chief Human Capital Officer request its cognizant Management Council on Risk and Internal Control to report and track as a significant deficiency to the Agency the risk of not maintaining records evidencing that staff have been offboarded in accordance with Agency policy, as identified in Office of Inspector General Report No. A-000-21-004-C, Recommendation 3.