Independent Evaluation of the U.S. Equal Employment Opportunity Commission’s Compliance with Provisions of the Federal Information Security Modernization Act of 2014 (FISMA)

We found that EEOC generally had sound information security controls for its Information Security Program and has implemented security controls in all seven DHS Inspector General (IG) FISMA Reporting Metrics. Based on our audit work, we concluded that the EEOC’s Information Security Program is generally compliant with the FISMA legislation and applicable Office of Management and Budget (OMB) guidance and the security controls tested demonstrated operating effectiveness.