Report File
Date Issued
Submitting OIG
Department of Commerce OIG
Other Participating OIGs
Department of Commerce OIG
Agencies Reviewed/Investigated
Department of Commerce
Components
Office of the Secretary
Report Number
OIG-22-031-A
Report Description
For our final report on our audit of the U.S. Department of Commerce’s (the Department’s) security controls for cloud-based high value assets (HVAs), our objective was to verify that the Department implemented security controls for cloud-based HVAs in accordance with federal requirements. We found that the Department does not incorporate all customer responsibility controls for its cloud-based HVAs into system security plans.
Report Type
Audit
Agency Wide
Yes
Number of Recommendations
1
Questioned Costs
$0
Funds for Better Use
$0
