National Credit Union Administration (NCUA) Cybersecurity Audit

View Report

Date Issued

Tuesday, May 2, 2023

Submitting OIG

National Credit Union Administration OIG

Other Participating OIGs

National Credit Union Administration OIG

Agencies Reviewed/Investigated

National Credit Union Administration

Report Number

OIG23-05

Report Description

This report summarizes the results of the CliftonLarsonAllen (CLA) audit and contains four recommendations that will assist the agency in strengthening cybersecurity controls related to its firewalls and the Security Information and Event Management (SIEM) tool. NCUA management concurred with and has taken or planned corrective actions to address the recommendations.

Report Type

Audit

Agency Wide

Yes

Number of Recommendations

Questioned Costs

Funds for Better Use

Additional Details

https://ncua.gov/files/audit-reports/oig-audit-ncua-cybersecurity-may-2023.pdf

Open Recommendations

This report has 1 open recommendations.

Recommendation Number	Significant Recommendation	Recommended Questioned Costs	Recommended Funds for Better Use	Additional Details
4.OIG-23-05	No	$0	$0
Complete implementation of OMB M-21-31 to achieve past due Event Logging 1 and 2 maturity levels and to meet the Event Logging 3 maturity due by August 27, 2023.