Skip to main content
Report File
Date Issued
Submitting OIG
Pension Benefit Guaranty Corporation OIG
Other Participating OIGs
Pension Benefit Guaranty Corporation OIG
Agencies Reviewed/Investigated
Pension Benefit Guaranty Corporation
Report Number
AUD-2025-02
Report Type
Audit
Agency Wide
Yes
Number of Recommendations
6
Questioned Costs
$0
Funds for Better Use
$0

Open Recommendations

This report has 6 open recommendations.
Recommendation Number Significant Recommendation Recommended Questioned Costs Recommended Funds for Better Use Additional Details
2025-02-01 No $0 $0

PBGC should implement an enterprise-wide approach to prevent counterfeit components from entering its supply chain and establish performance measures to gauge the effectiveness of its anti-counterfeit policies and procedures. Additionally, PBGC should provide a comprehensive anti-counterfeit training for its personnel.

2025-02-02 No $0 $0

PBGC should manage Active Directory certificate template settings effectively by hardening and auditing existing templates in the environment. Privileges should also be assessed for all templates to prevent unauthorized changes to the configuration settings.

2025-02-03 No $0 $0

PBGC should establish robust network segmentation and configure firewalls with default rules to ensure the guest wireless network is effectively isolated from internal resources.

2025-02-04 No $0 $0

PBGC should establish a comprehensive system for monitoring, analyzing, and reporting on quantitative performance measures to evaluate the effectiveness of its Data Breach Response policies and procedures.

2025-02-05 No $0 $0

PBGC should implement an effective specialized security training program that includes steps to identify and prevent phone-based social engineering for all employees.

2025-02-06 No $0 $0

PBGC should strengthen its controls around verifying the identity of PBGC personnel prior to temporarily disabling their requirement for MFA for remote access should a user purportedly have a malfunctioning PIV card or other MFA token.

Pension Benefit Guaranty Corporation OIG

United States