Report File
Date Issued
Submitting OIG
National Aeronautics and Space Administration OIG
Agencies Reviewed/Investigated
National Aeronautics and Space Administration
Report Number
IG-25-007
Report Description
The Federal Information Security Modernization Act requires the OIG to conduct an annual evaluation of NASA’s information security program. For fiscal year 2025, we rated NASA’s information security program at a Level 3—meaning policies, procedures, and strategies were consistently implemented, but quantitative and qualitative effectiveness measures were lacking—a rating that falls short to be considered effective.
Report Type
Inspection / Evaluation
Agency Wide
Yes
Questioned Costs
$0
Funds for Better Use
$0
Report updated under NDAA 5274
No
