Evaluation of the U.S. AbilityOne Commission's Compliance with FISMA for FY 2018

The overall assessment of the Commission’s information security program was deemed effective because of the ratings throughout the IG Federal Information Security Modernization Act of 2014 (FISMA) Reporting Metrics domain. Due to the success demonstrated by the Commission’s compliance with FISMA, there are no new recommendations in this report. We found the Commission made significant progress to develop, document, and implement agency-wide information security measures that support its operations. The Commission improved ITsecurity and completed most actions needed from prior year recommendations.