The Federal Information Security Management Act of 2002 (FISMA) is meant to bolster computer and network security within the federal government. In accordance with FISMA and guidance from the U.S. Office of Management and Budget, TVA and the TVA OIG are required to report on agency-wide IT security and privacy practices annually. In our 2014 review of TVA's information security program, we found TVA was in compliance in the areas of: (1) incident response and reporting, (2) plan of action and milestones, (3) remote access management, (4) contingency planning, and (5) security capital planning. However, TVA needs improvements in the areas of: (1) continuous monitoring management, (2) configuration management, (3) identity and access management, (4) risk management, (5) security training, and (6) contractor systems. We recommended TVA implement additional improvements in its security configuration management program, update its security awareness and training, update interconnection security agreements, and update the FISMA system inventory. TVA management agreed with our findings and recommendations and is implementing its remediation plan. Summary Only
| Report Date | Agency Reviewed / Investigated | Report Title | Type | Location | |
|---|---|---|---|---|---|
| Tennessee Valley Authority | 2014 Federal Information Security Management Act Compliance Audit | Audit | Agency-Wide | View Report | |
| Afghan Special Police Training Center’s Dry Fire Range: Poor Contractor Performance and Poor Government Oversight Led to Project Failure | Inspection / Evaluation | Agency-Wide | View Report | ||
| USAID's Afghan Sustainable Water Supply and Sanitation Project: Audit of Costs Incurred by ARD, Inc. | Other | Agency-Wide | View Report | ||
| Department of Housing and Urban Development | The Office of Public and Indian Housing has Reduced Subsidized Public Housing Vacancies | Inspection / Evaluation |
|
View Report | |
| Department of the Treasury | Audit of the Alcohol and Tobacco Tax and Trade Bureau’s Fiscal Years 2014 and 2013 Financial Statements | Audit | Agency-Wide | View Report | |
| Department of the Interior | Finding of Whistleblower Retaliation Under the American Recovery and Reinvestment Act | Investigation | Agency-Wide | View Report | |
| Department of Veterans Affairs | Review of Community Based Outpatient Clinics and Other Outpatient Clinics of Gulf Coast Veterans Health Care System, Biloxi, Mississippi | Review |
|
View Report | |
| Smithsonian Institution | Smithsonian Had Effective Controls over Unliquidated Obligations for Federal Capital Contracts | Audit | Agency-Wide | View Report | |
| Department of Homeland Security | Ohio’s Management of Homeland Security Grant Program Awards for Fiscal Years 2010 Through 2012 (Revised) | Audit |
|
View Report | |
| International Trade Commission | Improper Payment Reporting | Other | Agency-Wide | View Report | |
