An official website of the United States government
Here's how you know
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Brought to you by the Council of the Inspectors General on Integrity and Efficiency
Federal Reports
Report Date
Agency Reviewed / Investigated
Report Title
Type
Location
Office of Personnel Management
Audit of the Federal Employees Health Benefits Program Operations at the Health Plan of Nevada, Inc.
The Federal Information Security Management Act of 2002 (FISMA) is meant to bolster computer and network security within the federal government. In accordance with FISMA and guidance from the U.S. Office of Management and Budget, TVA and the TVA OIG are required to report on agency-wide IT security and privacy practices annually. In our 2014 review of TVA's information security program, we found TVA was in compliance in the areas of: (1) incident response and reporting, (2) plan of action and milestones, (3) remote access management, (4) contingency planning, and (5) security capital planning. However, TVA needs improvements in the areas of: (1) continuous monitoring management, (2) configuration management, (3) identity and access management, (4) risk management, (5) security training, and (6) contractor systems. We recommended TVA implement additional improvements in its security configuration management program, update its security awareness and training, update interconnection security agreements, and update the FISMA system inventory. TVA management agreed with our findings and recommendations and is implementing its remediation plan. Summary Only
