What We Looked AtThis report presents the results of our quality control review (QCR) of an audit of the Department of Transportation’s (DOT) information security program and practices. The Federal Information Security Modernization Act of 2014 (FISMA) requires agencies to develop, implement, and document agencywide information security programs and practices. FISMA also requires inspectors general to conduct annual reviews of their agencies’ information security programs and report the results to the Office of Management and Budget. To meet this requirement, we contracted with CliftonLarsonAllen LLP (CLA) to conduct this audit subject to our oversight. The audit objective was to determine the effectiveness of DOT’s information security program and practices in five function areas—Identify, Protect, Detect, Respond, and Recover. What We FoundWe performed a QCR of CLA’s report and related documentation. Our QCR disclosed no instances in which CLA did not comply, in all material respects, with generally accepted Government auditing standards. Our RecommendationsDOT concurs with all five of CLA’s recommendations. CLA considers all five recommendations resolved but open pending completion of planned actions.
| Report Date | Agency Reviewed / Investigated | Report Title | Type | Location | |
|---|---|---|---|---|---|
| Department of Transportation | Quality Control Review of the Independent Auditor’s Report on the Assessment of DOT’s Information Security System Program and Practices | Audit | Agency-Wide | View Report | |
| Federal Labor Relations Authority | Evaluation of the Federal Labor Relations Authority's Compliance with the Federal Information Security Management Act, Fiscal Year 2021 | Inspection / Evaluation | Agency-Wide | View Report | |
| Architect of the Capitol | Semiannual Report to the Congress April 1, 2021 - September 30, 2021 | Semiannual Report | Agency-Wide | View Report | |
| U.S. Agency for International Development | Financial Audit of Costs Incurred by Tetra Tech, Inc. Under the Engineering Support Program in Afghanistan, Contract AID-306-C-16-00010, October 1, 2019, to January 22, 2020 | Other |
|
View Report | |
| U.S. Agency for International Development | Financial Audit of The Centre for Promotion of Quality of Life Under Multiple USAID Awards in Vietnam, January 1 to December 31, 2020 | Other |
|
View Report | |
| U.S. Agency for International Development | Financial Audit of the Community Mobilization Initiatives to End Tuberculosis Activity in Cambodia Managed by Khmer HIV/AIDS NGO Alliance, Cooperative Agreement 72044219CA00002, for the Year Ended December 31, 2020 | Other |
|
View Report | |
| U.S. Agency for International Development | Financial Audit of USAID Resources Managed by Christian Aid in Multiple Countries Under Multiple Awards, April 1, 2019, to July 31, 2020 | Other |
|
View Report | |
| Millennium Challenge Corporation | MCC Complied in Fiscal Year 2021 With the Digital Accountability and Transparency Act of 2014 | Audit |
|
View Report | |
| U.S. Postal Service | Springfield, MO, Processing and Distribution Center Grievances | Audit |
|
View Report | |
| Department of the Treasury | FINANCIAL MANAGEMENT: Audit of the United States Mint's Schedules of Custodial Deep Storage Gold and Silver Reserves as of September 30, 2021 and 2020 | Audit | Agency-Wide | View Report | |
