The OIG reviewed the TVA's compliance with the Federal Information Security Management Act (FISMA) of 2002. Our review determined TVA made significant improvement in two FISMA control areas in the past year. However, overall progress in implementing information technology controls required by FISMA has slowed, while TVA continues work on previously recommended actions and redesigns some processes. Additional efforts are needed to improve compliance with existing controls and address concerns identified by the OIG in six control areas: (1) the certification and accreditation process, (2) security configuration management, (3) incident response and reporting, (4) security training, (5) remote access, and (6) contingency planning. We provided our results to TVA management for review. Summary Only
| Report Date | Agency Reviewed / Investigated | Report Title | Type | Location | |
|---|---|---|---|---|---|
| Tennessee Valley Authority | Federal Information Security Management Act (FISMA) Evaluation | Audit | Agency-Wide | View Report | |
| International Trade Commission | Management Letter for 2010 Financial Statement | Audit | Agency-Wide | View Report | |
| Federal Deposit Insurance Corporation | FDIC Office of Inspector General's Semiannual Report to the Congress | Semiannual Report | Agency-Wide | View Report | |
| Department of Justice | Audit of Compliance with Standards Governing Combined DNA Index System Activities at the Arkansas State Crime Laboratory, Little Rock, Arkansas | Audit |
|
View Report | |
| Department of Education | ED OIG 61st Semiannual Report to Congress | Semiannual Report | Agency-Wide | View Report | |
| Department of Justice | Audit of Compliance with Standards Governing Combined DNA Index System Activities at the Bexar County Criminal Investigation Laboratory, San Antonio, Texas | Audit |
|
View Report | |
| AmeriCorps | Audit of Corporation for National and Community Service Grants Awarded to U.S. Committee for Refugees and Immigrants | Audit | Agency-Wide | View Report | |
| Social Security Administration | 2010 Fall Semiannual Report | Semiannual Report | Agency-Wide | View Report | |
| Office of Personnel Management | Audit of the Information Technology Security Controls of the Office of Personnel Management's Annuity Roll System FY 2010 | Audit | Agency-Wide | View Report | |
| National Aeronautics and Space Administration | Transmittal of the Final Report, "Information Technology Management Letter Comments," Prepared by Ernst & Young LLP in Connection with the Audit of NASA's Fiscal Year 2010 Financial Statements | Audit |
|
View Report | |
