Sorry, you need to enable JavaScript to visit this website.
Skip to main content
Report File
Date Issued
Submitting OIG
Department of Labor OIG
Agencies Reviewed/Investigated
Department of Labor
Report Number
23-26-001-07-725
Report Type
Inspection / Evaluation
Agency Wide
Yes
Number of Recommendations
9
Questioned Costs
$0
Funds for Better Use
$0
Report updated under NDAA 5274
No
External Link
https://www.oig.dol.gov/public/reports/oa/2026/23-26-001-07-725.pdf

Open Recommendations

This report has 9 open recommendations.
Recommendation Number Significant Recommendation Recommended Questioned Costs Recommended Funds for Better Use Additional Details
001 No $0 $0

We recommend the Chief Information Officer (CIO): Develop and implement a process to create and maintain target and current cybersecurity profiles.

002 No $0 $0

We recommend the CIO: Develop and implement controls to validate information within the Cybersecurity Assessment Management tool.

003 No $0 $0

We recommend DOL OIG: Implement a control to help ensure that all interconnection service agreements or related documents are reviewed in accordance with the DOL Cybersecurity Policy Portfolio.

004 No $0 $0

We recommend DOL OIG: Implement a baseline deviation monitoring process for its general support
system.

005 No $0 $0

We recommend the CIO: Ensure all systems comply with the Cybersecurity Policy Portfolio requirements for session timeouts.

006 No $0 $0

We recommend the CIO: Ensure the adherence to DOL logical access policies and procedures.

007 No $0 $0

We recommend the CIO: Establish mechanisms to ensure that logical access controls are implemented and effective.

008 No $0 $0

We recommend the CIO: Design and implement a process to ensure identity and access management internal control documentation is retained to support its system of internal controls and operational needs, as required by Government Accountability Office’s Standards for Internal Control in the Federal Government.

009 No $0 $0

We recommend the CIO: Develop and implement effective data exfiltration controls to ensure unauthorized data does not leave the DOL network.

Department of Labor OIG

United States