Skip to main content
Report File
Title Full
FY 24 Federal Information Security
Modernization Act of 2014 (FISMA) Evaluation
for the Federal Communications Commission
Date Issued
Submitting OIG
Federal Communications Commission OIG
Agencies Reviewed/Investigated
Federal Communications Commission
Report Number
24-EVAL-05-01
Report Description

Kearney determined that the Commission’s FY 2024 information security program was not in compliance with FISMA legislation, OMB guidance, and applicable NIST special publications.

The FISMA evaluation report includes seven findings and offers 27 recommendations to improve the effectiveness of FCC’s information security program controls. Of the 27 recommendations issued, 21 are either repeats or updates from prior FISMA evaluations, and six address new deficiencies identified in FY 2024. 

Report Type
Inspection / Evaluation
Agency Wide
Yes
Number of Recommendations
27
Questioned Costs
$0
Funds for Better Use
$0
Report updated under NDAA 5274
No

Open Recommendations

This report has 10 open recommendations.
Recommendation Number Significant Recommendation Recommended Questioned Costs Recommended Funds for Better Use Additional Details
6 No $0 $0

Risk Management

7 No $0 $0

Risk Management

20 No $0 $0

Identity Access Management

23 No $0 $0

USAC - Access Controls

24 No $0 $0

USAC - Access Controls

25 No $0 $0

USAC - Access Controls

10 No $0 $0

Supply Chain Risk Management

12 No $0 $0

Configuration Management

13 No $0 $0

Identity Access Management

22 No $0 $0

USAC - Access Controls

Federal Communications Commission OIG

United States