Modernization Act of 2014 (FISMA) Evaluation
for the Federal Communications Commission
Kearney determined that the Commission’s FY 2024 information security program was not in compliance with FISMA legislation, OMB guidance, and applicable NIST special publications.
The FISMA evaluation report includes seven findings and offers 27 recommendations to improve the effectiveness of FCC’s information security program controls. Of the 27 recommendations issued, 21 are either repeats or updates from prior FISMA evaluations, and six address new deficiencies identified in FY 2024.