Skip to main content
Report File
Date Issued
Submitting OIG
Export-Import Bank of the United States OIG
Agencies Reviewed/Investigated
Export-Import Bank
Report Number
OIG-O-25-02
Report Type
Other
Agency Wide
Yes
Number of Recommendations
4
Questioned Costs
$0
Funds for Better Use
$0
Report updated under NDAA 5274
No

Open Recommendations

This report has 4 open recommendations.
Recommendation Number Significant Recommendation Recommended Questioned Costs Recommended Funds for Better Use Additional Details
1 No $0 $0

The Office of Information Management and Technology should immediately restrict access to documents containing Privacy Act information, or any other protected or restricted documentation stored on EXIM’s Information Technology (IT) systems, ensuring that only individuals with a need to know have access.

2 No $0 $0

The Senior Agency Official for Privacy, in coordination with the Office of General Counsel, should assess within the Office of Management and Budget guidance whether there is a requirement to report the incident, and potential breach, and determine if any of the files were inappropriately accessed by individuals without a need to know.

3 No $0 $0

The Chief Information Officer and the Chief Information Security Officer should develop a report regarding the circumstances that led to the incident and the lessons learned that will prevent future incidents and/or improve agency response, as required by EXIM’s Security Incident Handling Policy.

4 No $0 $0

The Office of Information Management and Technology should implement any changes or lessons learned identified in the incident report, to include policy changes or updated training that address the production, maintenance, and disposal of non-record copies of official documents.

Export-Import Bank of the United States OIG

United States