Skip to main content
Report File
Date Issued
Submitting OIG
Federal Communications Commission OIG
Other Participating OIGs
Federal Communications Commission OIG
Agencies Reviewed/Investigated
Federal Communications Commission
Report Number
22-EVAL-06-01
Report Description

This audit report found that the FCC security programs were ineffective in seven of the nine metric domains. The contractor’s assessment of the overall maturity of each metric domain remained relatively consistent with the prior year. The Supply Chain Risk Management domain is the one metric domain that improved from the prior year. The FISMA evaluation report included eight findings with 21 recommendations intended to 2 improve the effectiveness of the FCC’s information security program controls. FCC management concurred with the findings.

Report Type
Inspection / Evaluation
Location

Washington, DC
United States

Number of Recommendations
1
Questioned Costs
$0
Funds for Better Use
$0
External Entity
N/A

Open Recommendations

This report has 8 open recommendations.
Recommendation Number Significant Recommendation Recommended Questioned Costs Recommended Funds for Better Use Additional Details
1 No $0 $0

Risk Management

2 No $0 $0

Risk Management

5 No $0 $0

Supply Chain Risk Management

12 No $0 $0

Identity Access Management

13 No $0 $0

Identity Access Management

14 No $0 $0

Identity and Access Management

17 No $0 $0

Configuration Management

18 No $0 $0

Configuration Management

Federal Communications Commission OIG

United States