Skip to main content
Report File
Date Issued
Submitting OIG
Federal Communications Commission OIG
Other Participating OIGs
Federal Communications Commission OIG
Agencies Reviewed/Investigated
Federal Communications Commission
Report Number
23-EVAL-05-01
Report Description

This audit report determined that the Commission’s FY 2023 information security program was not in compliance with FISMA legislation, OMB guidance, and applicable NIST special publications. Five of the nine domains Kearney evaluated warrant additional management attention to address identified deficiencies - Risk Management, Supply Chain Risk Management, Configuration Management, Identity and Access Management, and Information Security Continuous Monitoring. Specifically, the FISMA evaluation report includes seven findings and offers 25 recommendations to improve the effectiveness of the FCC’s information security program controls. FCC continues to work towards an effective overall maturity level for its information security program.

Report Type
Inspection / Evaluation
Location

Washington, DC
United States

Number of Recommendations
25
Questioned Costs
$0
Funds for Better Use
$0
Additional Details
https://www.fcc.gov/inspector-general/reports/audit
External Entity
N/A
External Link
https://www.fcc.gov/sites/default/files/23-eval-05-01p_fisma_tm_01052024.pdf

Federal Communications Commission OIG

United States