Jump to Main Content
USA flagAn Official Website of the United States Government

Audit Report 3-03: Audit of SBA’s Implementation of its Cyber-Based Critical Infrastructure Protection Plan

Date Issued: 
Friday, January 10, 2003
Report Number: 
3-03

On January 10, 2003, the OIG issued Audit Report 3-03, Audit of SBA’s Implementation of its Cyber-Based Critical Infrastructure Protection Plan.  The OIG had two findings and issued three recommendations, of which, one was withdrawn.  The OIG found that the SBA’s Cyber-Based Infrastructure Protection Plan (CIPP) was not updated or utilized to manage SBA’s infrastructure protection efforts.  The OIG also found that the SBA needs to implement the CIPP requirements fully to protect SBA’s critical infrastructure, and provided five additional sub-findings.