2017 Hurricane Recovery: Get information about disaster assistance, or find out how you can help.
LEARN MORE Close

Report 16-10: Weaknesses Identified During the FY 2015 Federal Information Security Management Act Review

Date Issued: 
Thursday, March 10, 2016
Report Number: 
16-10

On March 10, 2016, the U.S. Small Business Administration (SBA) Office of Inspector General OIG published its evaluation report, Report 16-10:  Weaknesses Identified During the FY 2015 Federal Information Security Management Act Review.  The Federal Information Security Management Act (FISMA) requires that the OIG review the SBA’s Information Technology Security Program. To determine SBA’s compliance with FISMA, OIG contracted with an independent public accountant, KPMG, to perform review procedures relating to FISMA. OIG monitored KPMG’s work and reported SBA’s compliance with FISMA in the Agency FISMA filings in November 2015.  We also assessed the Agency’s progress in implementing open recommendations and compared our current year assessment with our fiscal year 2014 FISMA evaluation.  In addition to the 31 open FISMA recommendations noted in Appendix II, OIG made 5 new recommendations to address FISMA-related vulnerabilities.  SBA fully agreed with all five recommendations, provided documentation to support that two have been implemented, agreed to complete two by September 2016, and one by March 2017.

 

File Attachments: 
Attachments Size
Report_16-10_-_SBA_OIG_FISMA_Review 564Kb