Board Report: August 12, 2016
The Cybersecurity Act contains provisions meant to bolster cybersecurity protections at federal agencies. Because the Board deals with personally identifiable information, certain of its systems are covered by the act.
Our report addresses the Board’s policies, procedures, and specific information security management practices for systems that provide access to personally identifiable information.
We are not making recommendations. Our annual audit of the Board’s information security program, as required by the Federal Information Security Modernization Act of 2014, will include an overall assessment of the Board’s identity and access management program and will incorporate information contained in this report.
