- About Us
- Information Technology
- Contact Us
Report Fraud, Waste, or Abuse
CFPB Report: 2022-IT-C-014 September 30, 2022
The Federal Information Security Modernization Act of 2014 requires us to perform an annual independent evaluation of the CFPB's information security program.
The CFPB's information security program continues to operate effectively, and the agency has strengthened the program since our review last year. Nonetheless, the CFPB can enhance its program in the areas of data loss prevention, software asset management, and continuity planning.
This report contains recommendations to strengthen these areas as well as a matter for management consideration related to supply chain risk management.