Skip to Navigation
Skip to Main content
OIG Home
OIG Home

IN THIS SECTION

Skip SHARE THIS PAGE section Skip STAY CONNECTED section

Board Report: 2015-IT-B-001 January 30, 2015

Audit of Planned Physical and Environmental Controls for the Board’s Data Center Relocation

available formats

Appendix B: Management's Response

BOARD OF GOVERNORS OF THE FEDERAL RESERVE SYSTEM
WASHINGTON, D.C. 20551
DIVISION OF INFORMATION TECHNOLOGY

January 12, 2015

Mr. Mark Bialek
Office of Inspector General
Board of Governors of the Federal Reserve System
Washington DC, 20551

Dear Mark:

We have reviewed your report entitled "Audit of Planned Physical and Environmental Controls for the Board's Data Center Relocation" prepared as part of your office's oversight responsibilities pursuant to the Federal Information Security Management Act of 2002 (FISMA). The report evaluates the planned physical and environmental controls for the Board's data center against the Board's Information Security Program's control requirements. We are pleased that your assessment recognized that the Board is continuing to follow a structured approach to planning and executing the relocation of the data center, and Board staff are actively engaged in the planning and decision making for the project.

We agree with the one recommendation offered in your report. The Board has worked closely with the 5th District to identify the security controls that the Board Data Center will be inheriting from the Bank. The 5th District has provided the SAFR security plans defining how the inherited controls are met and the relevant supporting evidence. The Board ISO has compared the control implementations to the Board's security requirements and identified any risks incurred by relying on SAFR. The Board ISO will work with the 5th District to address identified risks and ensure the controls are appropriately documented in a security plan. Based on the risk assessment performed, the Board ISO is confident in relying on the 5th District for providing the inherited controls under SAFR.

We appreciate the professionalism and courtesies provided by the staff of the Office of the Inspector General and we look forward to working with your office in the future. Thank you for the opportunity to provide comments on this report.

Sincerely

/signed/

Sharon Mowry

Director, Information Technology

cc: Mr. Donald Hammond
      Mr. Wayne Edmondson
      Mr. Andrew Patchan
      Mr. Ray Romero
      Mr. Charles Young