Skip to Navigation
Skip to Main content
OIG Home
OIG Home


Skip SHARE THIS PAGE section Skip STAY CONNECTED section

Board Report: 2013-IT-B-019 November 14, 2013

2013 Audit of the Board's Information Security Program

available formats

Report Contributors

Robert McMillon, OIG Manager
Satynarayana-Setty Sriram, Senior IT Auditor
Christopher Lambeth, Senior IT Auditor
William Fumey, Senior IT Auditor
Andrew Gibson, IT Auditor
Adam Scheps, IT Auditor
Peter Sheridan, Senior OIG Manager
Andrew Patchan Jr., Associate Inspector General for Information Technology


Board Board of Governors of the Federal Reserve System
CIO Chief Information Officer
FISMA Federal Information Security Management Act of 2002
DHS Department of Homeland Security
IG Inspector General
ISCM information security continuous monitoring
ISO Information Security Officer
IT information technology
NIRT National Incident Response Team
NIST National Institute of Standards and Technology
OMB Office of Management and Budget
RMF Risk Management Framework
SP 800-37 Special Publication 800-37, Revision 1, Guide for Applying the Risk Management Framework to Federal Information Systems
SP 800-39 Special Publication 800-39, Managing Information Security Risk
SP 800-53 Special Publication 800-53, Revision 3, Recommended Security Controls for Federal Information Systems and Organizations
SP 800-137 Special Publication 800-137, Information Security Continuous Monitoring (ISCM) for Federal Information Systems and Organizations
US-CERT United States Computer Emergency Readiness Team