Skip to Navigation
Skip to Main content
OIG Home
OIG Home

IN THIS SECTION

Skip SHARE THIS PAGE section Skip STAY CONNECTED section

Board Report: 2014-IT-B-021 December 18, 2014

Opportunities Exist to Improve the Operational Efficiency and Effectiveness of the Board's Information Security Life Cycle

available formats

Report Contributors and Abbreviations

Report Contributors

Andrew Gibson, Project Lead
Morgan Fletcher, IT Audit Intern
Peter Sheridan, Senior OIG Manager for Information Technology Audits
Andrew Patchan Jr., Associate Inspector General for Information Technology

Abbreviations

A-130 Office of Management and Budget Circular A-130, Appendix III, Transmittal Memorandum #4, Management of Federal Information Resources, November 2000
ATO authorization to operate
BISP Board Information Security Program
Board Board of Governors of the Federal Reserve System
CIO Chief Information Officer
FISMA Federal Information Security Management Act of 2002
ISCM information security continuous monitoring
ISCU IT Security Compliance Unit
ISO Information Security Officer
NIST National Institute of Standards and Technology
OIG Office of Inspector General
OMB Office of Management and Budget
RMF risk management framework
SP 800-37 NIST Special Publication 800-37, Revision 1, Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach
SP 800-53 NIST Special Publication 800-53, Revision 4, Security and Privacy Controls for Federal Information Systems and Organizations
SP 800-137 NIST Special Publication 800-137, Information Security Continuous Monitoring (ISCM) for Federal Information Systems and Organizations
SSP system security plan