Skip to Navigation
Skip to Main content
OIG Home
OIG Home


Skip SHARE THIS PAGE section Skip STAY CONNECTED section

Board Report: 2021-IT-B-014 October 29, 2021

2021 Audit of the Board's Information Security Program

available formats

The Federal Information Security Modernization Act of 2014 requires us to perform an annual, independent evaluation to determine the effectiveness of the Board's information security program. We evaluated the program's maturity level (from a possible low of 1 to a possible high of 5) across several areas.

Overall, the Board's information security program continues to operate effectively at level 4 (managed and measurable). Since our review last year, the Board has taken several steps to strengthen its information security program. Nonetheless, the agency has opportunities to mature its information security program further.

We are making recommendations to strengthen the Board's information security program in the area of cybersecurity risk management.