Board Report: January 1, 2008
The Federal Reserve Integrated Recrods Management Architecture (FIRMA) is also listed as a major application for the Office of the Secretary (OSEC) on the Board's Federal Information Security Management Act (FISMA) application inventory. The application converts paper Board records and electronically-uploaded documents into electronic records and manages them in compliance with federal records management laws and regulations.
Overall, our review showed that information security controls in thirteen of the seventeen control families generally met the control objectives. However, we found that security controls need to be strengthened in four control families and made seven recommendations to address these issues. The Director of OSEC accepted the recommendations and indicated that she will implement them as soon as practicable. The response noted alternative approaches to implementing two recommendations that, if implemented as described, will satisfy the intent of the recommendations. Given the sensitivity of information security review work, our reports in this area are generally restricted.
