- About Us
- Information Technology
- Contact Us
Report Fraud, Waste, or Abuse
OFFICE OF INSPECTOR GENERAL
BOARD OF GOVERNORS OF THE FEDERAL RESERVE SYSTEM
CONSUMER FINANCIAL PROTECTION BUREAU
September 30, 2014
Chief Information Officer
Consumer Financial Protection Bureau
Andrew Patchan Jr. /signed/
Associate Inspector General for Information Technology
OIG Report No. 2014-IT-C-016: Audit of the CFPB's Acquisition and Contract Management of Select Cloud Computing Services
The Office of Inspector General (OIG) has completed its report on the subject audit. In January 2014, the Council of the Inspectors General on Integrity and Efficiency (CIGIE) initiated a government-wide review of select agencies' efforts to adopt cloud computing technologies. The CIGIE initiative focused on reviewing cloud computing contracts for inclusion of specific clauses and the agencies' efforts to monitor the performance of cloud service providers. In support of the CIGIE initiative, our objective was to review the Consumer Financial Protection Bureau's (CFPB) acquisition and contract management for Amazon.com's Amazon Web Services and Deloitte's Compliance Analysis Toolkit to determine whether requirements for security, service levels, and access to records were appropriately planned for, defined in contracts, and being monitored. We provided CIGIE with responses to a questionnaire it issued to the select agencies' OIGs under a separate cover. This report includes specific findings and recommendations designed to assist the CFPB in improving its acquisition and contract management processes associated with cloud service providers.
We provided a draft of our report to you for review and comment. In your response, included as appendix B, you concurred with our recommendations and outlined actions that have been taken, are underway, and are planned to address our recommendations.
We appreciate the cooperation that we received from CFPB personnel during our review. Please contact me if you would like to discuss this report or any related issues.
Sartaj Alag, Chief Operating Officer
Stephen Agostini, Chief Financial Officer
Zachary Brown, Chief Information Security Officer
J. Anthony Ogden, Deputy Inspector General
Matthew Simber, OIG Manager for Policy, Planning, and Quality Assurance