CFPB Report: 2013-IT-C-020 December 2, 2013
OFFICE OF INSPECTOR GENERAL
BOARD OF GOVERNORS OF THE FEDERAL RESERVE SYSTEM
CONSUMER FINANCIAL PROTECTION BUREAU
December 2, 2013
Ashwin Vasan
Chief Information Officer, Consumer Financial Protection Bureau
Andrew Patchan Jr. /signed/
Associate Inspector General for Information Technology
OIG Report No. 2013-IT-C-020: 2013 Audit of the CFPB's Information Security Program
The Office of Inspector General is pleased to present its report on the 2013 audit of the information security program of the Consumer Financial Protection Bureau (CFPB). We performed this audit pursuant to requirements in the Federal Information Security Management Act of 2002, title III, Public Law 107-347 (December 17, 2002), which requires each agency Inspector General to conduct an annual independent evaluation of the agency's information security program and practices.
We provided a draft of our report to you for review and comment. In your response, included as appendix A, you concurred with our recommendations and outlined actions that have been taken, are underway, and are planned to strengthen CFPB's information security program. As part of the audit, we also reviewed security controls for a contractor-operated system. The results of our review of security controls for this system will be transmitted under separate, restricted cover. In addition, we will utilize the results of our review of the CFPB's information security program and practices to respond to specific questions in the U.S. Department of Homeland Security's FY 2013 Inspector General Federal Information Security Management Act Reporting Metrics.
We appreciate the cooperation we received from CFPB personnel during our review. Please contact me if you would like to discuss this report or any related issues.
Attachment
Sartaj Alag, Chief Operating Officer, CFPB
Matt Burton, Deputy Chief Information Officer, CFPB
Zachary Brown, Chief Information Security Officer, CFPB
Marla A. Freedman, Assistant Inspector General for Audit,
Office of Inspector General, U.S. Department of the Treasury
Mark Bialek, Inspector General
J. Anthony Ogden, Deputy Inspector General