OFFICE OF INSPECTOR GENERAL
BOARD OF GOVERNORS OF THE FEDERAL RESERVE SYSTEM
CONSUMER FINANCIAL PROTECTION BUREAU
November 14, 2014
Ashwin Vasan
Chief Information Officer
Consumer Financial Protection Bureau
Andrew Patchan Jr. /signed/
Associate Inspector General for Information Technology
OIG Report No. 2014-IT-C-020: 2014 Audit of the CFPB's Information Security Program
The Office of Inspector General is pleased to present its report on the 2014 audit of the information security program of the Consumer Financial Protection Bureau (CFPB). We performed this audit pursuant to requirements in the Federal Information Security Management Act of 2002, Title III, Public Law 107-347 (December 17, 2002), which requires each agency Inspector General to conduct an annual independent evaluation of the agency's information security program and practices.
As part of the audit, we also reviewed security controls for two select agency systems. The detailed results of our reviews of the security controls for these systems will be transmitted under separate, restricted cover. In addition, we will use the results of our review of the CFPB's information security program and practices to respond to specific questions in the U.S. Department of Homeland Security's FY 2014 Inspector General Federal Information Security Management Act Reporting Metrics.
We appreciate the cooperation we received from CFPB personnel during our review. Please contact me if you would like to discuss this report or any related issues.
Sartaj Alag, Chief Operating Officer, CFPB
Stephen Agostini, Chief Financial Officer, CFPB
Zachary Brown, Chief Information Security Officer, CFPB
Marla A. Freedman, Assistant Inspector General for Audit, Office of
Inspector General, U.S. Department of the Treasury
J. Anthony Ogden, Deputy Inspector General
Matthew Simber, OIG Manager for Policy, Planning, and Quality
Assurance
