Skip to Navigation
Skip to Main content
OIG Home
OIG Home


Skip SHARE THIS PAGE section Skip STAY CONNECTED section

CFPB Report: 2014-IT-C-020 November 14, 2014

2014 Audit of the CFPB's Information Security Program

available formats

Summary of Recommendations

Summary of Recommendations, OIG Report No. 2014-IT-C-020

Rec. no. Report page no. Recommendation Responsible office
1 4 Fully implement the CFPB's selected automated solution for assessing security controls and analyzing and responding to the results of continuous monitoring activities. Office of the Chief Information Officer
2 4 Assess the information security continuous monitoring implementation options and guidance outlined in the United States Government Concept of Operations for Information Security Continuous Monitoring and update the CFPB's information security continuous monitoring strategy, as necessary. Office of the
Chief Information Officer
3 6 Strengthen the CFPB's vulnerability management practices by implementing an automated solution and process to periodically assess and manage database and application-level security configurations. Office of the Chief Information Officer