Skip to Navigation
Skip to Main content
OIG Home
OIG Home


Skip SHARE THIS PAGE section Skip STAY CONNECTED section

CFPB Report: 2016-IT-C-012 November 10, 2016

2016 Audit of the CFPB’s Information Security Program

available formats

The Federal Information Security Modernization Act of 2014 requires that we review the CFPB’s information security program.

We determined that the CFPB continues to mature its program to ensure consistency with requirements for risk management, contractor systems, configuration management, identity and access management, security and privacy training, information security continuous monitoring, and incident response.

We also recommended ways for the CFPB to further strengthen its information security program.