OIG: 2024 Audit of the CFPB's Information Security Program

If you are seeing this message, Javascript is disabled. Disclaimer for all external links found on this page: The Office of Inspector General (OIG) for the Board of Governors of the Federal Reserve System and the Consumer Financial Protection Bureau does not necessarily endorse the views expressed or the facts presented on the external sites. The OIG does not endorse any commercial products that may be advertised or on the external sites. The OIG's privacy policy does not apply on the external sites. Please check the site for its privacy notice.

Skip to Navigation

IN THIS SECTION

Skip SHARE THIS PAGE section Skip STAY CONNECTED section

CFPB Report: 2024-IT-C-019 October 31, 2024

Each year, we audit the CFPB's information security program as required by the Federal Information Security Modernization Act.

The CFPB's information security program remains effective as a whole. In addition, the agency has strengthened its program since our last review, for instance, by adding near-real-time updates to security training. Still, to remain effective, the CFPB's program can be further strengthened in several areas, such as configuration management and data loss prevention.

This report includes eight new recommendations to strengthen the CFPB's information security program and details the agency's progress in addressing our previous recommendations.

HOTLINE

IN THIS SECTION

2024 Audit of the CFPB's Information Security Program

available formats

Summary:

Full Report:

LINKS TO THE BOARD AND THE CFPB

HOTLINE

IN THIS SECTION

SHARE THIS PAGE

STAY CONNECTED

2024 Audit of the CFPB's Information Security Program

available formats

Summary:

Full Report:

LINKS TO THE BOARD AND THE CFPB

RELATED SITES AND RESOURCES