U.S. flag

An official website of the United States government

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.


Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.


U.S. Department of Agriculture, Office of the Chief Information Officer, Fiscal Year 2018 Federal Information Security Modernization Act

Report Information

Date Issued
Report Number:
Report Type
As required by FISMA, OIG reviewed USDA’s ongoing efforts to improve its information technology security program and practices during fiscal year 2018.
Joint Report
Agency Wide
No (location specific)

United States

Questioned Costs
Funds for Better Use


OCIO should design and implement a strategic Department-wide plan to address unsupported software which are no longer supported by the vendor.

The Department should develop privacy policies and procedures in accordance with NIST and OMB A-130 requirements. In addition, OCIO and the Chief Privacy Officer should conduct a thorough gap analysis of existing USDA policy, procedures and guidance, and publish an updated Privacy Act Compliance Departmental Directive to include current NIST and OMB Privacy Act related guidance and requirements.

The Department should design and implement the necessary oversight and enforcement mechanisms and controls to ensure all system contingency plans are tested annually and the results of all tests are reviewed annually to ensure corrective actions can be initiated, as necessary.