U.S. flag

An official website of the United States government

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.


Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.


U.S. Department of Agriculture, Office of the Chief Information Officer, Fiscal Year 2021 Federal Information Security Modernization Act

Report Information

Date Issued
Report Number:
Report Type
USDA - Multi Agency
As required by FISMA, OIG reviewed USDA’s ongoing efforts to improve its information technology security program and practices during FY 2021.
Joint Report
Agency Wide
No (location specific)
Questioned Costs
Funds for Better Use


We recommend the Department 1) retire or supersede IT security policies and procedures on the Department Directives website in a timely manner; and 2) use various communication mediums (e.g., The Federal Chief Information Security Officer Council, Information System Security Manager meetings, etc.) during the policy clearance process to inform employees, contractors, and other stakeholders of required practices and procedures.

We recommend the Department update IT security policies and procedures on its Directives website to include the most current Federal guidance.

We recommend the Department implement an effective patch or upgrade process for mobile devices to address security deficiencies.

We recommend the Department capture mobile devices vulnerabilities in the Department’s reporting system.

We recommend the Department address POA&Ms that are past their due date to ensure identified security weaknesses are remediated in a timely manner.