U.S. flag

An official website of the United States government

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

U.S. Department of Agriculture, Office of the Chief Information Officer, Fiscal Year 2023 Federal Information Security Modernization Act

Report Information

Date Issued
Report Number:
50503-0011-12
Report Type
Audit
Description
As required by the Federal Information Security Modernization Act, OIG reviewed USDA's ongoing efforts to improve its information technology security program and practices during Fiscal Year 2023.
Joint Report
No
Agency Wide
Yes (agency-wide)
Questioned Costs
$0
Funds for Better Use
$0
View report on Oversight.gov

Recommendations

OCIO management should improve internal processes so that internal ATO reviews are completed on time, prior to the existing ATOs expiring.

OCIO management should improve oversight over contractors and enforce the timely completion of ATOs, in accordance with USDA policy.

OCIO management should update existing policy and procedures to define the conditions under which temporary reauthorization decisions may be granted (i.e., systems scheduled for retirement and disposal).

Rural Development management should improve system owner and support staff communications with OCIO regarding system retirements and disposals to ensure their information systems remain authorized until system disposal is completed.

OCIO management should design and implement a quality control process to validate that designated management are incorporating and complying with the requirements of DR 3505-003.