U.S. flag

An official website of the United States government

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

U.S. Department of Agriculture, Office of the Chief Information Officer, Fiscal Year 2024 Federal Information Security Modernization Act

Report Information

Date Issued
Report Number:
50503-0013-12
Report Type
Audit
Description
As required by FISMA, OIG reviewed USDA’s ongoing efforts to improve its information technology security program and practices during FY 2024.
Joint Report
Yes
Participating OIG
Department of Agriculture OIG
Agency Wide
Yes (agency-wide)
Questioned Costs
$0
Funds for Better Use
$0
View report on Oversight.gov

Recommendations

We recommend Departmental Administration Information Technology Office management increase the resources dedicated to the assessment and authorization program, as needed, to completely execute all aspects of the program requirements on an on-going basis.

We recommend Departmental Administration Information Technology Office management implement changes in operations, management, and oversight that enforces USDA requirements for the timely completion of security assessment plans.

We recommend Office of the Chief Information Officer management establish a system of quality control to review all artifacts uploaded to the USDA document repository, ensuring their completeness, timeliness, and adherence to USDA requirements.

We recommend (REDACTED) management complete a review and update of the (REDACTED) Information System Contingency Plan within the timeframe prescribed by DR 3571-001.

We recommend (REDACTED) management finalize the system’s security categorization and update the information system contingency plan and business impact analysis documents to align with the system’s new categorization requirements.