U.S. flag

An official website of the United States government

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Independent Evaluation of the DNFSB’s Implementation of the Federal Information Security Modernization Act (FISMA) of 2014 for Fiscal Year 2020

Report Information

Date Issued
Report Number
DNFSB-21-A-04
Report Type
Inspection / Evaluation
Joint Report
No
Agency Wide
No (location specific)
Questioned Costs
$0
Funds for Better Use
$0
View report on Oversight.gov

Recommendations

Implement the technical capability to require PIV or Identification and Authentication Level of Assurance (IAL) 3 to all DNFSB privileged accounts.

Implement automated mechanisms (e.g. machine-based, or user-based enforcement) to support the management of privileged accounts, including for the automatic removal/disabling of temporary, emergency, and inactive accounts, as appropriate.

Continue efforts to develop and implement role-based privacy training.

Continue efforts to develop and implement role-based privacy training.

Conduct the agency’s annual breach response plan exercise for FY 2021.