“The Treasury Department received mixed results on its fiscal year 2019 FISMA audit, with few weak spots identified but still falling below the level of effective, according to the audit released October 25 by the department’s inspector general.”
“With six component agencies included in the audit and 12 components across the department making up a fragmented IT environment, the audit called out specific weaknesses at certain agencies rather than assessing the department’s systems as a whole. In total, the department scored a Level 3 on the audit, with Level 3 maturity across seven of the eight areas of the FISMA maturity model – falling below the Level 4 threshold for effectiveness set by the Department of Homeland Security.”
“The component that came under the most fire was the United States Mint, which had weaknesses in three FISMA domains. The agency did not establish a privacy program with defined mechanisms and full documentation. Another area flagged was the Mint’s oversight of personnel access to systems, as some users did not…” Read the full article here.
Source: Treasury Earns Mixed Results on FISMA Assessment – November 1, 2019. MeriTalk.