Audit of DOT's Information Security Program Initiated
June 29, 2004
As required by the Federal Information Security Management Act (FISMA), we initiated our annual audit of the Department’s information security program. We plan to review the reasonableness of DOT's systems inventory adjustments, perform a sample review of Operating Administration information systems, and scan network computers to evaluate DOT's configuration management controls. Our audit objectives are to (1) assess the Department's progress in correcting weaknesses identified in last year's FISMA review, and (2) provide input to DOT's annual FISMA report by answering questions specified by OMB.