Skip to main content
U.S. flag

An official website of the United States government

New Audit Announcements

Date

Audit Initiated of DOT’s Information Security Program and Practices for Fiscal Year 2019

Requested By
Required by the Federal Information Security Modernization Act of 2014
Project ID
19F3005F00
File Attachment
The Federal Information Security Modernization Act of 2014 (FISMA) requires agencies to implement information security programs. The act also requires agencies to conduct annual independent reviews to determine the effectiveness of their programs, and report the results of these reviews to the Office of Management and Budget (OMB). To meet this requirement, we have contracted with an independent public accounting firm to conduct the review of the Department of Transportation’s (DOT) information security program and practices subject to our oversight.
 
The audit objective will be to determine the effectiveness of DOT’s information security program in five function areas—Identify, Protect, Detect, Respond, and Recover. We will report on the review of FISMA security metrics and performance measures through CyberScope as required by OMB.