New Audit Announcements
January 15, 2020
Required by the Federal Information Security Modernization Act of 2014
Audit Initiated of the Surface Transportation Board’s Information Security Program and Practices for Fiscal Year 2020
The Federal Information Security Modernization Act of 2014 (FISMA) requires agencies to implement information security programs. The act also requires agencies to have annual independent evaluations performed to determine the effectiveness of their programs and report the results of these evaluations to the Office of Management and Budget (OMB). To meet this requirement, the Surface Transportation Board (STB) has requested that we perform its fiscal year 2020 FISMA review. We have contracted with Williams Adley & Company-DC LLP (Williams Adley), an independent public accounting firm, to conduct this review—subject to our oversight.
The audit objective will be to determine the effectiveness of STB’s information security program, including its performance in five function areas—Identify, Protect, Detect, Respond, and Recover.