Search

-A A +A
skip-to-content
DOT Had Major Success in PIV Implementation, But Problems Persist In Other Cybersecurity Areas
This report presents the results of our annual audit of DOT’s information security program and practices required by the Federal Information Security Management Act of 2002 (FISMA), as amended.
Library Item
Date: 11.05.2015
PDF icon FISMA FY 2015 FOUO Redacted.pdf
DOT's Information Security Program
During FY 2006, the Department made noticeable improvement in tracking, prioritizing, and correcting security weaknesses - a major concern identified last year.
Library Item
Date: 10.23.2006
PDF icon DOT_FISMA_Oct_20_FINAL_web-ready.pdf
Cybersecurity Planning Weaknesses May Hinder the Efficient Use of Future Resources
In its fiscal year 2011 budget request, DOT’s Office of the Chief Information Officer (OCIO) requested $30 million to close the Department’s most serious cybersecurity gaps.
Library Item
Date: 08.07.2017
PDF icon DOT Cybersecurity Funding Final Report^8-7-17.pdf
Quality Control Review of Controls over DOT's Protection of Privacy Information
We conducted a quality control review of an audit, performed by CliftonLarsonAllen LLP, of the DOT’s practices for the protection of personally identifiable information (PII).
Library Item
Date: 06.05.2014
PDF icon QCR of DOT Privacy Protections.pdf
Improvements Increase DOT’s Compliance With the Reducing Over-Classification Act
Information security is a top priority for the Department of Transportation (DOT) and other Federal agencies and requires accurate and accountable application of classification standards.
Library Item
Date: 11.07.2016
PDF icon ROCA Final Report.pdf
Quality Control Review of Controls Over the Enterprise Services Center
On October 1, 2009, we issued our final report on the general, application, and operational controls over the DOT Enterprise Services Center. OIG hired a CPA firm to perform this review in accordance with the Statement of Auditing Standard No.
Library Item
Date: 10.01.2009
PDF icon FY2009_SAS_70final_10-01-2009l_(5).pdf
DOT Does Not Fully Comply With Requirements of the Reducing Over-Classification Act
On September 19, 2013, we issued our report entitled DOT Not Fully Complying with Requirements of the Reducing Over-Classification Act.  Our objectives were to (1) determine whet
Library Item
Date: 09.23.2013
PDF icon Reducing Overclassification Act compliance report.pdf
Multiple DOT Operating Administrations Lack Effective Information System Disaster Recovery Plans and Exercises
The Department of Transportation (DOT) relies on more than 450 information systems, many of which provide fundamental capabilities for keeping the Nation’s transportation system safe and operational.
Library Item
Date: 03.03.2016
PDF icon DOT Disaster Recovery Plans and Exercises Final Report^3-3-16.pdf
DOT Does Not Have An Effective Enterprise Architecture Program For Management Of Information Technology Changes
On April 17, 2012, we issued a report on the results of our audit of DOT’s enterprise architecture (EA) program.
Library Item
Date: 04.17.2012
PDF icon DOT Enterprise Architecture.pdf

Pages