GAO found common problems including “management accountability issues and gaps in standards and quality control.” Image: dencg/Shutterstock.com
By: FEDweek StaffFederal agencies’ implementation of the Federal Information Security Modernization Act “continued to be mostly ineffective” in 2021-2022, GAO has said, with 18 of 23 Cabinet departments and major independent agencies rated as “not effective” in the former year and 15 in the latter.
That 2014 law requires federal agencies to strengthen information security programs but in a review of agency data and inspector general reports, the GAO found common problems including “management accountability issues and gaps in standards and quality control.”
The report said that while OMB and other entities provide metrics to evaluate FISMA implementation, agencies and IGs say that some of those metrics “are not useful because they do not always accurately evaluate information security programs. Agencies and IGs reported that metrics should be clearly tied to performance goals, account for workforce issues and agency size, and incorporate risk.”
Best practices that agency officials identified to GAO as being effective in implementing FISMA included internal communication, leadership commitment and centralized policies and procedures.
OMB did not take a position on GAO recommendations that it set metrics that address the key causes of ineffective programs.
Conversions to Schedule P/C Pending; Acknowledgement Form Draws Attention
Federal Employee Survey Shows Plummeting Views on Engagement, Leadership, Performance
OPM Takeovers of RIF, Suitability Appeals Diminish Legal Rights, Unions Say
Judge Orders VA to Reinstate Union Contract for 320,000 Workers
Retirement Application Processing Backlog Nearly Doubles in Four Months
See also,
Calculating Service Credit for Sick Leave At Retirement
FERS Supplement vs The 10% Pension Bonus
How Your FERS, Social Security and TSP Payments Get Taxed
Where Should I Put My TSP in Retirement
