The Department of the Interior received 18 security-related recommendations in a KPMG Federal Information Security Modernization Act (FISMA) audit, which identified several information security risks across the agency.
The audit, released March 13, broadly recognized that DOI has risk management, information system continuous monitoring, incident response, and contingency planning programs.
KPMG found that DOI could improve its configuration management, identify and access management, data protection and privacy, contingency planning, and incident response–particularly in the Bureau of Land Management (BLM) and Bureau of Reclamation (BOR), among its 11 offices.
DOI’s Office of Chief Information Officer will ensure that the bureaus and offices within the department address the deficiencies KPMG found and will track the respective offices’ progress, the report says. The target completion dates for action responding to most of recommendations are by the end of December 2019.