“We performed this audit as a follow-up to a September 2015 Office of Inspector General (OIG) investigation regarding United States Secret Service (USSS) employees improperly accessing and distributing sensitive information onthe agency’s Master CentraIndex (MCI) mainframe system. Our objective was to determine whether adequate controls and data protections were in place on systems to which MCI information was migrated…What We Found – USSS did not have adequate protections in place on systems to which MCI information was migrated. USSS information technology (IT) management was ineffective, including inadequate system security plans, systems with expired authorities to operate, inadequate access and audit controls, noncompliance with logical access requirements, inadequate privacy protections, and over-retention of records.”
Sorry, comments are closed for this post.