GAO: OPM IT Security Still at Risk

View this article online at and visit to sign up for free news updates
By on August 4, 2017 in Agency News with 0 Comments
Image of an unlocked padlock against a circuit board background

Despite making improvements, the Office of Personnel Management has more work to do to fully safeguard its information security. This is the conclusion from a new Government Accountability Office Report.

OPM suffered two massive data breaches in 2015 that left the fingerprints and personal data of over 25 million current and former federal employees vulnerable. Among the personal data were Social Security numbers and other information from background investigations such as residency and educational history and employment history.

Since that time, OPM has been working to improve its information security based on recommendations made by the United States Computer Emergency Readiness Team (US-CERT).

According to GAO, there were 19 recommendations made, and OPM has completed actions for 11 of the recommendations and taken actions for the remaining 8, with actions for 4 of these 8 requiring further improvement.

“Until OPM completes implementation of government-wide requirements, its systems are at greater risk than they need be,” wrote GAO.

A copy of the report is included below.

GAO Report: OPM Has Improved Controls, but Further Efforts Are Needed

© 2020 Ian Smith. All rights reserved. This article may not be reproduced without express written consent from Ian Smith.


About the Author

Ian Smith is one of the co-founders of He enjoys writing about current topics that affect the federal workforce.