GAO: OPM IT Security Still at Risk

August 4, 2017 12:12 PM , Updated August 11, 2017 7:54 AM
View this article online at https://www.fedsmith.com/2017/08/04/gao-opm-security-still-risk/ and visit FedSmith.com to sign up for free news updates

Despite making improvements, the Office of Personnel Management has more work to do to fully safeguard its information security. This is the conclusion from a new Government Accountability Office Report.

OPM suffered two massive data breaches in 2015 that left the fingerprints and personal data of over 25 million current and former federal employees vulnerable. Among the personal data were Social Security numbers and other information from background investigations such as residency and educational history and employment history.

Since that time, OPM has been working to improve its information security based on recommendations made by the United States Computer Emergency Readiness Team (US-CERT).

According to GAO, there were 19 recommendations made, and OPM has completed actions for 11 of the recommendations and taken actions for the remaining 8, with actions for 4 of these 8 requiring further improvement.

“Until OPM completes implementation of government-wide requirements, its systems are at greater risk than they need be,” wrote GAO.

A copy of the report is included below.

GAO Report: OPM Has Improved Controls, but Further Efforts Are Needed

© 2021 Ian Smith. All rights reserved. This article may not be reproduced without express written consent from Ian Smith.

Tags:

About the Author

Ian Smith is one of the co-founders of FedSmith.com. He enjoys writing about current topics that affect the federal workforce.

Top