U.S. flag

An official website of the United States government

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Endpoint Protection

Report Information

Date Issued
Report Number
2022-17338
Report Type
Audit
Description
The Office of the Inspector General conducted an audit to determine the effectiveness of endpoint protection on Tennessee Valley Authority’s (TVA) desktops and laptops. We found several areas of TVA’s endpoint protection program to be generally effective; however, we identified two issues that should be addressed by TVA management to further increase the effectiveness. Specifically, we found (1) TVA does not require endpoint protection for all network connections and (2) gaps in TVA policy, procedures, and internal controls. TVA management agreed with our recommendations.
Joint Report
Yes
Participating OIG
Tennessee Valley Authority OIG
Agency Wide
Yes (agency-wide)
Questioned Costs
$0
Funds for Better Use
$0
View report on Oversight.gov

Recommendations

We recommend the Vice President and Chief Information and Digital Officer, Technology and Information, implement endpoint protection requirements for all network connections on Technology and Information managed desktops and laptops.

We recommend the Vice President and Chief Information and Digital Officer, Technology and Information, implement and/or update policy, procedure, and internal control documentation for endpoint protection.