Date Issued
Report Number
2008-11964
Report Type
Audit
Description
The Office of the Inspector General's review of TVA's compliance with the Federal Information Security Management Act (FISMA) of 2002 determined that TVA had improved (1) tracking of security weaknesses, remediation actions, and incidents and (2) measures to ensure appropriate personnel complete role-based security training. While TVA continues to make progress in implementing information technology controls required by FISMA, we noted additional controls are needed to improve (1) oversight and evaluation of contractor systems, (2) completing system certifications and accreditations, (3) defining and tracking configuration management metrics, and (4) consideration of e-authentication risks at TVA.
Joint Report
Yes
Participating OIG
Tennessee Valley Authority OIG
Agency Wide
Yes (agency-wide)
Questioned Costs
$0
Funds for Better Use
$0