U.S. flag

An official website of the United States government

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Power Generation Facility Cyber Security

Report Information

Date Issued
Report Number
2015-15286
Report Type
Audit
Description
The OIG audited cyber security at a power generation facility to determine (1) the adequacy of physical and environmental controls, logical security controls, network infrastructure controls, and general controls such as backup and recovery, change control, and incident response, and (2) compliance with the Maritime Transportation Security Act (MTSA). In summary, we found opportunities for improvement in the areas of (1) physical access and environmental controls, (2) logical access controls, (3) network infrastructure controls, and (4) general controls. Additionally, during our review of MTSA requirements, we found no issues with compliance. Lastly, we identified no control weaknesses during our testing of (1) a sample of business network laptops, desktops, and servers, (2) wireless access points, and (3) modems. TVA management generally agreed with our findings and recommendations.(Summary Only)
Joint Report
Yes
Participating OIG
Tennessee Valley Authority OIG
Agency Wide
Yes (agency-wide)
Questioned Costs
$0
Funds for Better Use
$0
View report on Oversight.gov

Recommendations

No recommendations at this time.