Wait, don't miss out on the latest GovCon industry news!

Sign Up Now! ExecutiveGov provides you with Daily Updates and News Briefings

*By clicking "Join us now" you agree to receive emails, promotions and general messages from ExecutiveGov. In addition, you also agree to ExecutiveGov's Privacy Policy and Terms & Conditions.

x
//

OIG Report: NASA Must Improve Info Security Controls, Contingency Plans

1 min read
NASA
NASA

NASA’s Office of the Inspector General (OIG) has found that the agency failed to implement an enterprise-wide information security program and that it had inaccurate and incomplete security plans for six information systems.

The OIG said in a report that four out of six systems were operating without contingency plans or with outdated plans meant to meet requirements under the Federal Information Security Modernization Act (FISMA).

The report also states that many of NASA’s common controls for information systems were “other than satisfied” and that the Office of the Chief Information Officer (OCIO) is yet to address deficiencies through a system security plan (SSP).

According to the IG, NASA must issue clarifying policy guidances and ensure that agency-wide oversight procedures identify risk assessment operations and corrective actions.

The IG noted that having information systems with outdated or no contingency plans puts the agency “at an unnecessarily high risk” and is "threatening the confidentiality, integrity, and availability of NASA information maintained in those systems."

ExecutiveGov Logo

Sign Up Now! Executive Gov provides you with Free Daily Updates and News Briefings about Government Technology