U.S. flag

An official website of the United States government

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Final Report - Evaluation of the Commission's FY 2025 FISMA - OA-2025-04

Report Information

Date Issued
Report Number
OA-2025-04
Report Type
Inspection / Evaluation
Description
The Office of Inspector General engaged the independent public accounting firm Harper, Rains, Knight, & Company, P.A. (HRK) to conduct the annual Federal Information Security Modernization Act (FISMA) evaluation and complete the FY 2025 Inspector General (IG) FISMA Reporting Metrics.   The objective of the evaluation was to assess the effectiveness of the Commission's information security program and practices for FY 2025.  HRK determined the Commission’s maturity levels were consistently implemented and its information security program and practices were effective. HRK identified one new finding with three corresponding recommendations.
Joint Report
No
Agency Wide
Yes (agency-wide)
Questioned Costs
$0
Funds for Better Use
$0
View report on Oversight.gov

Recommendations

Review the installed applications on all issued laptops/desktops/endpoints to ensure no unauthorized software is present and take appropriate action if unauthorized software is present.

Review the Commission’s "user" setting population to ensure each "user" is properly configured in compliance with Commission's approved Group Policy Objectives (GPO). Make the appropriate corrections to user configurations, as appropriate.

Review and update Active Directory settings and Microsoft Defender and Intune policies to ensure unauthorized software cannot be installed.