Review of HHS's Compliance with the Federal Information Security Modernization Act of 2014 (FISMA)
The Federal Information Security Modernization Act of 2014 (FISMA) and OMB Circular A-130, "Managing Information as a Strategic Resource," require that agencies and their contractors maintain programs that provide adequate security for all information collected, processed, transmitted, stored, and/or disseminated in general support systems and major applications. FISMA requires each agency's inspector general to conduct an annual, independent evaluation to determine the effectiveness of the information security program and practices of an agency. We will review HHS's and selected HHS operating divisions' compliance with FISMA. The purpose of this audit is to determine whether HHS's overall information technology security program and practices were effective as they relate to Federal information security requirements.
Announced or Revised | Agency | Title | Component | Report Number(s) | Expected Issue Date (FY) |
---|---|---|---|---|---|
Completed | Office of the Secretary | Review of HHS's Compliance with the Federal Information Security Modernization Act of 2014 (FISMA) | Office of Audit Services | W-00-23-42001; W-00-24-42001 |
2025 |