SSA should keep a close eye on computer access, IG says

Overall SSA systems compliant with FISMA

The Social Security Administration needs to be more vigilant in controlling employees access to the agency's systems, according to a new audit.

The auditors examined SSA’s compliance with the Federal Information Security Management Act (FISMA) in fiscal 2009. Overall, the agency passed the test, generally fuflilling federal requirements, according to the audit released by SSA Inspector General Patrick O’Carroll.

“Our FY 2009 FISMA evaluation determined that SSA generally complied with FISMA; however, some improvements are needed,” the IG's office concluded.

The audit by the inspector general noted a “significant deficiency” in internal financial controls because the SSA did not continually assess individuals’ access to the agency’s mainframe computer data.

However, that deficiency did not rise to the level of a significant deficiency as defined under FISMA because the SSA has other controls in place, including intrusion detection systems, closed circuit television, automated systems checks, configuration management and firewalls, the report said.

The IG also reviewed concerns raised in previous audits of FISMA at the agency, and recommends that the SSA continue to implement recommendations from those previous reports.

The agency is evaluating the report, Dorothy Clark, a press officer for the agency, said today. “ The Inspector general made several recommendations that the agency is considering,” she said in a statement.

In a separate report, the IG recently outlined major management challenges at the SSA, including challenges in upgrading its IT systems. Specifically, the agency faces certain obstacles in carrying out its planned replacement of its data center. 


About the Author

Alice Lipowicz is a staff writer covering government 2.0, homeland security and other IT policies for Federal Computer Week.

Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.