“HHS OIG has determined that the department’s IT security program was “not effective” because it did not meet security levels required by the Federal Information Security Modernization Act (FISMA).”
“OIG identified HHS IT security weaknesses in the areas of risk management, configuration management, identity and access management, data protection and privacy, security training, IT security continuous monitoring, incident response, and contingency planning.”
“In the report, OIG mapped…” Read the full article here.
Source: HHS IT Security Program “Not Effective,” Says OIG FISMA Audit – By Fred Donovan, April 22, 2019. HIT Infrastructure.