TSP Gets Lowest Possible Score on Information Security Audit

Sort by newest Sort by date
James48843

James48843

Well-known member
From today’s
GovExec.com

The agency that administers the federal government’s 401(k)-style retirement program received the lowest of five possible scores on a recent audit to determine its compliance with federal information security standards.

Auditors with the consulting firm Williams Adley examined the information security program of the Federal Retirement Thrift Investment Board, which administers the Thrift Savings Plan, under the Federal Information Security Modernization Act. In the first annual study of FRTIB’s policies, the agency scored a Level 1 in accordance with the law’s fiscal 2017 inspector general reporting metrics, out of a possible five.

Although FRTIB had started a number of initiatives to upgrade its IT infrastructure and cybersecurity in recent years, auditors found those policies to remain primarily “ad hoc” in nature. An effective information security program is scored at Level 4, which includes collection of “quantitative and qualitative measures on the effectiveness of policies, procedures and strategy” at an agency and assessment for what changes are necessary.



More:

TSP Gets Lowest Possible Score on Information Security Audit - Oversight - GovExec.com


Sent from my iPhone using TSP Talk Forums
 
So what are they spending the multimillion dollars on every year? That also increases every year. I haven't read the monthly meeting minutes in awhile but the increases always seemed to be for computer/server/software upgrades.
 
So the article states that "An effective information security program is scored at Level4". The FRTIB was scored at a Level 1.

"Suzanne Tosini, chief operating officer and acting chieftechnology officer for the TSP, said the agency is moving forward with plans toimplement Williams Adley’s recommendations, and it will strengthen itscontractor oversight policies. She provided a roadmap that projects the agencywill reach a Level 3 score—“Consistently Implemented”—in fiscal 2019, whichwould be reflected in the fiscal 2020 audit."

Why are they not trying to get to a Level 4 score instead of "moving forward with plans" and "projects the agency will reach a Level 3 score in fiscal 2019" and the 2020 audit?
 
nasa1974 said:
So the article states that "An effective information security program is scored at Level4". The FRTIB was scored at a Level 1.

"Suzanne Tosini, chief operating officer and acting chieftechnology officer for the TSP, said the agency is moving forward with plans toimplement Williams Adley’s recommendations, and it will strengthen itscontractor oversight policies. She provided a roadmap that projects the agencywill reach a Level 3 score—“Consistently Implemented”—in fiscal 2019, whichwould be reflected in the fiscal 2020 audit."

Why are they not trying to get to a Level 4 score instead of "moving forward with plans" and "projects the agency will reach a Level 3 score in fiscal 2019" and the 2020 audit?
Click to expand...
Moving at the speed of government...

Sent from my SM-J727V using Tapatalk
 
What's the big deal? The agency handling your background check or security investigation has been hacked, OPM, DOD and likely most federal agencies have been hacked. Your info is out there. The question is can someone start sucking your funds out of your TSP? Relax. They may give you 1 year free credit monitoring. Rest assured a business plan is being formulated to address the problem.

PO
 
Any plan that aims for anything less than level 5 is a failure of leadership. Couple that with the audit revealing a current level 1 and I don't know how these people still have their jobs.
 
PessOptimist said:
What's the big deal? The agency handling your background check or security investigation has been hacked, OPM, DOD and likely most federal agencies have been hacked. Your info is out there. The question is can someone start sucking your funds out of your TSP? Relax. They may give you 1 year free credit monitoring. Rest assured a business plan is being formulated to address the problem.

PO
Click to expand...

You got that right, I have had three breeches of my information from working for the government, one from when I was in the army and two from the VA. I have credit monitoring for free but don't feel too good about it.
 
You must log in or register to reply here.

Similar threads

tsptalk
A conversation with TSP Executive Director Ravi Deo
Replies
1
Views
234
WorkFE
WorkFE
tsptalk
  • Article Article
TSP Talk - Stocks were flat on Friday as the S&P tests the old highs
Replies
0
Views
239
tsptalk
tsptalk
James48843
GAO Will Investigate the Troubled TSP Recordkeeper Transition
Replies
0
Views
987
James48843
James48843
James48843
GOP Senator demand NO Mutual Fund Window
Replies
10
Views
2K
Boghie
Boghie
James48843
Most of Biden's TSP Nominees Are Free to Be Confirmed, Now That GOP Senators Have
Replies
0
Views
658
James48843
James48843
Back
Top