Dept. of Energy IG – The Federal Energy Regulatory Commission's Unclassified Cyber Security Program – 2011

by Sabrina I. Pacifici on November 20, 2011

Evaluation Report – The Federal Energy Regulatory Commission’s Unclassified Cyber Security Program – 2011. OAS-M-12-01 November 2011.

  • “The Commission had taken actions to improve its cyber security posture and mitigate risks associated with certain issues identified during our FY 2010 evaluation. While these measures are noteworthy, our current evaluation disclosed that additional action is needed to further protect information systems and data. In particular, we continued to identify weaknesses related to the Commission’s timely remediation of software vulnerabilities. Specifically, our testing found that additional opportunities existed for the Commission to ensure that all servers and workstations were patched in a timely manner.”
  • Previous post:

    Next post: