“The recent intrusions into U.S. Office of Personnel Management (OPM) systems that house personnel and background investigation data for Federal employees and other individuals have raised questions about the security of OPM data and the integrity of its Information Technology (IT) assets. Since Director Archuleta arrived at OPM, she has led the agency in taking significant strides to enhance cybersecurity and modernize its IT systems – strides that are in many ways forging new territory and laying groundwork for the rest of government. But recently discovered incidents have underscored the fact that there is clearly more that can and must be done. Government and non-government entities are under constant attack by evolving, advanced, and persistent threats and criminal actors. These adversaries are sophisticated, well-funded, and focused. For that reason, efforts to combat them and improve Federal IT and data security must be constantly improving as well. The following report provides a summary of the actions OPM has taken, those that are currently underway, and those that are planned for the future in order to meet this challenge. Many of these actions are based on recommendations that have been provided by independent experts such as the agency’s Inspector General (IG), the Government Accountability Office (GAO), and other Federal partners. In the coming weeks and months, the agency will continue to consult with Congress, the IG, independent experts inside and outside of government, and others to identify further actions to strengthen cybersecurity and protect its critical IT systems.”