Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it's official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you're on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

The Information Technology Infrastructure and Operations Office Had Inadequate Information Security Controls

04-27-2015 | Audit (A-18-14-30420) | Complete Report

We assessed the adequacy of the Information Technology Infrastructure and Operations Office�s (ITIO) information security controls at a selection of the Department of Health and Human Services� operating divisions that are managed by ITIO. Specifically, we reviewed controls over inventory management, patch management, antivirus management, event management, logical access, encryption, configuration management, Web vulnerability management, and Universal Serial Bus port control management.

We found that ITIO had not fully implemented or monitored some information security controls.

We recommended that ITIO implement our detailed recommendations to address the specific findings we identified.