Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Information Security Weaknesses Pose Risk to Operations and the Mission of the Substance Abuse and Mental Health Services Administration (SAMHSA)

Issued on  | Posted on  | Report number: A-18-12-30420

Report Materials

09-05-2013

Summary

We reviewed selected information technology (IT) security controls over the Substance Abuse and Mental Health Services Administration (SAMHSA) network management in effect as of June 2012. We assessed the IT security controls for inventory management, patch management, antivirus management, event management, logical access, encryption, web vulnerability management and Universal Serial Bus (USB) port control management.

We found that the IT security controls for SAMHSA, that are owned and managed by the Information Technology Infrastructure and Operations (HHS/ITIO), were inadequate because security protections to be provided to SAMHSA had not been implemented and adequately monitored.

Copies can also be obtained by contacting the Office of Public Affairs at .

Report Type
Audit
HHS Agencies
Substance Abuse and Mental Health Services Administration
Issue Areas
-
Target Groups
-
Financial Groups
-

Notice

This report may be subject to section 5274 of the National Defense Authorization Act Fiscal Year 2023, 117 Pub. L. 263.