HHS IT Security Program “Not Effective,” Says OIG FISMA Audit
- HHS OIG has determined that the department’s IT security program was “not effective” because it did not meet security levels required by the Federal Information Security Modernization Act (FISMA). OIG identified HHS IT security weaknesses in the areas of risk management, configuration management, identity and access management,...