Results 1 to 8 of 8

Thread: TSP Gets Lowest Possible Score on Information Security Audit

  1. #1

    Join Date
    Apr 2005
    Posts
    13,675
    Blog Entries
    9

    Default TSP Gets Lowest Possible Score on Information Security Audit

    From today’s
    GovExec.com

    The agency that administers the federal government’s 401(k)-style retirement program received the lowest of five possible scores on a recent audit to determine its compliance with federal information security standards.

    Auditors with the consulting firm Williams Adley examined the information security program of the Federal Retirement Thrift Investment Board, which administers the Thrift Savings Plan, under the Federal Information Security Modernization Act. In the first annual study of FRTIB’s policies, the agency scored a Level 1 in accordance with the law’s fiscal 2017 inspector general reporting metrics, out of a possible five.

    Although FRTIB had started a number of initiatives to upgrade its IT infrastructure and cybersecurity in recent years, auditors found those policies to remain primarily “ad hoc” in nature. An effective information security program is scored at Level 4, which includes collection of “quantitative and qualitative measures on the effectiveness of policies, procedures and strategy” at an agency and assessment for what changes are necessary.



    More:

    TSP Gets Lowest Possible Score on Information Security Audit - Oversight - GovExec.com


    Sent from my iPhone using TSP Talk Forums


  2.  
  3. #2

    Join Date
    Apr 2008
    Location
    Cleveland, Ohio
    Posts
    9,801

    Default Re: TSP Gets Lowest Possible Score on Information Security Audit

    So what are they spending the multimillion dollars on every year? That also increases every year. I haven't read the monthly meeting minutes in awhile but the increases always seemed to be for computer/server/software upgrades.
    May the force be with us.

  4.  
  5. #3

    Default Re: TSP Gets Lowest Possible Score on Information Security Audit

    Thank you for posting this James!

  6.  
  7. #4

    Join Date
    Apr 2008
    Location
    Cleveland, Ohio
    Posts
    9,801

    Default Re: TSP Gets Lowest Possible Score on Information Security Audit

    So the article states that "An effective information security program is scored at Level4". The FRTIB was scored at a Level 1.

    "Suzanne Tosini, chief operating officer and acting chieftechnology officer for the TSP, said the agency is moving forward with plans toimplement Williams Adley’s recommendations, and it will strengthen itscontractor oversight policies. She provided a roadmap that projects the agencywill reach a Level 3 score—“Consistently Implemented”—in fiscal 2019, whichwould be reflected in the fiscal 2020 audit."

    Why are they not trying to get to a Level 4 score instead of "moving forward with plans" and "projects the agency will reach a Level 3 score in fiscal 2019" and the 2020 audit?
    May the force be with us.

  8.  
  9. #5

    Default Re: TSP Gets Lowest Possible Score on Information Security Audit

    Quote Originally Posted by nasa1974 View Post
    So the article states that "An effective information security program is scored at Level4". The FRTIB was scored at a Level 1.

    "Suzanne Tosini, chief operating officer and acting chieftechnology officer for the TSP, said the agency is moving forward with plans toimplement Williams Adley’s recommendations, and it will strengthen itscontractor oversight policies. She provided a roadmap that projects the agencywill reach a Level 3 score—“Consistently Implemented”—in fiscal 2019, whichwould be reflected in the fiscal 2020 audit."

    Why are they not trying to get to a Level 4 score instead of "moving forward with plans" and "projects the agency will reach a Level 3 score in fiscal 2019" and the 2020 audit?
    Moving at the speed of government...

    Sent from my SM-J727V using Tapatalk
    Rules:
    - Trade what you see, not what you believe
    - Don't put stuff in your signature that a Mod doesn't like

    "Government exists to protect all people’s rights, not some people’s feelings." - A. Barton Hinkle

    Great Tools:
    http://www.CreditKarma.com
    http://www.Mint.com
    http://www.SaveUp.com/r/nmJ

  10.  
  11. #6

    Join Date
    Oct 2008
    Location
    Stinking desert valley of bad air quality, AZ
    Posts
    2,740

    Default Re: TSP Gets Lowest Possible Score on Information Security Audit

    What's the big deal? The agency handling your background check or security investigation has been hacked, OPM, DOD and likely most federal agencies have been hacked. Your info is out there. The question is can someone start sucking your funds out of your TSP? Relax. They may give you 1 year free credit monitoring. Rest assured a business plan is being formulated to address the problem.

    PO

  12.  
  13. #7

    Join Date
    May 2011
    Location
    Florida
    Posts
    1,215
    Blog Entries
    6

    Default Re: TSP Gets Lowest Possible Score on Information Security Audit

    Any plan that aims for anything less than level 5 is a failure of leadership. Couple that with the audit revealing a current level 1 and I don't know how these people still have their jobs.

  14.  
  15. #8

    Join Date
    Aug 2011
    Location
    Valatie, NY
    Posts
    185

    Default Re: TSP Gets Lowest Possible Score on Information Security Audit

    Quote Originally Posted by PessOptimist View Post
    What's the big deal? The agency handling your background check or security investigation has been hacked, OPM, DOD and likely most federal agencies have been hacked. Your info is out there. The question is can someone start sucking your funds out of your TSP? Relax. They may give you 1 year free credit monitoring. Rest assured a business plan is being formulated to address the problem.

    PO
    You got that right, I have had three breeches of my information from working for the government, one from when I was in the army and two from the VA. I have credit monitoring for free but don't feel too good about it.

  16.  

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
SPY (C Fund) (delayed)
TSP Gets Lowest Possible Score on Information Security Audit
(Stockcharts.com Real-time)
DWCPF (S Fund) (delayed)
TSP Gets Lowest Possible Score on Information Security Audit
(Stockcharts.com Real-time)
EFA (I Fund) (delayed)
TSP Gets Lowest Possible Score on Information Security Audit
(Stockcharts.com Real-time)
AGG (F Fund) (delayed)
TSP Gets Lowest Possible Score on Information Security Audit
(Stockcharts.com Real-time)