Assessment of the Department of State's Connection Approval Process, Independent Validation and Verification Protocol, and System Certification and Accreditation Process (AUD/FM-03-30)

Achieving the Pursuit of Happiness Throu... | Daily Press Briefing | What's New

Office of Inspector General > Library > Audit Reports > Financial Management Audit Reports

Assessment of the Department of State's Connection Approval Process, Independent Validation and Verification Protocol, and System Certification and Accreditation Process (AUD/FM-03-30) - SUMMARY

Beginning in 1977, in its independent auditor’s report on the Department’s financial statements, a contract auditor reported a material weakness related to information system security. The Department stated that two recommended corrective actions for this material weakness would be addressed as part of its process to implement OpenNet Plus, which would constitute a program of system vulnerability and mitigation.

At the direction of the Office of Inspector General, an external systems contractor reviewed the Department’s OpenNet Plus connection approval process, including the independent validation and verification protocol, and the system certification and accreditation process. The systems contractor found that, although the connection approval process was a positive step, it was not sufficient to constitute a program of system vulnerability assessment and mitigation. In addition, the Department had not established a Department-specific certification and accreditation process.

Updates | Frequent Questions | Contact Us | Email this Page | Subject Index | Search
The Office of Electronic Information, Bureau of Public Affairs, manages this site as a portal for information from the U.S. State Department. External links to other Internet sites should not be construed as an endorsement of the views or privacy policies contained therein.
FOIA | Privacy Notice | Copyright Information | Other U.S. Government Information