View PDF Document

Summary

The Office of Inspector General (OIG) is initiating an audit of the Department of Transportation’s (DOT) information management practices for the protection of personally identifiable information (PII). The audit is mandated by the 2008 amendments to Section 522 of the Fiscal Year 2005 Transportation, Treasury, Independent Agencies, and General Government Appropriations Act. OIG has contracted with CliftonLarsonAllen LLP, an independent public accounting firm, to conduct this review subject to OIG’s oversight. The audit objectives are to determine whether: (1) DOT has established adequate procedures for the collection, use, and security of PII; (2) DOT ensures compliance with its own privacy and data protection policies and applicable laws and regulations to prevent unauthorized access to or unintended use of PII; and (3) DOT’s operating administrations properly evaluate the necessity of using PII to process system data.