Evaluation of Combatant Commands Communication Challenges with Foreign Nation Partners during the COVID-19 Pandemic and Mitigation Efforts
We plan to begin the subject evaluation in June 2021. The objective of this evaluation is to determine how U.S. Africa Command, U.S. Central Command, U.S. European Command, U.S. Indo-Pacific Command, U.S. Southern Command, and their Component Commands mitigated communication problems with partner nations during the COVID-19 pandemic, document those mitigation strategies, and consider whether these strategies should be employed in future operations where personal interaction is not possible. We may revise the objective as the evaluation proceeds, and we will consider suggestions from management for additional or revised objectives.
The COVID-19 Assistance Information Systems Security Controls
The Office of Inspector General, Audits Division will conduct an evaluation of the COVID-19 assistance information systems security controls. Our objective is to determine what internal controls the organization designed to address third-party contractor system cybersecurity risks caused by COVID-related economic relief transactions.
The Department of Energy's Unclassified Cybersecurity Program - 2021
This review is a culmination of the OIG's work on FISMA as well as additional cybersecurity and technology work performed by the OIG throughout the year. The review this fiscal year includes additional work to address questions raised by members of Congress related to information technology and cybersecurity during the Department of Energy's maximum telework posture.
Evaluation of Third-Party Cybersecurity Risk Management Processes for Vendors Supporting the Main Street Lending Program (MSLP) and the Secondary Market Corporate Credit Facility (SMCCF)
In response to the economic effects of the COVID-19 pandemic, the Board created new lending programs and facilities to provide loans to employers, certain businesses, and communities across the country to support the U.S. economy. To support the implementation of specific programs and facilities, the Federal Reserve Banks have contracted with third-party vendors for various services, such as administrative, custodial, legal, design, and investment management services. These vendors provide data generated from the operations and management of the facilities to the Reserve Banks, who then provide the data to the Board. We plan to evaluate the effectiveness of (1) the risk management processes designed to ensure that effective information security and data integrity controls are implemented by third parties supporting the administration of the MSLP and the SMCCF and (2) select security controls managed by the Reserve Banks for selected systems that process and maintain MSLP and SMCCF data.
We plan to begin the subject evaluation in June 2020. The objective of this evaluation is to determine the extent to which DoD Components provided access to DoD information technology and communications during the COVID-19 pandemic. We may revise the objective as the evaluation proceeds, and we will also consider suggestions from management for additional or revised objectives.
Audit of Contracts for DoD Information Technology Products and Services Procured by DoD Components in Response to the COVID-19 Pandemic
We plan to begin the subject audit in May 2020. The objective of this audit is to determine whether DoD Components used supplemental funding, received in response to the coronavirus–19 (COVID-19) pandemic, to procure IT products and services in accordance with applicable DoD and Federal requirements.