USAID actively tracks and monitors any weaknesses in security controls from the prior year audit and prioritizes any deficiencies for remediation in the current year. The Federal Information Security Modernization Act (FISMA) Quarterly Report provides a snapshot of the current year programs, projects, and ongoing initiatives in place to address vulnerabilities identified in the FY 2018 FISMA audit.

The Office of Inspector General (OIG) annually tests a subset of the Agency’s FISMA reportable systems against the catalog of security and privacy controls for federal information systems and organizations contained in NIST SP 800-53 Revision 4, issued by the National Institute of Standards and Technology (NIST). The OIG evaluation of both the NIST controls and IG metrics led to the determination of USAID having an overall effective information security program in FY 2018.

Learn more in the FISMA Quarterly Reporting Update: