GAO Finds Congressional Workforce Rights Office Must Improve Cybersecurity
The Office of Congressional Workplace Rights hasn’t incorporated “key cybersecurity management practices into the planning for its Secure Online Claims Reporting and Tracking E-filing System (SOCRATES) project,” GAO reported Tuesday. The independent office drafted a schedule for the project but…
Sign up for a free preview to unlock the rest of this article
Communications Daily is required reading for senior executives at top telecom corporations, law firms, lobbying organizations, associations and government agencies (including the FCC). Join them today!
“did not finalize and use this schedule to manage cybersecurity activities, such as the time frames for conducting information technology (IT) system security assessments. In addition, the office did not document project cybersecurity risks, such as the office’s reliance on external parties to implement responsibilities on its behalf.” GAO found those “weaknesses were due, in part, to a lack of policies and procedures for IT project planning,” which will continue to hamper OCWR’s IT projects until it begins establishing and implementing those policies. OCWR told GAO it’s “in the process of revising our IT systems project planning to ensure the development and implementation of policies and procedure incorporating key cybersecurity activities.”