PERFORMANCE AUDIT REPORT U.S. EQUAL EMPLOYMENT OPPORTUNITY COMMISSION FEDERAL INFORMATION SECURITY MODERNIZATION ACT OF 2014 (FISMA) FOR THE FISCAL YEAR ENDING SEPTEMBER 30, 2022

PERFORMANCE AUDIT REPORT U.S. EQUAL EMPLOYMENT OPPORTUNITY COMMISSION FEDERAL INFORMATION SECURITY MODERNIZATION ACT OF 2014 (FISMA) FOR THE FISCAL YEAR ENDING SEPTEMBER 30, 2022

We recommend that EEOC review and remediate the level 5 severity vulnerabilities identified during internal vulnerability scanning to avoid compromises to agency systems.

PERFORMANCE AUDIT REPORT U.S. EQUAL EMPLOYMENT OPPORTUNITY COMMISSION FEDERAL INFORMATION SECURITY MODERNIZATION ACT OF 2014 (FISMA) FOR THE FISCAL YEAR ENDING SEPTEMBER 30, 2022

PERFORMANCE AUDIT REPORT U.S. EQUAL EMPLOYMENT OPPORTUNITY COMMISSION FEDERAL INFORMATION SECURITY MODERNIZATION ACT OF 2014 (FISMA) FOR THE FISCAL YEAR ENDING SEPTEMBER 30, 2022

We recommend that EEOC review and remediate the level 4 severity vulnerabilities identified during internal vulnerability scanning to avoid compromises to agency systems.

PERFORMANCE AUDIT REPORT U.S. EQUAL EMPLOYMENT OPPORTUNITY COMMISSION FEDERAL INFORMATION SECURITY MODERNIZATION ACT OF 2014 (FISMA) FOR THE FISCAL YEAR ENDING SEPTEMBER 30, 2022

PERFORMANCE AUDIT REPORT U.S. EQUAL EMPLOYMENT OPPORTUNITY COMMISSION FEDERAL INFORMATION SECURITY MODERNIZATION ACT OF 2014 (FISMA) FOR THE FISCAL YEAR ENDING SEPTEMBER 30, 2022

We recommend that EEOC review and remediate the medium level severity vulnerabilities identified during external penetration testing by:

PERFORMANCE AUDIT REPORT U.S. EQUAL EMPLOYMENT OPPORTUNITY COMMISSION FEDERAL INFORMATION SECURITY MODERNIZATION ACT OF 2014 (FISMA) FOR THE FISCAL YEAR ENDING SEPTEMBER 30, 2022

PERFORMANCE AUDIT REPORT U.S. EQUAL EMPLOYMENT OPPORTUNITY COMMISSION FEDERAL INFORMATION SECURITY MODERNIZATION ACT OF 2014 (FISMA) FOR THE FISCAL YEAR ENDING SEPTEMBER 30, 2022

We recommend that EEOC implement strong authentication mechanisms for privileged and non-privileged users in accordance with Federal guidance, to meet the required use of PIV or an Identity Assurance Level (IAL)3/Authenticator Assurance Level (AAL) 3 credential of the agency's networks, including rem