Office of Information Technology

Evaluation of EEOC’s Social Media Program

Hire people with specialized expertise to manage the social media program and its assets, specifically a dedicated social media manager and part-time (or contract) graphic designer and multimedia specialist.

Hire people with specialized expertise to manage the social media program and its assets, specifically a dedicated social media manager and part-time (or contract) graphic designer and multimedia specialist.

Evaluation of EEOC’s Social Media Program

Hire people with specialized expertise to manage the social media program and its assets, specifically a dedicated social media manager and part-time (or contract) graphic designer and multimedia specialist

Hire people with specialized expertise to manage the social media program and its assets, specifically a dedicated social media manager and part-time (or contract) graphic designer and multimedia specialist

U.S. Equal Employment Opportunity Commission Federal Information Security Modernization Act of 2014 (FISMA) FY 2019 Performance Audit.

We recommend EEOC OIT review and remediate critical-risk, high-risk, and mediumrisk vulnerabilities in accordance with EEOC OIT's assessment of risk. If the risk is not remediated then we recommend EEOC OIT document the acceptance of the risk.

We recommend EEOC OIT review and remediate critical-risk, high-risk, and medium risk
vulnerabilities in accordance with EEOC OIT's assessment of risk. If the risk is not
remediated then we recommend EEOC OIT document the acceptance of the risk.

U.S. Equal Employment Opportunity Commission Federal Information Security Modernization Act of 2014 (FISMA) FY 2019 Performance Audit.

We recommend EEOC OIT provide specialized training for SharePoint administrators and users to reduce the risk of exposing sensitive information and PII.

We recommend EEOC OIT provide specialized training for SharePoint administrators
and users to reduce the risk of exposing sensitive information and PII.

U.S. Equal Employment Opportunity Commission Federal Information Security Modernization Act of 2014 (FISMA) FY 2019 Performance Audit.

We recommend EEOC OIT conduct a privacy impact assessment of the SharePoint system to identify privacy issues and risks associated with the security settings; and to provide recommendations to mitigate potential privacy risk.

We recommend EEOC OIT conduct a privacy impact assessment of the SharePoint
system to identify privacy issues and risks associated with the security settings; and to
provide recommendations to mitigate potential privacy risk.

Report 2018-004-AOIG - U.S. Equal Employment Opportunity Commission Federal Information Security Modernization Act of 2014 (FISMA) Fiscal Year 2018 Independent Evaluation

U.S. Equal Employment Opportunity Commission Federal Information Security Modernization Act of 2014 (FISMA) Fiscal Year 2018 Independent Evaluation

We recommend the OIT review and remediate critical-risk, high-risk and moderate-risk vulnerabilities. These vulnerabilities should be resolved to avoid compromise to EEOC’s systems; or the Agency should document acceptance of the risk or reclassification of the risk

Report 2016-008-EOIG - Independent Evaluation of the U.S. Equal Employment Opportunity Commission’s Compliance with Provisions of the Federal Information Security Modernization Act of 2014 (FISMA)

Report 2016-008-EOIG - Independent Evaluation of the U.S. Equal Employment Opportunity Commission’s Compliance with Provisions of the Federal Information Security Modernization Act of 2014 (FISMA)

EEOC OIT should review and analyze critical, high, and medium vulnerabilities. These vulnerabilities should be resolved to avoid compromise of EEOC’s systems; or the agency should document acceptance of the risk or reclassification of the risk.

Report 2017-007-AOIG - Independent Evaluation of the U.S. Equal Employment Opportunity Commission’s Compliance with Provisions of the Federal Information Security Modernization Act of 2014

Report 2017-007-AOIG - Independent Evaluation of the U.S. Equal Employment Opportunity Commission’s Compliance with Provisions of the Federal Information Security Modernization Act of 2014

EEOC should conduct an e-authentication risk assessment for its digital systems and has not fully implemented multifactor authentication for logical and remote access for privileged and non-privileged users. (Repeat finding since FY 2008)

Report 2017-007-AOIG - Independent Evaluation of the U.S. Equal Employment Opportunity Commission’s Compliance with Provisions of the Federal Information Security Modernization Act of 2014

Report 2017-007-AOIG - Independent Evaluation of the U.S. Equal Employment Opportunity Commission’s Compliance with Provisions of the Federal Information Security Modernization Act of 2014

EEOC should develop a Trusted Internet Connection (TIC) program that meets OMB requirements to improve the agency’s security posture.