Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock
()
or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
EAC OIG, through the independent public accounting firm of Brown & Company, CPAs, audited EAC's fiscal year 2019 compliance with the requirements of the Federal Information Security Modernization Act of 2014.
We recommend EAC OIT conduct physical inventory annually to the level of information deemed necessary for effective accountability of inventory specifications that include physical location, component owners, manufacturer, device type, model and serial...
We recommend the EAC OIT prioritize and implement the use of multifactor authentication for network access for privileged accounts.
We recommend EAC OIT implement a SCAP tool to help maintain an up-to-date, complete, accurate and readily available view of configuration settings for all information components connected to the agency's network.
We recommend EAC OIT develop an annual specialized training schedule that identifies individuals who need training. The training program should include training objectives, specific appropriate training to ensure IT staff gains specific knowledge, skills...
EAC OIT should track the training schedule to ensure individuals receive assigned training according to the agency's policy.