The OIG has published a summary of an audit of USMS’s Property and Asset Control Enterprise Solution (PACES) information security program, which found a weakness in one of the seven control areas that needs to be strengthened to ensure that USMS’s PACES and data are adequately protected.
Generally, the auditors, KPMG, found that information security program and practices were consistent with the requirements of the Federal Information Security Modernization Act (FISMA). FISMA assigns responsibilities to federal agencies, the National Institute of Standards and Technology (NIST), and OMB to strengthen federal information system security.
The full audit is classified but the OIG made three recommendations for improving USMS’s PACES, which were presented to USMS management prior to issuance of the report.