The Office of Inspector General (DOT-OIG) is initiating an audit into the security controls for the financial management systems that support CARES Act funding.
The transportation industry has been seriously impacted by the current coronavirus disease pandemic. In March 2020, the President signed the Coronavirus Aid, Relief, and Economic Security (CARES) Act. This law provides emergency assistance and health care responses for individuals, families, and businesses, and emergency appropriations to support executive branch agency operations during the pandemic.
The Federal Transit Administration has received billions in funding appropriated by the CARES Act to provide grants for transit infrastructure to prevent, prepare for, and respond to the pandemic. FTA uses several financial management systems to approve, monitor, and distribute CARES Act funds. In recent months, the number of attacks on federal government information systems has increased through a variety of techniques, including social engineering and spear phishing. These attacks can threaten the operations of FTA’s financial management information systems by affecting system and information confidentiality, availability, and integrity. The Agency is required to select security controls designed to reduce systems’ vulnerability, minimize risk, and meet minimum federal security requirements.
DOT-OIG is therefore initiating this audit to assess the effectiveness of FTA’s financial management systems’ security controls designed to protect the confidentiality, integrity and availability of the systems and their information.