State Department OIG Highlights Shortcomings in Information Security Efforts

The Department of State’s internal watchdog has identified security flaws in its information security program across eight different metrics, including risk management, identity and access management, data protection and privacy, continuous monitoring and contingency planning. According to the Office of the Inspector General, the weaknesses indicate that the agency has yet to fully develop and implement enough measures to safeguard data.

The OIG’s findings are part of a September audit and published in a report on management and performance challenges for fiscal year 2022, FCW reported Monday.

State Department officials maintained in a response included in the review that the agency has taken steps to adhere to regulations and improve its overall cybersecurity posture. They also highlighted efforts to address favoritism in appointments to foreign service promotion boards, including a revamp of the hiring process. A May report by the OIG concluded that employees at the Bureau of Global Talent Management’s performance evaluation office awarded positions to relatives and close associates.

In August 2021, the watchdog noted that the State Department failed to implement recommendations to improve how it allocates funds for information technology systems. A separate OIG report from July of that year highlighted deficiencies in the agency’s financial management and procurement IT systems.