Veterans Affairs has, for the 16th year in a row, failed a cybersecurity audit for Federal Information Security Management Act (FISMA) compliance, a Federal News Radio report reveals.
The full results of the 2014 audit have yet to be published by the VA inspector general, but Stephen Warren, the VA's CIO, disclosed the information to reporters, FNR said. The announcement was made ahead of a Tuesday House Veterans Affairs Committee hearing, where the department's cybersecurity shortfalls will be examined.
News of the failed audit follows concerning findings last year, where the IG uncovered around 6,000 security vulnerabilities in VA's systems and made 35 recommendations to the agency to remediate the issues. VA's IG did add, however, that through department security efforts, the vulnerabilities found in 2013 were diminished 21 percent.