U.S. Environmental Protection Agency Office of Inspector General At a Glance 09-P-0185 June 30, 2009 Catalyst for Improving the Environment Why We Did This Review The Office of Inspector General contracted with Williams, Adley & Company, LLP, to conduct the annual audit of the U.S. Environmental Protection Agency's (EPA's) compliance with the Federal Information Security Management Act (FISMA). Williams, Adley & Company, LLP, conducted the network vulnerability testing of the Agency's local area network located at EPA's Great Lakes National Program Office in Chicago, Illinois. Background The network vulnerability testing was conducted to identify any network risk vulnerabilities and present the results to the appropriate EPA officials to promptly remediate or document planned actions to resolve the vulnerability. For further information, contact our Office of Congressional, Public Affairs and Management at (202)566-2391. Results of Technical Network Vulnerability Assessment: EPA's Great Lakes National Program Office What Williams, Adley & Company, LLP, Found Vulnerability testing conducted in May 2009 of EPA's Great Lakes National Program Office network identified Internet Protocol addresses with several high-risk vulnerabilities associated with one device. The Great Lakes National Program Office took immediate action during field work to remediate the vulnerability. Williams, Adley & Company, LLP, conducted a subsequent network scan to confirm that the remedial action resolved the vulnerability. Therefore, we are closing this audit report upon issuance in our audit tracking system. Due to the sensitive nature of the report's technical findings, the full report is not available to the public. ------- |