U.S. Environmental Protection Agency
                  Office of Inspector General

                  At  a  Glance
                                                        09-P-0185
                                                     June 30, 2009
                                                            Catalyst for Improving the Environment
Why We Did This Review

The Office of Inspector
General contracted with
Williams, Adley & Company,
LLP, to conduct the annual
audit of the U.S.
Environmental Protection
Agency's (EPA's) compliance
with the Federal Information
Security Management Act
(FISMA).  Williams, Adley &
Company, LLP, conducted the
network vulnerability testing
of the Agency's local area
network located at EPA's
Great Lakes National Program
Office in Chicago, Illinois.
Background
The network vulnerability
testing was conducted to
identify any network risk
vulnerabilities and present the
results to the appropriate
EPA officials to promptly
remediate or document
planned actions to resolve the
vulnerability.
For further information,
contact our Office of
Congressional, Public Affairs
and Management at
(202)566-2391.

Results of Technical Network Vulnerability
Assessment:  EPA's Great Lakes National
Program Office
 What Williams, Adley & Company, LLP, Found
Vulnerability testing conducted in May 2009 of EPA's Great Lakes National
Program Office network identified Internet Protocol addresses with several
high-risk vulnerabilities associated with one device. The Great Lakes National
Program Office took immediate action during field work to remediate the
vulnerability. Williams, Adley & Company, LLP, conducted a subsequent
network scan to confirm that the remedial action resolved the vulnerability.
Therefore, we are closing this audit report upon issuance in our audit tracking
system.


Due to the sensitive nature of the report's technical findings, the full report is not
available to the public.

-------