U.S. Environmental Protection Agency Office of Inspector General At a Glance 09-P-0053 December 9, 2008 Catalyst for Improving the Environment Why We Did This Review The Office of Inspector General contracted with Williams, Adley & Company, LLP, to conduct the annual audit of the U.S. Environmental Protection Agency's (EPA's) compliance with the Federal Information Security Management Act (FISMA). Williams, Adley & Company, LLP, conducted the network vulnerability testing of the Agency's local area network located at EPA's Radiation and Indoor Environments National Laboratory in Las Vegas, Nevada. Results of Technical Network Vulnerability Assessment: EPA's Radiation and Indoor Environments National Laboratory What Williams, Adley & Company, LLP, Found Vulnerability testing of EPA's Radiation and Indoor Environments National Laboratory (R&IEN) network identified Internet Protocol addresses with medium-risk vulnerabilities. The R&IEN Laboratory has taken appropriate actions to resolve the network vulnerabilities under their control. Therefore, we are closing this audit report upon issuance in our audit tracking system. However, we made recommendations in a separate audit report to the Director of the National Computer Center to resolve the open vulnerabilities for information technology assets under their control. Due to the sensitive nature of this early warning report's technical findings, the full report is not available to the public. Background The network vulnerability testing was conducted to identify any network risk vulnerabilities and present the results to the appropriate EPA officials to promptly remediate or document planned actions to resolve the vulnerability. pic vu For further information, contact our Office of Congressional, Public Affairs, and Management at (202)566-2391. ------- |