Documents/MSPB/3: Organizational Excellence/3.2: IT/Indicator:4

Indicator: 3.2.d

[Qualitative::Output]

Measurements in/of Compliance - Comply with information management regulatory requirements.

Relationships:

Type Actual Actual Actual Actual Target Actual Target
StartDate 2005-10-01 2006-10-01 2007-10-01 2008-10-01 2009-10-01 2009-10-01 2010-10-01
EndDate 2006-09-30 2007-09-30 2008-09-30 2009-09-30 2010-09-30 2010-09-30 2011-09-30
Units
Description Comply with information management regulatory requirements. Federal Information Security Management Act (FISMA) compliance was reviewed by an outside contractor and the final FISMA report was submitted to OMB; 100% of MSPB employees completed annual security awareness training; remained in full compliance with FISMA, HSPD-12, and IPv6 (Internet Protocol Version 6). Complied with FISMA including 100% of MSPB employees completing security awareness training, completion of FISMA security audit, and submission of annual FISMA report. Complied with requirements for e-Gov Act, IPv6, TIC (Trusted Internet Connections), Networx, and FDCC (Federal Desktop Core Configuration). Began tracking FISMA Plan of Action and Milestones tasks on a weekly basis and continued to work with auditors on the FISMA report as the deadline was postponed by OMB due to new reporting requirements. To minimize vulnerabilities from further virus attacks, servers were established at Headquarters, the regions, and field offices to download and apply Microsoft patches, all PCs and servers were upgraded to the Symantec latest antivirus client version, and servers were programmed to push virus definition files to all PCs and servers on a daily basis. Potential disaster recovery sites were visited and we obtained a commitment from one site to host MSPB servers. Other activities included the Networx transition and its associated statement of work, TIC (Trusted Internet Connections), and DNSSEC (Domain Name Service Security). Comply with information management regulatory requirements. We continued to comply with IT regulatory requirements including FISMA, and information security awareness training. We are voluntarily complying with the Open Government Directive as we focus on improving transparency. Conformed with all information regulatory requirements including the Open Government Directive, posting data sets on data.gov, transitioning to Networx, responded to Data Center Consolidation Initiative, performed 508-comliance testing, submitted all FISMA reports on time through CyberScope, completed 19 of 26 POAMs (plan of action milestones) tasks. Completed projects to strengthen or improve firewall protection, virus scanning and protection, data security and availability, and increase the number of secure, remote connections to the network. All MSPB employees completed Annual Information Security Awareness training. Comply with information management regulatory requirements.

Content