Audit of USAID/West Bank and Gaza's Partner Vetting and Geo-Management Information Systems (Executive Summary)
Sign inINSPECTOR GENERAL’S OFFICE
The audit of USAID/West Bank and Gaza's Partner Vetting and Geo-Management Information Systems was conducted by the Regional Inspector General/Cairo as part of the fiscal year 2013 audit plan.
2014 · 3 pages

Abstract
The objective of the audit was to determine whether USAID/West Bank and Gaza implemented minimum security controls to protect the confidentiality, integrity, and availability of three critical information systems: the Partner Vetting System, Partner Vetting System Nongovernmental Organization Portal, and Geo-Management Information System. The audit found that USAID/West Bank and Gaza has implemented some security controls for all three systems, but weaknesses were identified in other security control areas that require improvement. The audit results led to 37 recommendations to help USAID/West Bank and Gaza and USAID/Office of Security strengthen their information security program. Management decisions were made on all 37 recommendations, and final action was taken on 7 of them. The Federal Information Security Management Act of 2002 (FISMA) requires agencies to implement an agency-wide information security program to protect their information and information systems. In response to FISMA requirements, the National Institute for Standards and Technology (NIST) developed Federal Information Processing Standards (FIPS) 200 and FIPS 199 to ensure compliance with FISMA. NIST also established guidelines in its Special Publication 800-53 for selecting and specifying security controls for organizations and information systems. The audit was conducted in accordance with the NIST requirements, and the results indicate that USAID/West Bank and Gaza has made progress in implementing security controls for the three critical information systems. However, further improvements are needed to ensure the confidentiality, integrity, and availability of these systems. The audit's findings and recommendations are intended to help USAID/West Bank and Gaza strengthen its information security program and ensure compliance with FISMA requirements. The audit's recommendations are focused on improving security controls for the Partner Vetting System, Partner Vetting System Nongovernmental Organization Portal, and Geo-Management Information System. The recommendations aim to address weaknesses in areas such as access controls, incident response, and security awareness training. By implementing these recommendations, USAID/West Bank and Gaza can enhance the security of its information systems and ensure the confidentiality, integrity, and availability of its critical data.
Connected topics
Classification
2021USAID DEC