Ensuring an effective information security program remains a top management challenge for the Consumer Financial Protection Bureau, according to a report released last week by agency’s inspector general.
The report noted that while the bureau continues to grow its information security program, it has not fully implemented processes to detect and prevent unauthorized access to its internal network and disclosure of sensitive information. The CFPB should continue to evaluate additional solutions to centralize and automate its IT security monitoring program, protect sensitive information, establish a secure technology infrastructure and assess third-party contractors for compliance with its IT requirements, OIG said.
The agency watchdog also urged the bureau to ensure that comprehensive policies and procedures are in place and followed for all program areas, address workforce development and retention issues and ensure that it has sufficient workspace to support its activities as its headquarters undergoes renovation.