NMB Needs to Implement Recommendations for Information Security

cybersecurity chip AI

The National Mediation Board (NMB) has not yet fully implemented several Government Accountability Office (GAO) recommendations including those involving information privacy and information security.

According to a new report, NMB has made steps toward implementing these recommendations, such as developing strategies to reduce its backlog of arbitration cases, but hasn’t developed a plan to complete the work.

The report also found that NMB did not “effectively manage and oversee its appropriations” and lacks internal controls to do so. Additionally, NMB struggles to consistently follow its audit policies.

“NMB officials said the agency needed its full funding to address various agency priorities, such as hiring information technology specialists, but NMB did not use all of its funding for fiscal years 2016 through 2019, leaving a total of more than $4 million unobligated from those years; those funds are not available to NMB for new obligations,” the report said.

GAO has made four recommendations for NMB for it to meet its goals. The four recommendations include:

  1. Document authorizations for NMB’s use of cloud services approved through FedRAMP and submit those authorizations to the FedRAMP Program Management Office.
  2. Update security policies and procedures to include FedRAMP’s authorization requirements.
  3. Develop a written plan to document the process for reviewing and monitoring NMB’s annual appropriation to ensure efficiently used funds.
  4. Establish a process for NMB to monitor and evaluate its adherence to audit protocols and implementation of actions to address audit recommendations.
Jordan Smith
About Jordan Smith
Jordan Smith is a MeriTalk Staff Reporter covering the intersection of government and technology.

Categories

Recent