The Federal Information Security Management Act of 2002 (FISMA) requires each federal agency to develop, document, and implement an agency-wide program to provide information security for the information and information systems that support its operations. FISMA requires agency program officials, chief information officers, and offices of inspector general to conduct annual reviews of the agency’s information security program and report the results to the Office of Management and Budget (OMB). The Office of Inspector General (OIG) evaluation is intended to independently assess whether the agency is applying a risk-based approach to their information security programs and the information systems that support the conduct of agency missions and business functions.  The PBGC OIG contracted with Clifton Gunderson LLP an independent public accounting firm to perform the evaluation.  The PBGC OIG reviewed and submitted required information to OMB on November 18, 2009.  The responses contain sensitive information and will not be posted. The PBGC OIG transmittal to OMB, which does not include sesnsitive information is being posted.