PBGC Needs to Strengthen Oversight Controls Between CORs and Other Technical Personnel
PBGC Needs to Strengthen Oversight Controls Between CORs and Other Technical Personnel
Ensure CORs formally appoint technical monitors for overseeing the contractors and include in the appointment letter a detailed description of the monitoring responsibilities.
Ensure CORs formally appoint technical monitors for overseeing the contractors and include in the appointment letter a detailed description of the monitoring responsibilities.
For IPT procurements including the Agile method, ensure IPT team members who participate in contractor oversight receive appropriate training on their roles and responsibilities.
For IPT procurements including the Agile method, ensure IPT team members who participate in contractor oversight receive appropriate training on their roles and responsibilities.
Develop IPT processes and procedures for overseeing contractors to include integration of key roles into the procurement oversight process according to the Quality Assurance Surveillance Plan standards.
Develop IPT processes and procedures for overseeing contractors to include integration of key roles into the procurement oversight process according to the Quality Assurance Surveillance Plan standards.
Internal Controls Must Be Strengthened to Promote Procurement Integrity
Internal Controls Must Be Strengthened to Promote Procurement Integrity
Develop and implement a mechanism in an electronic system to ensure that contract actions that require legal reviews according to PBGC policy receive these reviews and that disagreements with legal sufficiency comments are communicated to OGC.
Develop and implement a mechanism in an electronic system to ensure that contract actions that require legal reviews according to PBGC policy receive these reviews and that disagreements with legal sufficiency comments are communicated to OGC.
Pension Benefit Guaranty Corporation FY 2023 Federal Information Security Modernization Act of 2014 Report
Pension Benefit Guaranty Corporation FY 2023 Federal Information Security Modernization Act of 2014 Report
Software that is no longer supported or receiving regular security updates from the vendor should be upgraded to supported versions with relevant security patches.
Software that is no longer supported or receiving regular security updates from the vendor should be upgraded to supported versions with relevant security patches.
Fiscal Year 2020 Financial Statement Audit Management Letter Report
Fiscal Year 2020 Financial Statement Audit Management Letter Report
Conduct experience study over for theSpouse age difference for seriatim andphase out liability for unlocatable missingparticipant assumptions.
Conduct experience study over for theSpouse age difference for seriatim andphase out liability for unlocatable missingparticipant assumptions.
Fiscal Year 2025 Financial Statement Audit Management Letter Report
Fiscal Year 2025 Financial Statement Audit Management Letter Report
Due to the sensitive nature of the findings and recommendations in this report, its disclosure has been restricted.
Due to the sensitive nature of the findings and recommendations in this report, its disclosure has been restricted.
Due to the sensitive nature of the findings and recommendations in this report, its disclosure has been restricted.
Due to the sensitive nature of the findings and recommendations in this report, its disclosure has been restricted.
Fiscal Year 2025 Pension Benefit Guaranty Corporation Federal Information Security Modernization Act of 2014 (FISMA) Independent Performance Audit
Fiscal Year 2025 Pension Benefit Guaranty Corporation Federal Information Security Modernization Act of 2014 (FISMA) Independent Performance Audit
We recommend PBGC management to coordinate with its CSP to update its service agreement and shared responsibility matrix to address ambiguities regarding accountable parties for key controls and develop and implement a contingency plan for the system.
We recommend PBGC management to coordinate with its CSP to update its service agreement and shared responsibility matrix to address ambiguities regarding accountable parties for key controls and develop and implement a contingency plan for the system.
Periodically monitor the satisfaction of the system risk assessment and POA&M creation requirements to help ensure ongoing compliance associated with the timely completion of and updates to system risk assessments and documentation and tracking of…
Periodically monitor the satisfaction of the system risk assessment and POA&M creation requirements to help ensure ongoing compliance associated with the timely completion of and updates to system risk assessments and documentation and tracking of…