Fiscal Year (FY) 2015 Vulnerability Assessment and Penetration Testing

During the financial statement audit, we assessed the PBGC information security infrastructure for technical weaknesses in PBGC’s computer systems that may allow employees or outsiders to cause harm to, and/or impact, PBGC’s business processes and information. Critical and High severity vulnerabilities increased from prior years. Moreover, the agency must better prepare for end‐of‐service‐life transition. This report includes six recommendations. This work was conducted by CliftonLarsonAllen LLP under contract with the OIG.The Office of Inspector General has determined that this report is for official use only. The report detailing the vulnerability assessment has been redacted in its entirety because it contains privileged and confidential information.