Page 43 - Financial Report 2020
P. 43

PRIVACY	AND	CIVIL	LIBERTIES	OVERSIGHT	BOARD






               Financial	 Management	 –	 The	 Board	 will	 continue	 to	 further	 strengthen	 the	 agency’s
               financial	management	capabilities	in	the	upcoming	fiscal	year,	with	specific	focus	on	the
               following	activities:

                   Ø  Continuing	 to	 undergo	 regular	 external	 and	 internal	 audits,	 using	 any	 findings	 or
                       recommendations	 to	 further	 refine	 internal	 controls	 and	 improve	 accounting
                       practices;
                   Ø  Continuing	 to	 use	 shared	 service	 providers	 to	 execute	 non-mission	 activities	 and
                       periodically	 reviewing	 those	 arrangements	 to	 ensure	 optimal	 performance,
                       responsiveness,	and	value	for	taxpayer	dollars	over	the	long	term;	and
                   Ø  Continuing	 to	 conduct	 agency-wide	 planning	 that	 is	 linked	 and	 responsive	 to	 the
                       budget	process.

               Information	 Technology	 Systems	 and	 Cybersecurity	 -	 In	 FY	 2021,	 the	 Board’s
               information	 technology	 (“IT”)	 staff	 will	 remain	 focused	 on	 strengthening	 the	 agency’s
               cybersecurity	posture	while	implementing	tools	and	strategies	to	respond	to	the	COVID-19
               pandemic	 work	 environment.	 In	 addition,	 the	 Board	 will	 continue	 to	 leverage	 shared-
               service	providers	and	contractor	support	to	enhance	its	boundary	protection.

               For	 FY	 2021	 and	 leading	 into	 FY	 2022,	 the	 Board	 will	 continue	 to	 focus	 its	 efforts	 on
               complying	with	federal	standards	and	OMB’s	Cross-Agency	Priority	Goals	for	cybersecurity.
               These	goals	include	managing	asset	security,	protecting	networks	and	data,	and	limiting
               personnel	access.	The	Board’s	IT	staff	will	implement,	maintain,	and	document	technical
               controls	to	comply	with	FISMA	requirements.

               Protecting	Classified	and	Sensitive	Information	–	The	Board	will	remain	focused	on	the
               protection	 of	 classified	 information	 to	 achieve	 the	 highest	 standards	 of	 security	 for	 the
               Board’s	cleared	personnel,	physical	space,	and	classified	systems.	This	includes	continuing
               the	implementation	of	its	Trusted	Access	Program	and	Controlled	Unclassified	Information
               policy	to	maintain	the	agency’s	robust	self-inspection	program,	which	ensures	appropriate
               derivative	classification.
               The	Board	plans	to	further	strengthen	its	cybersecurity	by:

                   Ø  Leveraging	 the	 Board’s	 recently	 concluded	 FISMA	 audit	 to	 further	 refine
                       cybersecurity	 practices,	 policies,	 and	 documentation,	 and	 conduct	 annual	 FISMA
                       audits	in	FY	2021	and	beyond;

                   Ø  Continuing	 to	 implement	 the	 Cybersecurity	 Cross-Agency	 Priorities,	 including
                       continuous	monitoring,	anti-phishing	defenses,	and	malware	defenses;

                   Ø  Training	 staff	 on	 cybersecurity,	 counterintelligence,	 and	 physical	 security	 threats;
                       and
                   Ø  Ensuring	compliance	with	supply	chain	risk	management	to	sustain	the	protection
                       of	systems.




                                                                    FY	2020	AGENCY	FINANCIAL	REPORT           34
   38   39   40   41   42   43   44   45   46   47   48