|
|
||||||||||||||||||
...
Assessment Title | Schedule | Performed By | ||
|---|---|---|---|---|
Authorizing System Assessments | Was triennial, moving to continuous authorization | Office of the CIO/Cyber Security Program/External Assessors | ||
Peer Review | Every 3-5 years, last assessed in June 2010 | Similar institutions | ||
Data Security of Outsourced Applications | Per IAS Audit Plan | LBNL Internal Audit Services | ||
DOE Financial Statement Audit* | LBNL was selected for FY12. Audit conducted in June 2012. | DOE Inspector General using KPMG | ||
DOE Federal Information Security Act (FISMA) Audit* | LBNL was selected for FY12. Audit conducted in June 2012. | DOE Inspector General using KPMG | ||
DOE IT Vulnerability Assessment* | LBNL was selected for FY12. Audit conducted in June 2012. Does not happen every year, at discretion of DOE IG | DOE Inspector General using KPMG | ||
DOE Federal Information Security Act (FISMA) Audit | Does not happen every year, at discretion of DOE IG | Cyber Security Incident Management Program* | LBNL was selected for FY12. Audit conducted in April 2012. | DOE DOE Inspector General |
Berkeley Site Office Oversight Activities* | Varies | BSO | ||
DOE-HSS Oversight Activities* | Varies | DOE-HSS | ||
LBNL Internal Audit Services | Per IAS Audit Plan | LBNL Internal Audit Services | ||
Management Controls and Compliance Program | Completed by 7/1 (At discretion of OCFO, subset of controls related to IT operations) | LBNL CF | ||
Self-Assessment Risk Assessment | Annually by 10/1 | Office of the CIO/Cyber Security Program | ||
UC Self-Assessment | Annually by 10/1 (when required by UC) | Office of the CIO/Cyber Security Program |
*Assessment occurs at the discretion of oversight entity.
