OIG Questions CFPB on Data Security, Major Management Challenges

On Tuesday, October 4, 2016, the American Banker reported on a memo sent by the Office of the Inspector General (OIG) to the CFPB about the Bureau’s 2016 “Major Management Challenges,” which, according to the memo, included:

 

  1. Ensuring an effective information security program
  2. Ensuring comprehensive policies and procedures are in place and followed
  3. Maturing the human capital program
  4. Managing and acquiring sufficient workspace to support CFPB activities

 

The OIG made the following statement concerning discovery of the CFPB’s information security program: “The CFPB collects and stores sensitive information, including confidential supervisory information and personally identifiable information, to support many of its mission-critical activities…The CFPB, however, has not fully implemented processes within its internal network that would enable the agency to detect and better protect against unauthorized access to and disclosure of its sensitive information and help lower the risk of insider threats.”