Memorandum U S Department of Transportation Office of the Secretary of Transportation Office of Inspector General Subject From INFORMATION Audit Announcement – Effectiveness of DOT’s Cyber Security Incident Handling and Response Department of Transportation Project No 15F3001F000 Louis C King Assistant Inspector General for Financial and Information Technology Audits Date Reply to Attn of January 22 2015 JA-20 To DOT Chief Information Officer Federal Aviation Administration Chief Information Officer Computer security incidents range from computer viruses to attempted intrusions into networks Incidents can result in system malfunctions and the loss theft or alteration of agency data including personally identifiable information In fiscal year 2014 the Department of Transportation reported over 2 200 cybersecurity incidents Due to the risks posed by this high volume of incidents we are initiating an audit of DOT’s computer security incident response program This audit will also support our annual Federal Information Security Management Act audit Our audit objectives are to determine if DOT has 1 effective cyber security monitoring in place for its networks and information systems 2 an effective process to detect cyber incidents affecting agency systems and 3 established management practices that reasonably contain eradicate and report those cyber incidents We plan to start this audit in January and will conduct it at DOT’s Headquarters in Washington DC the Cyber Security Management Center and other locations We will contact your audit liaison to schedule an entrance conference If you have any questions or need additional information please contact me at 202-366-1407 or Nathan Custer Program Director at 202 366-5540 # cc DOT Audit Liaison M-1 FAA Audit Liaison AAE-001