Changeflow GovPing Consumer Protection Civil Rights Division Information Security Mana...
Routine Notice Added Final

Civil Rights Division Information Security Management Program Audit (FISMA)

Favicon for oig.justice.gov DOJ Inspector General Reports
Published April 1st, 2026
Detected April 2nd, 2026
Email

Summary

The DOJ Office of Inspector General issued Audit Report 26-044 examining the Civil Rights Division's information security management program under the Federal Information Security Modernization Act of 2014 (FISMA) for Fiscal Year 2025. The audit identified 4 recommendations for improvement. This is a routine compliance assessment of a federal government component's IT security posture, not an enforcement action.

View original document View source feed page

What changed

The DOJ OIG conducted a FISMA audit of the Civil Rights Division's information security management program for FY 2025, resulting in Report 26-044. The audit assessed the Division's compliance with federal information security requirements and produced 4 audit recommendations aimed at strengthening the program.\n\nFederal agencies and components subject to FISMA should review the audit findings and recommendations for applicability to their own information security programs. While this specific audit applies to the Civil Rights Division, the identified control deficiencies and recommended improvements may reflect broader FISMA compliance trends affecting government agencies. Compliance officers at federal entities should use this report to benchmark their own FISMA implementation and address any similar control gaps in their information security management programs.

What to do next

  1. Review DOJ OIG Report 26-044 for FISMA compliance benchmarking
  2. Assess whether similar control deficiencies identified in the Civil Rights Division audit apply to your agency's program
  3. Update information security policies and controls based on identified FISMA best practices

Source document (simplified)

  1. Home
  2. Reports

Audit of the Civil Rights Division’s Information Security Management Program Pursuant to the Federal Information Security Modernization Act of 2014, Fiscal Year 2025

Read Report
Posted Date

April 1, 2026

Report Number 26-044 Component Other Component Report Type Audit Number of Recommendations 4

Named provisions

Audit of the Civil Rights Division's Information Security Management Program Pursuant to FISMA 2014

Related changes

Favicon for oig.justice.gov Civil Rights Division Security Controls Audit and CRT-JCON System
Routine Apr 02, 2026 DOJ Inspector General Reports Consumer Protection
Favicon for oig.justice.gov FBI Security Controls Audit - FISMA 2025
Routine Apr 01, 2026 DOJ Inspector General Reports Consumer Protection
Favicon for oig.justice.gov FBI Information Security Management Program Audit
Routine Apr 01, 2026 DOJ Inspector General Reports Consumer Protection
Favicon for changeflow.com Cryptographic ownership vouchers for endpoint device onboarding
Routine Apr 02, 2026 ChangeBridge: Patent Apps - Networking (H04L) Telecom & Technology
Favicon for www.cisa.gov Chrome Dawn Use-After-Free Remote Code Execution Vulnerability
Urgent Apr 02, 2026 CISA Known Exploited Vulnerabilities (KEV) Data Privacy & Cybersecurity
Favicon for www.csa.gov.sg Zero-Day Chrome Vulnerability - Immediate Update Required
Urgent Apr 02, 2026 CSA Alerts & Advisories (Singapore) Data Privacy & Cybersecurity

Source

Favicon for oig.justice.gov
DOJ Inspector General Reports oig.justice.gov/reports
Consumer Protection
Analysis generated by AI. Source diff and links are from the original.

Classification

Agency
DOJ OIG
Published
April 1st, 2026
Instrument
Notice
Legal weight
Non-binding
Stage
Final
Change scope
Minor
Document ID
Report No. 26-044

Who this affects

Applies to
Government agencies
Industry sector
9211 Government & Public Administration
Activity scope
IT Security Governance Information Security Management
Threshold
Federal agencies subject to FISMA requirements
Geographic scope
United States US

Taxonomy

Primary area
Cybersecurity
Operational domain
Compliance, IT Security
Compliance frameworks
NIST CSF NIST 800-53
Topics
Data Privacy Government Contracting Defense & National Security

Browse Categories

Agriculture & Food Safety 63 AI Regulation 3 Banking & Finance 266 Consumer & Competition 1 Consumer Protection 44 Courts & Legal 358 Data Privacy & Cybersecurity 74 Defense & National Security 52 Education 20 Energy 107 Environment 85 Government & Legislation 274 Healthcare 135 Housing 16 Immigration 9 Insurance 58 Labor & Employment 113 Legal & Courts 1 medical-board 1 Pharma & Drug Safety 103 Securities & Markets 104 Tax 65 Tax & Revenue 1 Telecom & Technology 47 Trade & Sanctions 124 Transportation 57

Get Consumer Protection alerts

Weekly digest. AI-summarized, no noise.

Free. Unsubscribe anytime.

Get alerts for this source

We'll email you when DOJ Inspector General Reports publishes new changes.

Optional. Personalizes your daily digest.

Free. Unsubscribe anytime.