Changeflow GovPing Consumer Protection OJP Information Security Management Program Aud...
Routine Guidance Added Final

OJP Information Security Management Program Audit - FISMA FY2025

Favicon for oig.justice.gov DOJ Inspector General Reports
Published March 31st, 2026
Detected April 1st, 2026
Email

Summary

The DOJ Office of Inspector General released Report 26-042, an audit of the Office of Justice Programs' (OJP) Information Security Management Program under the Federal Information Security Modernization Act (FISMA) for Fiscal Year 2025. The audit assessed OJP's compliance with federal information security requirements, evaluating risk management, security controls, and incident response capabilities. The report identifies deficiencies in OJP's information security program and provides recommendations for corrective action.

View original document View source feed page

What changed

The DOJ OIG conducted an audit of the Office of Justice Programs' information security management program pursuant to the Federal Information Security Modernization Act of 2014. The audit evaluated OJP's implementation of security controls, risk management frameworks, continuous monitoring, and incident detection and response capabilities. Report Number 26-042 documents findings across multiple FISMA metric areas including risk management strategy, supply chain risk management, and contingency planning.

OJP management is expected to develop and implement corrective action plans addressing the identified deficiencies. While OIG audit recommendations are not legally binding, agencies are expected to either remediate the findings or provide explanations for any disagreements. The audit serves as a compliance assessment for federal information security requirements and may inform future budget and oversight decisions regarding OJP's cybersecurity posture.

What to do next

  1. Review OJP information security findings and assess applicability to own agency
  2. Update security controls to address any similar deficiencies identified in the audit
  3. Incorporate FISMA audit findings into annual security assessment processes

Source document (simplified)

  1. Home
  2. Reports

Audit of the Office of Justice Programs’ Information Security Management Program Pursuant to the Federal Information Security Modernization Act of 2014, Fiscal Year 2025

Read Report
Posted Date

March 31, 2026

Report Number 26-042 Component Office of Justice Programs Report Type Audit

Named provisions

Risk Management Security Control Assessment Continuous Monitoring Incident Response Configuration Management Identity and Access Management Supply Chain Risk Management

Related changes

Favicon for oig.justice.gov FBI Security Controls Audit - FISMA 2025
Routine Apr 01, 2026 DOJ Inspector General Reports Consumer Protection
Favicon for oig.justice.gov FBI Security Controls Audit - Huntsville MDF and Pocatello Data Center
Routine Apr 01, 2026 DOJ Inspector General Reports Consumer Protection
Favicon for oig.justice.gov FBI Information Security Management Program Audit
Routine Apr 01, 2026 DOJ Inspector General Reports Consumer Protection
Favicon for changeflow.com Detecting Anomalous Network Activity - Patent EP4078417A1
Routine Apr 01, 2026 ChangeBridge: EPO Bulletin - AI & Computing (G06N) Telecom & Technology
Favicon for www.bnm.gov.my Administrative Monetary Penalty on BKRM for Cybersecurity and Customer Information Breaches
Priority review Apr 01, 2026 BNM Malaysia Banking & Finance
Favicon for www.ncsc.gov.uk NCSC Warns of Russia Actors Targeting Messaging Apps
Priority review Apr 01, 2026 UK NCSC Alerts & Advisories Data Privacy & Cybersecurity

Source

Favicon for oig.justice.gov
DOJ Inspector General Reports oig.justice.gov/reports
Consumer Protection
Analysis generated by AI. Source diff and links are from the original.

Classification

Agency
DOJ OIG
Published
March 31st, 2026
Instrument
Guidance
Legal weight
Non-binding
Stage
Final
Change scope
Minor
Document ID
Report No. 26-042
Supersedes
OJP Information Security Audit FY2024

Who this affects

Applies to
Government agencies
Industry sector
9211 Government & Public Administration
Activity scope
Federal Information Security Management IT Security Auditing Government Compliance Reporting
Geographic scope
United States US

Taxonomy

Primary area
Cybersecurity
Operational domain
Compliance
Compliance frameworks
FISMA NIST CSF NIST 800-53
Topics
Federal Information Security Government Accountability

Browse Categories

Agriculture & Food Safety 63 AI Regulation 3 Banking & Finance 266 Consumer & Competition 1 Consumer Protection 44 Courts & Legal 360 Data Privacy & Cybersecurity 74 Defense & National Security 52 Education 20 Energy 107 Environment 85 Government & Legislation 326 Healthcare 136 Housing 16 Immigration 9 Insurance 58 Labor & Employment 113 Legal & Courts 1 Pharma & Drug Safety 103 Securities & Markets 104 Tax 65 Tax & Revenue 1 Telecom & Technology 47 Trade & Sanctions 124 Transportation 57

Get Consumer Protection alerts

Weekly digest. AI-summarized, no noise.

Free. Unsubscribe anytime.

Get alerts for this source

We'll email you when DOJ Inspector General Reports publishes new changes.

Optional. Personalizes your daily digest.

Free. Unsubscribe anytime.