Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.


The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

SSA's Compliance with the Federal Information Security Management Act of 2002 for Fiscal Year 2013

November 27, 2013

The OIG and Grant Thornton assessed the effectiveness of SSA’s information security policies, procedures, and practices on a representative subset of the Agency’s information systems by leveraging work performed as part of the financial statement audit and through performance of additional testing procedures as needed. We determined whether SSA’s overall information security program and practices were effective and consistent with the requirements of the Federal Information Security Management Act (FISMA) and other applicable regulations, standards, and guidance applicable during the audit period.

We determined that SSA had established an overall information security program and practices that were generally consistent with FISMA requirements. However, weaknesses in some of the program’s components limited the overall program’s effectiveness to adequately protect the Agency’s information and information systems. We concluded that these weaknesses constituted a significant deficiency under FISMA. Read the full report

Read the summary report

Looking for U.S. government information and services?