OPM OIG Audit: Information Systems Controls at APWU Health Plan
What Did We Find? Our audit of the IT security controls of APWUHP determined that: APWUHP has established an adequate security management program. However, there is not a policy requiring role-based training for IT security staff. APWUHP has implemented a variety of physical and logical access controls. However, we noted several areas of concern related…