The Small Business Administration (SBA) has made solid headway in addressing most of its 10 major management and performance challenges, but took a step backward on information technology security, its inspector general reported.
SBA also falls short in verifying data and toughening enforcement to curb the number of large companies that improperly win contracts intended for small businesses, according to a report and score card released Oct. 15.
Noting that recent governmentwide security breaches have “heightened the importance of continuously monitoring networks and software applications,” the IG and an external auditor identified IT security “weaknesses when on-boarding and separating SBA personnel,” the report said. The agency lost ground over the past year in implementing such recommendations as reporting IT security weaknesses, segregating duty controls and assuring that “access controls are in place and operating effectively, and contractors are not granted system access until they have obtained the required background investigations and/or security clearances.”
On the SBA-led governmentwide effort to award 23 percent of all prime contracts to qualified small businesses, the score card provides ammunition to outside critics who argue that too many large firms are siphoning off contract set-asides.
Keep reading this article at: http://www.govexec.com/oversight/2015/10/sba-watchdog-warns-it-security-risks-poor-data-contracting-goals/122919
