The General Services Administration needs to bolster its efforts to protect against insider threats from current and recently separated employees, a watchdog reported recently.
The GSA inspector general reviewed the agency’s processes to thwart harmful actions from “trusted insiders” to its personnel, facilities, operations and resources. GSA has about 12,000 employees throughout its central office, Federal Acquisition Service, Public Buildings Service, Office of Governmentwide Policy, 11 national staff offices, 11 regional offices and two independent offices. An October 2011 executive order and subsequent policy from November 2012 laid out requirements for agencies’ insider threat programs. In 2014, GSA established its own program (a two-person team that reports to the senior designated official who is the associate administrator of GSA’s Office of Mission Assurance) and in 2017 the National Insider Threat Task Force certified it met the minimum standards. However, the inspector general found some areas of concern since then.
“We found that GSA’s [insider threat program] does not consistently collaborate with other GSA staff offices to gather key threat information proactively and does not communicate insider threat risks and program challenges to the GSA administrator as required,” said the report. “Instead, the [program] senior designated official has taken a reactive approach that leaves GSA susceptible to insider threats.”
Another issue was that after the National Insider Threat Task Force deemed GSA’s insider threat program was at full operational capacity in November 2017, GSA’s insider threat working group disbanded because staff thought it was no longer needed. The group had members from the Office of Human Resources Management, Office of GSA IT, Office of the Chief Financial Officer and Office of Mission Assurance.
Keep reading this article at: https://www.govexec.com/oversight/2021/02/watchdog-says-gsas-insider-threats-program-needs-improvement/172147/