Presentation is loading. Please wait.

Presentation is loading. Please wait.

UI INTEGRITY PROFESSIONAL DEVELOPMENT CONFERENCE Contingency Plans A Federal Perspective.

Published byChristian Mosley Modified over 8 years ago

Similar presentations

Presentation on theme: "UI INTEGRITY PROFESSIONAL DEVELOPMENT CONFERENCE Contingency Plans A Federal Perspective."— Presentation transcript:

1 UI INTEGRITY PROFESSIONAL DEVELOPMENT CONFERENCE Contingency Plans A Federal Perspective

2 Contingency Plans A Federal Perspective Paul Bankes IT Specialist U.S. Department of Labor bankes.paul@dol.gov

3 Contingency Plans A Federal Perspective  Synopsis  History Lesson  DOL OIG Report Risk vs Maturity Table Request for Annual Update – status.  State Quality Service Plan Appendix IV Assurance Signature Page  UIPL 19-10 Supplemental Budget Request.

4  Pre-Y2K  Automation Grants ($20M)  Supplemental Budget Requests ($3+M) Contingency Plans A Federal Perspective  2000 - Government Information Security Reform Act (GISRA), Public Law 106-398  2002 - Federal Information Security Management Act (FISMA), 44 U.S.C. § 3541 22002 – OIG IT Security Audit UI Program Funding

5 Contingency Plans A Federal Perspective  IT / IS SBRs  SBRs (2004 – 2005) 2004 – IT $5,553,448 (72) 2005 s – IT $11,385,494; IS $738,392 (106) Total: $17,677,334  OIG Audits (2003 – 2004)

6 Contingency Plans A Federal Perspective

7  2008: OIG Report (23-08-004-03-315) on SWA IT Contingency Plans  FINDING: While ETA required state workforce agencies (SWAs) to develop and implement IT contingency plans as a condition of their grant agreements, it did not verify that the plans were developed or tested.  Enact a monitoring and review process to verify SWAs develop and test IT Contingency Plans necessary to sustain the UI program; and identify and address any weaknesses found in IT contingency plans.

8 Contingency Plans A Federal Perspective  Grant Agreement?  State Quality Service Plan  Assurance signature for Disaster Recovery Plan

9 Contingency Plans A Federal Perspective  2009: OIG Report (23-09-002-03-315) on SWA IT Contingency Plans  FINDING: ETA did not ensure SWAs’ UI Tax and Benefit Systems’ IT Contingency Plans were reliable.  Conduct annual verification of SWAs’ IT contingency plans for existence and reliability using risk-based approaches that consider the SWAs’ contingency planning maturity and likelihood of disasters.

10 Contingency Plans A Federal Perspective  NIST SP 800-34; “Contingency Planning Guide for Information Technology Systems”; http://csrc.nist.gov/publications/nistpubs/800-34/sp800-34.pdf http://csrc.nist.gov/publications/nistpubs/800-34/sp800-34.pdf  IT Security CD and Manager’s Paper  Supplied by USDOL.

11 Contingency Plans A Federal Perspective  OIG Report (NIST 1 CP Data Elements) 1 National Institute of Standards and Technology

12 Contingency Plans A Federal Perspective  NIST SP 800-34; “Contingency Planning Guide for Information Technology Systems”; http://csrc.nist.gov/publications/nistpubs/800-34/sp800-34.pdf http://csrc.nist.gov/publications/nistpubs/800-34/sp800-34.pdf  CD – supplied by USDOL.  State Quality Service Plan (SQSP)  2009 Changes (Appendix IV)  2009 IT Security SBR  IT CP added

13 Contingency Plans A Federal Perspective 1 st 2 nd SBR High Risk Low Risk High MaturityLow Maturity

14 Contingency Plans A Federal Perspective  State Quality Service Plan (SQSP)  (APPENDIX IV) – “INFORMATION TECHNOLOGY SECURITY GUIDELINES” IT Contingency Plan, System Security Plan, and Risk Assessment Templates (NIST Guidance)

15 Contingency Plans A Federal Perspective  State Quality Service Plan (2011)  By signing the SQSP Signature Page, a state certifies that it will comply with the assurance listed in ET Handbook 336, 18th Edition, Change 2, and that the state will institute plans or measures to comply with the requirements.

16 Contingency Plans A Federal Perspective  UIPL 19-10  Unemployment Insurance (UI) Fiscal Year (FY) 2010 Supplemental Funding Opportunities to Improve UI Information Technology (IT) Contingency Plans and UI IT Security  $150,000 (CP and IV&V)  Due May 14, 2010

17 Contingency Plans A Federal Perspective  UI IT Contingency Plan  SWAs must address all the missing key elements in their UI IT Contingency Plan as reported by the OIG  SWAs must utilize the guidelines provided in NIST SP 800-34 to develop the UI IT Contingency Plan;  The UI IT Contingency Plan IV&V must use the guidelines provided in the NIST SP 800-34 to evaluate and certify the UI IT Contingency Plan; and  SWAs must submit a copy of the IV&V certification report to their respective RO upon completion.

18 Contingency Plans A Federal Perspective  IT / IS / CP SBRs  SBRs (2004 – 2009) 2004 – IT $5,553,448 (72) 2005 s – IT $11,385,494; IS $738,392 (106) 2006 s – IT $8,797,185 (112) 2007 – IT $6,008,840 (79) 2009 – IT/CP $9,378,904 (96) Total: $41,862,263 (465) Florida IT Dir. paraphrase  “The SBR process has built a security fortress for UI in the State of Florida”

19 Contingency Plans A Federal Perspective  “Preventing, detecting and recovering overpayments are top priorities for Unemployment Insurance (UI) Program administrators”

20 Contingency Plans A Federal Perspective  The year 2010 marks the 75th Anniversary of the UI Program.  UI has advanced 1935 “Paper and pencil” 2010 “High Speed Automation”  If your current UI system suffers a catastrophic failure; is your response: 1935 or 2010 or 1934?

Download ppt "UI INTEGRITY PROFESSIONAL DEVELOPMENT CONFERENCE Contingency Plans A Federal Perspective."

Similar presentations

FY 2014 EMPG Local Awards Administered by the Office of Homeland Security (OHS).

FY 2014 EMPG Local Awards Administered by the Office of Homeland Security (OHS).
1 NIST, FIPS, and you... Bob Grill Medi-Cal ISO July 16, 2009.

1 NIST, FIPS, and you... Bob Grill Medi-Cal ISO July 16, 2009.
IT Security Law for Federal Agencies As of: 30 December 2002.

IT Security Law for Federal Agencies As of: 30 December 2002.
Federal Risk and Authorization Management Program (FedRAMP) Lisa Carnahan, Computer Scientist National Institute of Standards & Technology Standards Coordination.

Federal Risk and Authorization Management Program (FedRAMP) Lisa Carnahan, Computer Scientist National Institute of Standards & Technology Standards Coordination.
1  AGA-DC and GWSPCA 6 th ANNUAL CONFERENCE OMB Circular A-123, Appendix A Internal Control Over Financial Reporting Innovative Approaches Jerome A. Vaiana.

1  AGA-DC and GWSPCA 6 th ANNUAL CONFERENCE OMB Circular A-123, Appendix A Internal Control Over Financial Reporting Innovative Approaches Jerome A. Vaiana.
Enterprise Continuous Monitoring Program Training Date.

Enterprise Continuous Monitoring Program Training Date.
Internal Controls Protect resources against waste and fraud Ensure accuracy and reliability Secure compliance Evaluate the level of performance in all.

Internal Controls Protect resources against waste and fraud Ensure accuracy and reliability Secure compliance Evaluate the level of performance in all.
Georgia Department of Labor IDENTITY THEFT Presenter: Racquel Robinson.

Georgia Department of Labor IDENTITY THEFT Presenter: Racquel Robinson.
Eta EMPLOYMENT AND TRAINING ADMINISTRATION UNITED STATES DEPARTMENT OF LABOR ETA FY 2006 Budget Request ETA FY 2006 Budget Request February 7, 2005 Jobs.

Eta EMPLOYMENT AND TRAINING ADMINISTRATION UNITED STATES DEPARTMENT OF LABOR ETA FY 2006 Budget Request ETA FY 2006 Budget Request February 7, 2005 Jobs.
Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.

Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.
Office of Inspector General (OIG) Internal Audit

Office of Inspector General (OIG) Internal Audit
Information Technology Audit Process Business Practices Seminar Paul Toffenetti, CISA Internal Audit 29 February 2008.

Information Technology Audit Process Business Practices Seminar Paul Toffenetti, CISA Internal Audit 29 February 2008.
Bureau of Rehabilitation Services (BRS) Department of Rehabilitation Services (DORS) Understanding the State Plan for Vocational Rehabilitation and Supported.

Bureau of Rehabilitation Services (BRS) Department of Rehabilitation Services (DORS) Understanding the State Plan for Vocational Rehabilitation and Supported.
Complying With The Federal Information Security Act (FISMA)

Complying With The Federal Information Security Act (FISMA)
USDA Update: Shaping the Future of CACFP Tina Fritz Namian USDA, FNS.

USDA Update: Shaping the Future of CACFP Tina Fritz Namian USDA, FNS.
What’s Up With WOTC? Guest: Bret Anderson Hosted by: Vaune Shelbourn.

What’s Up With WOTC? Guest: Bret Anderson Hosted by: Vaune Shelbourn.
Challenges Faced in Developing Audit Plans and Programs 21 st March, 2013.

Challenges Faced in Developing Audit Plans and Programs 21 st March, 2013.
CT Department of Labor UI Revitalization Program IT Capital Investment Request 06/10/2015.

CT Department of Labor UI Revitalization Program IT Capital Investment Request 06/10/2015.
1 Presented By: Dr. Jacob BenusDr. Wayne Vroman Project DirectorPrincipal Investigator July 11-13, 2005 The Reemployment Eligibility Assessment (REA) Study.

1 Presented By: Dr. Jacob BenusDr. Wayne Vroman Project DirectorPrincipal Investigator July 11-13, 2005 The Reemployment Eligibility Assessment (REA) Study.
PREPARING FOR SUPPLEMENTAL MONITORING PERKINS COMPLIANCE Monieca West ADHE Federal Program Manager October 19, 2012.

PREPARING FOR SUPPLEMENTAL MONITORING PERKINS COMPLIANCE Monieca West ADHE Federal Program Manager October 19, 2012.

Similar presentations

Ads by Google