WASHINGTON (11/29/10)--While the National Credit Union Administration (NCUA) has recently made a significant increase to its 2011 budget to cover increased credit union examinations, its own Office of Inspector General has recommended that the NCUA fix some of its own internal practices by improving its security configuration program. The OIG also recommended that the NCUA improve its contingency planning program for its Federal Information Security Management Act (FISMA) systems in its review of the NCUA’s information systems, security program and controls for compliance with FISMA. The NCUA should also enhance its procedures for ensuring that terminated and inactive user accounts are removed from its systems and implement continuing education requirements for its information technology (IT) employees, the OIG added. The OIG also listed more specific IT-related recommendations for the NCUA, including enhancing the NCUA’s security control assessments, improving its oversight of external service providers and remote access controls, and reviewing its use of Social Security numbers and other personal information. The OIG review credited the NCUA with improving its overall IT security program during the past year. Those improvements included enhancing its policies and procedures, completing e-Authentication risk assessments for its two e-Authentication systems, and completing security control assessments for five of its six FISMA systems. For the full OIG review, use the resource link.