U.S. flag

An official website of the United States government

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.


Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.


FISCAL Year 2023 Federal Information Security Modernization Act Evaluation of AmeriCorps

Date Issued
Report Number
Report Type
Inspection / Evaluation
The fiscal year 2023 FISMA evaluation concluded that AmeriCorps’ information security program remains ineffective, assessed as of July 31, 2023. Control weaknesses in the following areas prevent AmeriCorps’ cybersecurity program from maturing: (1) Inventory management, (2) vulnerability and patch management program, (3) unsupported software, (4) authorization packages, (5) incident response plan, (6) logging and (7) contingency planning. The failure to address critical deficiencies leaves AmeriCorps’ systems and data vulnerable to breach, which may expose sensitive information, including Personally Identifiable Information, unauthorized access, use, and disclosure. Implementing new and open recommendations will help AmeriCorps to mature its information security. AmeriCorps concurred with the 15 new recommendations in our report, which together with the 14 remaining prior year recommendations, will assist AmeriCorps in developing a mature and effective information security program. The full report contains a summary and evaluation of management’s response.
Joint Report
Agency Wide
Questioned Costs
Funds for Better Use

Open Recommendations

No recommendations at this time.