IAF Generally Implemented an Effective Information Security Program for Fiscal Year 2021 in Support of FISMA

Audit Report
Report Number
A-IAF-22-002-C

We contracted with the independent certified public accounting firm of RMA Associates LLC (RMA) to conduct an audit of the Inter-American Foundation’s (IAF’s) information security program for fiscal year 2021 as required by the Federal Information Security Modernization Act of 2014 (FISMA). The audit firm concluded that IAF generally implemented an effective information security program, which was defined as having an overall mature program based on the fiscal year 2021 inspector general FISMA reporting metrics. Nevertheless, RMA identified weaknesses in all nine FISMA reporting metric domains. We made nine recommendations to address these weaknesses and further strengthen IAF’s information security program.

Recommendations