|Title:||Inspection of Information Security at the Southern Oregon Rehabilitation Center and Clinics|
|VA Office:||Office of Information and Technology (OIT)
Veterans Health Administration (VHA)
|Report Author:||Office of Audits and Evaluations
|Report Type:||Information Security Inspection
The VA Office of Inspector General (OIG) conducts information security inspections to assess whether VA facilities are meeting federal security requirements. These inspections focus on four security control areas that apply to local facilities and have been selected based on their levels of risk: configuration management, contingency planning, security management, and access controls. During this inspection, the OIG found deficiencies with configuration management, security management, and access controls.