FinCEN IT Security & Compliance
Investment ID: 015-000200324
Overview
Program Title
FinCEN IT Security & Compliance
Description
Standard IT Investment for costs associated with IT Security and Compliance. Provides IT security support to include maintaining FinCEN's FISMA-high security posture and supporting Executive Order 14208. (OMB Guidance: An Investment for the provisioning of Security Operations Centers (SOCs) and associated costs in alignment with the TBM IT Security and Compliance Tower).
Type of Program
Standard IT Investments
Multi-Agency Category
Not Applicable
Investment Detail
FinCEN's IT Security Investment supports the confidentiality, integrity and availability of FinCEN's technical environment. The oversight of activities required to maintain the Authorized to Operate (ATO) status for FinCEN systems to include the performance of all core FISMA compliance activities (e.g.,Security Assessment and Authorizations (SA&As), independent Annual Security Assessments, annual security awareness training and contingency plan testing) comprise this investment. The return on investment (ROI) reflects qualitative as well as some estimated quantitative benefits (e.g., the per record cost of government data breach). The qualitative benefits of this investment are the implementation and maintenance of secure access, data integrity and system and data availability provided to law enforcement and financial industry regulators for the BSA information filings. The quantitative benefits can be estimated based upon the cost of government data breach if systems and data is not maintained and monitored in a secure system. Recent studies have placed the per record cost of a data breach in a range between $80 - $254 per record.