Government security, Critical Infrastructure Security, Audits (External, Internal)

Audit finds governance, cybersecurity weaknesses in FAA systems

FedScoop reports that the Federal Aviation Administration was discovered by the Department of Transportation's Office of the Inspector General to have multiple governance gaps, including the failed adoption of standard security controls for its National Airspace System's IT systems.

In an audit composed of interviews with officials and a review of documents on the FAA's 45 critical systems between October 2024 and January 2026, the DOT unit was found to not only have insufficient documentation but also to have neglected monitoring and addressing vulnerabilities, while subscribing to antiquated guidelines in certain instances.

"Lack of transparency increases the risk that FAA and the Department may not be able to identify common threats and vulnerabilities or provide comprehensive IT weakness tracking and reporting," said the inspector general in the report.

According to the FAA, operational complexity, financial constraints, and technical limits are the causes of the governance gaps. Several of the agency's current systems would need major technological changes or completely new purchases, which would result in delays and cost overruns.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds