Remote Application and Desktop Virtualization Client
Audit · Tennessee Valley Authority OIG · 2023-06-21 · about Tennessee Valley Authority
Report
Title
Remote Application and Desktop Virtualization Client
Submitting OIG
Tennessee Valley Authority OIG
Component agency
Tennessee Valley Authority
Type
Audit
Publication date
2023-06-21
Summary
The Office of the Inspector General audited the Tennessee Valley Authority’s (TVA) use of remote application and desktop virtualization client due to the risks of (1) potential system intrusion through misconfigurations and (2) continued elevated remote users during the COVID-19 pandemic. We found the configuration management control for TVA’s remote application desktop virtualization client was ineffective. However, we determined compensating access controls were in place to mitigate the risk to an overall acceptable level.
Recommendations (1)
#
Status
Text
1
Closed
We recommend the Vice President and Chief Information and Digital Officer, Technology and Information, design and implement a documented configuration management process of TVA’s remote application and desktop virtualization client.