The HHS Office of Inspector General will evaluate the department's ability to respond to cybersecurity threats, according to its updated work plan.
The Federal Information Security Management Act requires federal agencies to implement certain procedures and policies to detect and respond to security incidents. With its audit, the OIG will determine whether HHS has "sufficiently implemented incident response capabilities to safeguard the department's information technology systems and data."
"Incidents involving cybersecurity and privacy threats, such as malware, malicious user activity and vulnerabilities associated with highly interconnected technology require a skilled and rapid response to reduce their likelihood and to reduce or mitigate loss or destruction of data, loss of funds, loss of productivity and damage to the agency's reputation," the work plan states.
The OIG expects to issue its results in 2018.
More articles on cybersecurity:
11 cybersecurity terms to know
42.4% of Americans willing to give up alcohol to ensure cybersecurity