Sec. 301. GAO audit of information technology infrastructure and handling of data
181 words·~1 min read·
/bill/118/hr/8339/rh/section-301A research copy — for the controlling text, always check the official state or federal source. Not legal advice.
The Comptroller General of the United States shall, not later than 1 year after the date of the enactment of this Act— perform an independent audit of the information technology
(IT)infrastructure of the Securities and Exchange Commission and the Commission’s handling of data, including— a comparison of the Commission’s IT spending to other Federal financial regulators, including— the total amount spent on IT equipment and services; and the amount of IT spending in proportion to each regulator’s total spending; examining the quality and effectiveness of the Commission’s IT contracting; determining if the Commission’s data and cybersecurity systems and procedures are sufficient; and examining any recent Commission IT or data events, such as breaches or hacks, that may have compromised the Commission’s IT infrastructure or exposed a vulnerability; and provide to the Commission, the Committee on Financial Services of the House of Representatives, and the Committee on Banking, Housing, and Urban Affairs of the Senate a report containing— all findings and determinations made in conducting the audit; and recommendations for steps that can be taken to improve the Commission’s IT infrastructure.