R - 3 - Direct Computerized Forwarding System site employees to securely store hard copy change of address orders in accordance with policy. R - 2 - Communicate user account management policies to all Computerized Forwarding System site employees. R - 1 - Add the Change of Address Forms Processing System to the eAccess application or use an alternative method for user account management. We also recommended management re-initiate the National Change of Address certification and accreditation process, upgrade outdated security software, identify all cooperative database mailers and their activities, and implement a process to ensure current Postal Service requirements are in all license agreements to protect customer information.įinally, we recommended management implement a plan of action for conducting random site security reviews of licensees and evaluate potential solutions and benefits of automating the acknowledgement form process. We recommended management centralize user account management in eAccess for the COA Forms Processing System, and store hard copy COA orders in accordance with policy. In addition, management does not have an enterprise solution in place or plan to automate the acknowledgement form process. We estimated 13,554,542 NCOALink customer records with a potential value of $228 million are at risk. We visited one of the 22 Computerized Forwarding System sites and found personnel did not adhere to controls related to processing and retaining hard copy COA orders.Īs a result, there is a risk that unauthorized users could access COA data and NCOALink data could be breached, which could lead to fines and a negative impact on the Postal Service brand. Security controls over the COA manual processes and NCOALink data are not sufficient to protect the confidentiality and integrity of customer information. Our objectives were to determine whether security controls over the COA manual process and NCOALink data adequately protect the confidentiality and integrity of customer data and identify potential solutions for improving the Postal Service’s acknowledgement form process. The Postal Service requires licensees and their customers to complete a Processing Acknowledgment Form (acknowledgement form) to comply with the Privacy Act of 1974 and document the companies’ intended use of the data. NCOA Link is an application containing about 160 million COA records. The Postal Service provides COA information for a fee through National Change of Address Linkage (NCOALink) to licensees who facilitate relationships with business mailers. Customers can submit orders electronically through the Internet or submit hard copy orders through the mail or at a Post Office retail counter. More than 40 million Americans change their addresses annually and submit change of address (COA) orders to the U.S.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |