The information security program of the Consumer Financial Protection Bureau (CFPB) is “not effective” and its maturity level has been downgraded to Level 2 (Defined). The move has been made by the Federal Reserve Board Office of Inspector General (OIG), which released its 2025 Federal Information Security Modernization Act (FISMA) audit
Level