Welcome to TSP Strategies

Welcome to TSPstrategies.com! This Web site is dedicated to exploring the benefits of saving and investing in the Thrift Savings Plan.

The companion book, TSP Investing Strategies: Building Wealth While Working for Uncle Sam, lays out a simple set of strategies for long-term, buy-and-hold investors to consider while investing in the TSP. This Web site and accompanying blog will build on those concepts, while focusing on new investing options and developments related to the TSP.

TSP Stratagies Number One on Amazon

Category: TSP Security



Making Strides in Security

There’s been a lot of work going on behind the scenes.   The TSP has been quietly beefing up security. As long-time readers of this forum know, in addition the security breach reported in 2012, the TSP has had a number of open issues related to past security audits. To work these and other issues related to security, the TSP established and filled the position of the Chief Information Security Officer this spring in addition to the Chief Technology Officer.  It … more

Leave a comment



TSP Site Unaffected by ‘Heartbleed’

According to a brief – if not terse – statement on the TSP website, the site itself was unaffected by ‘heartbleed’: TSP Safe from “Heartbleed” Bug — (April 10, 2014) We have reviewed our systems. TSP.gov is not affected by the Heartbleed vulnerability. While tsp.gov is not included, here is a list of major sites that were and were not affected by ‘heartbleed.’

Leave a comment



TSP Issues Warning on Third-Party Apps

The TSP issued a warning earlier today about third-party apps, particularly ones that request TSP account information.  While a TSP app could eventually be developed perhaps as early as this year, TSP has yet to launch one. The TSP warning reads: Warning: Third-Party Mobile Applications — There are a number of mobile applications that reference the Thrift Savings Plan and may prompt you for your TSP account credentials. These applications are NOT sponsored by the TSP. The TSP cannot endorse … more

1 Comment



Some Records Updated, But Questions Remain

As an update to the previous post, some of the documents originally missing from the October 2012 Federal Retirement Thrift Investment Board (FRTIB) meeting minutes have been uploaded.  Well, one at least. For those who are interested in issues related to security, an audit report compiled by CliftonLarsonAllen discussed, among other things, “internal controls over financial reporting and general computer and application controls” – though auditors did not test the operating effectiveness of these controls or the changes made to … more

Leave a comment



Transparency and the TSP

TSP administrators began their New Year’s outreach efforts on Monday by addressing the federal debt limit and the G Fund and by talking with Federal News Radio.  Some of the topics included discussions of the Roth TSP, the G Fund, and how the end of the payroll tax reduction might cause some participants to reduce their contributions.  The Executive Director was involved in each of these efforts, apparently taking back over from the acting executive director after the holidays. In … more

Leave a comment



Just When you Thought Your TSP Account Was Secure….

Reading through the TSP’s budget plan for FY2013, I came across the following interesting “mission critical” “initiative” on the part of TSP administrators: “We intend to modify existing Data Center and Infrastructure Support contracts to increase the scope of work, to include the creation of a security and network operations team with the capability to detect, track and react to threats to our security and network operations…Further, we intend to award an independent support contract for the Chief Information Security … more

1 Comment



Previous TSP Audits Discussed Security Related to Serco Services

In addition to its most recent audit on security, the advisory firm KPMG has completed at least seven audits of TSP-related topics in the past four years.  Two audits – both of which at least tangentially discussed Serco – stand out, given the issues related to the Serco information leak reported earlier this year and in light of the July 2012 audit.  And curiously, these two audits that touched upon Serco also appear to be incomplete—they are missing the Agency’s … more

Leave a comment



Multiple Lingering Security Issues Still ‘Open,’ Recent Audit Finds

The audit and advisory firm KPMG conducts periodic audits of the Thrift Savings Plan.  In 2010 it audited the “Lifecycle Funds Process.”  In 2011 it audited the “Withdrawals Process” and later the “Government Securities Investment Fund Investment Operations.”  Each contained results of the audit, along with a list of individuals interviewed, documents reviewed, and the “Agency’s responses” to the findings as an appendix. Most recently, KPMG completed an audit of the “computer access and technical security controls” of the TSP, … more




A TSP App By Late 2013?

The Thrift Savings Plan has changed a lot over the past ten years.  In 2002, it expanded the number of funds from three to five, and a few years later it created a series of lifecycle funds.  Also in 2002, the TSP opened to uniformed service personnel, and participation subsequently expanded by 50% over the next ten years. That same year, the TSP Web site began to post the daily closing prices for each of the funds, and participants eventually … more




Additional TSP Site Security Warranted Following Hacking Incident

It is a truism in Washington that if an agency or politician needs to publicize negative news, it issues a press release on Friday afternoon just as everyone is headed home for the weekend.  The recently reported TSP hacking incident was certainly negative news, and TSP administrators posted their most recent update on Friday afternoon.  While the posting appeared on the site at just after 3 p.m. EST, still during business hours and not quite late enough to avoid garnering … more