Text of Recommendation | For the COE and FAA, update procedures and practices for monitoring and authorizing common security controls to (a) require supporting documentation for controls continual assessments, (b) complete reauthorization assessments for the controls, (c) finalize guidance for customers' use of controls, and (d) establish communication protocols between authorizing officials and common control providers regarding control status and risks. |
---|---|
Recommendation Number | 3 |
Recommendation Status | Open |
Significant Recommendation | Yes |
Recommendation Questioned Costs | $0 |
Recommendation Funds for Better Use | $0 |
Additional Details Link |
Submitting OIG | |
---|---|
Report Title | FISMA 2017: DOT’s Information Security Posture Is Still Not Effective |
Report Submitting OIG-Specific Report Number | FI2018017 |
Report Date Issued | Wednesday, January 24, 2018 |
Report Agency Reviewed / Investigated | |
Report Questioned Costs | $0 |
Report Funds for Better Use | $0 |