Text of Recommendation | Centralize system privileged and non-privileged user access review, audit log activity monitoring, and management of Personal Identity Verification (PIV) or Identity Assurance Level (IAL) 3/Authenticator Assurance Level (AAL) 3 credential access to all NRC systems (findings noted in bullets a, and c, above) by continuing efforts to implement these capabilities using the Splunk QAudit, SailPoint, and CyberArk automated tools. |
---|---|
Recommendation Number | 10 |
Recommendation Status | Closed |
Significant Recommendation | Yes |
Recommendation Questioned Costs | $0 |
Recommendation Funds for Better Use | $0 |
Submitting OIG | |
---|---|
Linked Report |