Text of Recommendation | Ensure that Acquisition Security Unit analysts receive the training and resources necessary to fulfill IC Standard 731-02’s sourcing requirements and that ASU then incorporates the IC Directive 206 sourcing procedures into its vendor threat assessment process; that ASU and the SCRM Unit modify the existing vendor threat assessment process to better align its information collection methodology, risk tolerance levels, and other attributes with the enterprise needs; and that ASU develops policies or procedures to ensure that ASU vendor threat assessments, especially those for high or critical risk vendors, are updated every 2 years, as required by IC Directive 731. |
---|---|
Recommendation Number | 7 |
Recommendation Status | Open |
Significant Recommendation | No |
Recommendation Questioned Costs | $0 |
Recommendation Funds for Better Use | $0 |
Additional Information | Accurate as of February 29, 2024. Also available on the DOJ OIG's website at the following link. |
Additional Details Link |
Submitting OIG | |
---|---|
Linked Report |