Stay Informed
of New Reports
Twitter
Where To Report Waste
Fraud, Abuse, Or Retaliation
Where To Report Waste Fraud, Abuse, Or Retaliation
Recommendation Details
Text of Recommendation
Ensure that missing security patches are either applied in accordance with DOT policy or that vulnerable software is otherwise remediated on the affected endpoints. In addition, ensure that missing security patches attributable to specific mission/business requirements are identified, control weaknesses are appropriately documented in POA&Ms, and that the authorizing official is aware of and has accepted risk for the associated weaknesses.
Recommendation Number
11
Recommendation Status
Open
Significant Recommendation
Yes
Recommendation Questioned Costs
$0
Recommendation Funds for Better Use
$0
Additional Details Link
https://www.oig.dot.gov/library-item/38077
Associated Report Details
Submitting OIG
Department of Transportation OIG
Linked Report
Quality Control Review of the Independent Auditor's Report on the Assessment of DOT's Information Security Program and Practices