Text of Recommendation | Ensure mitigation actions for ICT products, especially mission-critical ICT products or services, are descriptive, actionable, and tailored to the user environment and operational contexts (including its anonymity of procurement statement); and work with OCIO and the SCRM Unit to create and resource a continuous monitoring program that monitors C-SCRM risks across the FBI, ensures that users understand and follow C-SCRM mitigations identified in the product vulnerability and procurement risk assessments, and develops procedures to periodically monitor and assess user compliance with its C-SCRM mitigation actions. |
---|---|
Recommendation Number | 11 |
Recommendation Status | Open |
Significant Recommendation | No |
Recommendation Questioned Costs | $0 |
Recommendation Funds for Better Use | $0 |
Additional Information | Accurate as of February 29, 2024. Also available on the DOJ OIG's website at the following link. |
Additional Details Link |
Submitting OIG | |
---|---|
Linked Report |