| Text of Recommendation | Ensure mitigation actions for ICT products, especially mission-critical ICT products or services, are descriptive, actionable, and tailored to the user environment and operational contexts (including its anonymity of procurement statement); and work with OCIO and the SCRM Unit to create and resource a continuous monitoring program that monitors C-SCRM risks across the FBI, ensures that users understand and follow C-SCRM mitigations identified in the product vulnerability and procurement risk assessments, and develops procedures to periodically monitor and assess user compliance with its C-SCRM mitigation actions. |
|---|---|
| Recommendation Number | 11 |
| Recommendation Status | Open |
| Significant Recommendation | No |
| Recommendation Questioned Costs | $0 |
| Recommendation Funds for Better Use | $0 |
| Additional Information | Accurate as of February 29, 2024. Also available on the DOJ OIG's website at the following link. |
| Additional Details Link |
| Submitting OIG | |
|---|---|
| Linked Report |