| Text of Recommendation | Establish policies, procedures, and internal controls that ensure they follow Congressional requirements to apply C-SCRM procedures to new FISMA reportable IT systems designated high- or moderate-impact and report C-SCRM statistics to the OIG. FBI and JMD should also contact CNSS to determine if submission of an annual report on the progress and effectiveness of their C-SCRM capabilities remains an active requirement, and if so, establish policies and procedures to ensure that they submit—either separately or jointly—these reports to CNSS annually, in accordance with CNSS Directive 505. |
|---|---|
| Recommendation Number | 16b |
| Recommendation Status | Open |
| Significant Recommendation | No |
| Recommendation Questioned Costs | $0 |
| Recommendation Funds for Better Use | $0 |
| Additional Information | Accurate as of February 29, 2024. Also available on the DOJ OIG's website at the following link. |
| Additional Details Link |
| Submitting OIG | |
|---|---|
| Linked Report |