| Text of Recommendation | We recommend that IAF’s chief information officer fully document and implement a process to include in the risk acceptance forms a clear business reason for risk acceptance and the compensating controls implemented to reduce the risk that vulnerabilities can be exploited. |
|---|---|
| Recommendation Number | 1 |
| Recommendation Status | Closed |
| Recommendation Questioned Costs | $0 |
| Recommendation Funds for Better Use | $0 |
| Submitting OIG | |
|---|---|
| Linked Report |