| Text of Recommendation | Improve the product vulnerability assessments for mission-critical ICT products by incorporating necessary information from the vendor threat assessments, evaluating vulnerabilities and the ease of exploitability by a threat actor, identifying whether specific mitigations exist to address product vulnerabilities, and assigning a vulnerability rating to each vulnerability identified, to better align the product vulnerability assessment with IC Standard 731-04. |
|---|---|
| Recommendation Number | 8 |
| Recommendation Status | Open |
| Significant Recommendation | No |
| Recommendation Questioned Costs | $0 |
| Recommendation Funds for Better Use | $0 |
| Additional Information | Accurate as of February 29, 2024. Also available on the DOJ OIG's website at the following link. |
| Additional Details Link |
| Submitting OIG | |
|---|---|
| Linked Report |