| Text of Recommendation | Take action to work with all OAs to perform a thorough CSAM quality review to ensure system documentation matches what is entered into CSAM. At a minimum, the review should verify that: (1) system authorization dates in CSAM match what is approved by the authorizing official; (2) POAMs are created and reported once a security weakness is found; and (3) authorizing officials are provided accurate documentation on all risks accepted. |
|---|---|
| Recommendation Number | 2 |
| Recommendation Status | Open |
| Significant Recommendation | Yes |
| Recommendation Questioned Costs | $0 |
| Recommendation Funds for Better Use | $0 |
| Additional Details Link |
| Submitting OIG | |
|---|---|
| Report Title | DOT Continues to Make Progress, but the Department’s Information Security Posture Is Still Not Effective |
| Report Submitting OIG-Specific Report Number | FI2017008 |
| Report Date Issued | Wednesday, November 9, 2016 |
| Report Agency Reviewed / Investigated | |
| Report Questioned Costs | $0 |
| Report Funds for Better Use | $0 |