Text of Recommendation | Update its C-SCRM risk assessment methodology to assess vulnerabilities, likelihood, and impact, in accordance with NIST 800-161, Revision 1 and CNSS Directive 505; and that its risk assessment also be applied to resellers, particularly those handling IT goods. |
---|---|
Recommendation Number | 3 |
Recommendation Status | Open |
Significant Recommendation | No |
Recommendation Questioned Costs | $0 |
Recommendation Funds for Better Use | $0 |
Additional Information | Accurate as of February 29, 2024. Also available on the DOJ OIG's website at the following link. |
Additional Details Link |
Submitting OIG | |
---|---|
Linked Report |