Text of Recommendation | Using the results of recommendations one above:
a. Utilizing guidance from the National Institute of Standards in Technology (NIST) Special Publication (SP) 800-55 (Rev. 1) – Performance Measurement Guide for Information Security to establish performance metrics to manage and optimize all domains of the DNFSB information security program more effectively;
b. Implement a centralized view of risk across the organization;
c. Implement formal procedures for prioritizing and tracking POA&Ms to remediate vulnerabilities. |
---|---|
Recommendation Number | 2 |
Recommendation Status | Open |
Significant Recommendation | Yes |
Recommendation Questioned Costs | $0 |
Recommendation Funds for Better Use | $0 |
Submitting OIG | |
---|---|
Linked Report |