Text of Recommendation | USADF's chief information security officer strengthen the organization-wide information security program in accordance with National Institute of Standards and Technology standards by establishing and implementing documented processes to:_x000D_
-Establish, communicate, and implement an organization-wide risk management strategy for operation and use of the Foundation's information systems in accordance with National Institute of Standards and Technology standards._x000D_
-Review and update the system security plans to reflect National Institute of Standards and Technology Special Publication 800-53, Revision 4, "Security and Privacy Controls for Federal Information Systems and Organizations." At a minimum, this should include a determination whether the security requirements and controls for the system are adequately documented and reflect the current information system environment._x000D_
-Perform information system security assessments on an annual basis in accordance with USADF's policy._x000D_
-Review and update the system risk |
---|---|
Recommendation Number | 1 |
Recommendation Status | Closed |
Recommendation Questioned Costs | $0 |
Recommendation Funds for Better Use | $0 |
Submitting OIG | |
---|---|
Linked Report |