Text of Recommendation | FLRA should develop, review and update, as necessary, the following information security
program policies and procedures in accordance with NIST and agency requirements:
a. Risk policies and procedures.
b. System and Services Acquisition Policy.
c. Personnel Security policy.
d. Security Assessment policy.
e. Personnel Security policy.
f. Configuration Management policy.
g. Configuration Management Plan.
h. Incident Response policy.
i. Security Awareness policy.
j. Identification and Authentication policy.
k. Access policy.
l. Mobile Code Usage and Restrictions Policy. |
---|---|
Recommendation Number | 1 |
Recommendation Status | Closed |
Significant Recommendation | No |
Recommendation Questioned Costs | $0 |
Recommendation Funds for Better Use | $0 |
Submitting OIG | |
---|---|
Linked Report |