Text of Recommendation | All vulnerabilities should be reviewed in terms of their risk classification (e.g. high, medium, and low). Furthermore, IT should establish a formalized policy for how timely deficiencies (high, medium, and low) need to be remediated. Best practices across other agencies remediate high vulnerabilities within 1 business day and medium vulnerabilities within 3-5 business days, therefore, FLRA should follow best practices. |
---|---|
Recommendation Number | 2 |
Recommendation Status | Closed |
Significant Recommendation | No |
Recommendation Questioned Costs | $0 |
Recommendation Funds for Better Use | $0 |
Submitting OIG | |
---|---|
Linked Report |