|Text of Recommendation|| |
We recommended the Assistant Secretary for Information and Technology consistently implement an improved continuous monitoring program in accordance with the NIST Risk Management Framework. Specifically, implement an independent security control assessment process to evaluate the effectiveness of security controls prior to granting authorization decisions.
|Recommendation Number|| |
|Recommendation Status|| |
|Significant Recommendation|| |