Text of Recommendation | The Chief Information Officer should establish an entity to oversee enterprise-wide vulnerability remediation to ensure that vulnerabilities are remediated within required time frames, Plans of Action and Milestones (POA&Ms) and Risk-Based Decisions (RBDs) are documented as required, and vulnerability remediation metrics are reviewed and reported to appropriate leadership. |
---|---|
Recommendation Number | 1 |
Recommendation Status | Closed |
Significant Recommendation | No |
Submitting OIG | |
---|---|
Linked Report |