Text of Recommendation | 2. Inconsistent Management Authorizations and Approvals for CenturyLink Data Center Access (NCUA-IT-18-01). We noted that the NCUA management was unable to provide evidence that it approved physical access for three users with access to the CenturyLink Data Center. A group of contractors were hired into roles that would have Data Center management responsibilities, and the Chief Information Security Officer (CISO) gave verbal approvals to the CenturyLink Data Center Manager to grant the users’ access to the Data Center, and did not document the approval in a written, or emailed, format. |
---|---|
Recommendation Number | OIG-19-01/02/03/04 NCUA 2018 Financial Statement Audits |
Recommendation Status | Closed |
Significant Recommendation | No |
Recommendation Questioned Costs | $0 |
Recommendation Funds for Better Use | $0 |
Additional Details Link |
Submitting OIG | |
---|---|
Linked Report |