Text of Recommendation | Revise existing configuration management procedures to include performance measures and/or monitoring procedures to ensure software compliance assessments, including vulnerability assessments, are performed as required: (i) before a system is connected to the NRC production environment, (ii) during security test and evaluation of systems, and (iii) as part of the agency’s continuous monitoring environment. |
---|---|
Recommendation Number | 4 |
Recommendation Status | Closed |
Significant Recommendation | Yes |
Submitting OIG | |
---|---|
Linked Report |