Text of Recommendation | We recommend that the Deputy Secretary of Commerce ensure that the Chief Information Officer implement the following Committee on National Security Systems and National Institute of Standards and Technology IT security requirements for System X: (a) fill fundamental security roles (e.g., system owner, information system security officer); (b) complete the risk management framework steps, including authorizing System X to operate; (c) develop a process to regularly install software security updates; and (d) replace end-of-life system components.
|
---|---|
Recommendation Number | 1 |
Recommendation Status | Open |
Significant Recommendation | Yes |
Recommendation Questioned Costs | $0 |
Recommendation Funds for Better Use | $0 |
Submitting OIG | |
---|---|
Linked Report |