Text of Recommendation | We recommend that the Deputy Secretary of Commerce ensure that the Chief Information Officer immediately develop detailed policies and procedures that will do the following: (a) ensure the authorization process for Departmental NSS is clearly defined and executed according to the risk management framework; (b) require that Department NSS receive regular, independent assessments according to the risk management framework. These policies and procedures must include consideration of security clearance adjudication timeframes for future assessments; and (c) address the creation and maintenance of an NSS inventory. This should include a requirement for all Department bureaus to provide an update when changes occur.
|
---|---|
Recommendation Number | 5 |
Recommendation Status | Open |
Significant Recommendation | Yes |
Recommendation Questioned Costs | $0 |
Recommendation Funds for Better Use | $0 |
Submitting OIG | |
---|---|
Linked Report |