| Text of Recommendation | We recommend that the Director develop a strategy and structure that integrates information security into the agency’s business operations. This should include an established responsibility for assessing information security risks in all agency programs and operations and providing this analysis to senior leadership, including the ERM Council, for decision-making. |
|---|---|
| Recommendation Number | 1 |
| Recommendation Status | Closed |
| Significant Recommendation | Yes |
| Recommendation Questioned Costs | $0 |
| Recommendation Funds for Better Use | $0 |
| Submitting OIG | |
|---|---|
| Linked Report |