| Text of Recommendation | We recommend that the Deputy Secretary of Commerce direct the Department's Chief Information Officer to revise Department policy to require that SSPs include the implementation status of customer-defined CSP baseline security controls on all cloud systems or document justification for not incorporating those controls.
|
|---|---|
| Recommendation Number | 1 |
| Recommendation Status | Closed |
| Significant Recommendation | Yes |
| Recommendation Questioned Costs | $0 |
| Recommendation Funds for Better Use | $0 |
| Submitting OIG | |
|---|---|
| Linked Report |