Open Recommendations
Recommendation Number | Significant Recommendation | Recommended Questioned Costs | Recommended Funds for Better Use | Additional Details | |
---|---|---|---|---|---|
24-A-18-057.01 | No | $0 | $0 | ||
We recommend ACF update and maintain a complete and accurate inventory of information systems hosted in the cloud. | |||||
24-A-18-057.02 | No | $0 | $0 | ||
We reccomend ACF remediate the 19 security control findings in accordance with NIST SP 800-53. | |||||
24-A-18-057.03 | No | $0 | $0 | ||
We recommend ACF update its cloud security procedures to include detailed steps for operational staff to effectively implement cloud security baselines in accordance with HHS requirements. | |||||
24-A-18-057.04 | No | $0 | $0 | ||
We reccomend ACF leverage cloud security assessment tools to identify misconfigurations and weakcybersecurity controls in its cloud infrastructure. | |||||
24-A-18-057.05 | No | $0 | $0 | ||
We recommend ACF conduct testing of its cloud information systems that includes the emulation of anadversary's tactics and techniques on a defined reoccurring basis. |