Open Recommendations
Recommendation Number | Significant Recommendation | Recommended Questioned Costs | Recommended Funds for Better Use | Additional Details | |
---|---|---|---|---|---|
1 | Yes | $0 | $0 | ||
The Chief of Management and Administration and the Chief Operating Officer ensure the Risk Executive, Chief of Management and Administration, Chief Operating Officer, and Senior Accountable Official for risk management roles and responsibilities are fully and accurately defined in NARA policies. | |||||
2 | Yes | $0 | $0 | ||
The Chief of Management and Administration develop, document, implement, and disseminate an organizational risk management strategy and policy, in accordance with NIST 800-39, and a process for coordination between cybersecurity and enterprise risk management. |