We recommended the Assistant Secretary for Information and Technology consistently implement an improved continuous monitoring program in accordance with the NIST Risk Management Framework. Specifically, implement an independent security control assessment process to evaluate the effectiveness of security controls prior to granting authorization decisions. (This is a repeat recommendation from prior years.)
Questioned Costs
$0
Funds for Better Use
$0
Recommendation Status
Closed
Source UUID
22-01576-72-01
Recommendation Number
01
Significant Recommendation
No