Open Recommendations
Recommendation Number | Significant Recommendation | Recommended Questioned Costs | Recommended Funds for Better Use | Additional Details | |
---|---|---|---|---|---|
4 | Yes | $0 | $0 | ||
We recommend the CIO: Enforce DOL requirements for implementing, auditing, testing and documenting exceptions to baseline configurations. | |||||
7 | Yes | $0 | $0 | ||
We recommend the CIO: Execute the OCIO and AO oversight process to ensure compliance with DOL requirements for the performance of Security Impact Analysis (SIA)s prior to the implementation of system changes. | |||||
13 | Yes | $0 | $0 | ||
We recommend the CIO: Develop clear standards for the documentation of information security controls and enforce the adherence to these standards through OCIO monitoring processes for developing, reviewing and maintaining system security plans and documentation. |