Open Recommendations
Recommendation Number | Significant Recommendation | Recommended Questioned Costs | Recommended Funds for Better Use | Additional Details | |
---|---|---|---|---|---|
24-A-18-097.01 | No | $0 | $0 | ||
We recommend that the Illinois Department of Healthcare and Family Services remediate the four security control findings identified by OIG. | |||||
24-A-18-097.02 | No | $0 | $0 | ||
We recommend that the Illinois Department of Healthcare and Family Services develop and implement flaw remediation policies and procedures for effectively identifying vulnerabilities, prioritizing them based on potential impact and exploitability, and remediating them within a defined timeframe as required by NIST SP 800-53, SI-2, Flaw Remediation, or other standards governing security of Federal systems and information. | |||||
24-A-18-097.03 | No | $0 | $0 | ||
We recommend that the Illinois Department of Healthcare and Family Services enhance its testing procedures to include performing more robust technical testing of web-facing systems and emulation of an adversary's tactics and techniques on a defined reoccurring basis, in order to better assess the effectiveness of NIST SP 800-53 controls. |