DODIG-2025-086 - Recommendation D-2025-0086-D000CP-0001-0001.1g

(U) Rec. 1.g: The DoD OIG recommended that the DoD Chief Information Officer direct DoD Components, including the Coast Guard, in coordination with the DoD Component Chief Information Security Officers, Chief Information Officers, and Authorizing Officials, to require officials to develop a plan of action and milestones for non-national security systems that have not implemented all Inspector General Federal Information Security Modernization Act of 2014 reporting metrics-related controls or those systems with a low implementation percentage (for example, below 75 percent), and track the completion of the plans until such controls are implemented or have elevated to an acceptable level and are reported in the Enterprise Mission Assurance Support Service, or an equivalent system.