| 1 |
No |
$0 |
$0 |
|
|
Reconcile departure reports received from Human Capital to the asset managementinventory system, on a regular basis (e.g., monthly, quarterly, etc.) to ensure updates arebeing made in a timely manner and are accurate to reflect separated or transferredemployees and contractors.
|
| 2 |
No |
$0 |
$0 |
|
|
Perform a reconciliation of all NARA hardware asset inventories to ensure all data such asassignments and status are accurately and completely stated, investigating any unusual orpotentially duplicate entries, and making revisions as needed.
|
| 3 |
No |
$0 |
$0 |
|
|
Ensure IT policies, procedures, methodologies, and supplements are reviewed andapproved in accordance with NARA Directive 111.
|
| 5 |
No |
$0 |
$0 |
|
|
Implement a process to ensure accounts with access to the Domain Administrators groupare appropriately assigned based on job responsibilities. If determined that an account canbe configured with more restrictive access, then implement a process to revoke the DomainAdministrator group membership and apply the most restrictive access.
|
| 6 |
No |
$0 |
$0 |
|
|
Develop and implement policies and procedures for network user accounts to:• Create unique passwords for each service account.• Maintain a list of commonly used, expected, or compromised passwords.• Update the list on an organization defined timeframe and when organizationalpasswords are suspected to have been compromised directly or indirectly.• Verify (such as through regular password audits or system configurations), when userscreate or update passwords, that the passwords are not found on the list of commonlyused, expected, or compromised passwords.
|
| 7 |
No |
$0 |
$0 |
|
|
Assess applications residing on unsupported platforms to identify a list of applications, allservers associated to each application, and the grouping and schedule of applications to bemigrated, with the resulting migration of applications to vendor-supported platforms.
|
| 9 |
No |
$0 |
$0 |
|
|
Ensure user system accounts for all systems are periodically reviewed and automaticallydisabled in accordance with NARA policy.
|
| 10 |
No |
$0 |
$0 |
|
|
Ensure audit logging is enabled for each major information system.
|
| 11 |
No |
$0 |
$0 |
|
|
Ensure periodic reviews of generated audit logs are performed for each major informationsystem.
|
| 12 |
No |
$0 |
$0 |
|
|
12. Ensure password configuration settings for all major information systems are in accordancewith NARA IT Security Requirements.
|
| 13 |
No |
$0 |
$0 |
|
|
Ensure the use of shared/group accounts is restricted to only those users with a validbusiness justification, by enhancing user account review procedures to incorporate reviewsof shared/group account membership and reasonableness.
|
| 14 |
No |
$0 |
$0 |
|
|
Ensure a process is developed, documented, and implemented to change passwordswhenever users within shared/group accounts change.
|
| 15 |
No |
$0 |
$0 |
|
|
Ensure a comprehensive ICAM policy or strategy, which includes the establishment ofrelated Standard Operating Procedures (SOPs), identification of stakeholders,communicating relevant goals, task assignments and measure and reporting progress isdeveloped and implemented.
|
| 16 |
No |
$0 |
$0 |
|
|
Implement requirements across all EL maturity tiers to ensure events are logged andtracked in accordance with OMB M-21-31.
|
