This report summarizes the results of CLA’s independent evaluation and contains seven recommendations that will assist the agency in improving the effectiveness of its information security and its privacy programs and practices.
Open Recommendations
Recommendation Number | Significant Recommendation | Recommended Questioned Costs | Recommended Funds for Better Use | Additional Details | |
---|---|---|---|---|---|
1.OIG-21-09Recommendation | No | $0 | $0 | ||
Review the SCRM NIST guidance and update the SCRM plan, policies, and procedures to fully address supply chain risk management controls and practices. | |||||
6.OIG-21-09Recommendation | No | $0 | $0 | ||
Upon issuance of the CUI policies, design and implement media marking to designate protection standards for safeguarding and/ordisseminating agency information. |