Skip to main content
Report File
Date Issued
Submitting OIG
Department of the Interior OIG
Other Participating OIGs
Department of the Interior OIG
Agencies Reviewed/Investigated
Department of the Interior
Components
Departmentwide
Department-wide
Report Number
ISD-IN-MOA-0004-2014-I
Report Type
Inspection / Evaluation
Agency Wide
Yes
Number of Recommendations
6
Questioned Costs
$0
Funds for Better Use
$0

Open Recommendations

This report has 1 open recommendations.
Recommendation Number Significant Recommendation Recommended Questioned Costs Recommended Funds for Better Use Additional Details
ISD-IN-MOA-0004-2014-I-04 No $0 $0

We recommend that DOI's Chief Information Officer incorporate and enforce the following items into its newly evolving vulnerability management program- a. enterprise-level monitoring and reporting of all devices and software packages; b. enterprise-level enforcement of consistent assessment, detection, prioritization and remediation techniques; c. required elevated account credential usage for testing; d. enterprise-level monitoring and bureau accountability for patch deployment; and e. enterprise-level quarantining for critically vulnerable systems that are not patched in a pre-defined timeframe.

Department of the Interior OIG

United States