U.S. flag

An official website of the United States government

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Breadcrumb

Audit of the DNFSB’s Implementation of the Federal Information Security Modernization Act (FISMA) of 2014 for Fiscal Year 2022

Report Information

Date Issued
Report Number
DNFSB-22-A-07
Report Type
Audit
Joint Report
No
Agency Wide
Yes (agency-wide)
Questioned Costs
$0
Funds for Better Use
$0

Recommendations

Implement a process to ensure a security control assessment for the DNFSB GSS is completed and documented on an annual basis.

Implement a process to validate the DNFSB GSS security authorization is maintained in accordance with DNFSB policy.

Enforce existing DNFSB policy requirements to document security impact analyses, test plans, test results and backout plan requirements for each change.

Complete the implementation and consistent performance of monthly reviews to ensure security impact analyses, test plans, test results and backout plans are documented as required for each change.

Complete the implementation of the configuration management training program and provide periodic refreshers to ensure evidence requirements are captured for change tickets.

Complete the implementation of the configuration management training program