Audit of the NRC’s Implementation of the Federal Information Security Modernization Act (FISMA) of 2014 for Fiscal Year 2022
Report Information
Recommendations
Implement a process to validate that all personnel with privileged level responsibilities complete annual security awareness and role-based training.
Implement a process to validate that all new contractors complete their initial security training requirements and acknowledgement of rules of behavior prior to accessing the NRC environment and to subsequently ensure completion of annual security awareness training and renewal of rules of behavior is tracked.