Audit of NRC's Information Technology Governance
Report Information
Recommendations
Revise the IPEC and ITB charters to more clearly define:
• Roles and responsibilities.
• The evaluation, approval, and decision followup process.
Revise NRC Management Directive 2.8 to include:
• Current IT governance stakeholder requirements.
• A definition of IT governance, structure, and processes.
Update and finalize the CONOPS to be consistent with current practice, including a schedule for full implementation.
Develop and implement a comprehensive IT governance
communication strategy that:
• Promotes buy in from regional and program office stakeholders by requesting feedback.
• Clearly explains the policies and procedures of the IPEC and ITB charters, as well as the CONOPS, to all stakeholders.
• Provides easily retrievable access to the updated charters and CONOPS.