Audit of NRC's Laptop Management
Develop agencywide policy and procedures regarding the
implementation and monitoring of security controls, especially
concerning virus protection and operating system updates, for
all agency-owned laptop computers.
Communicate the policy in recommendation 1 to the agency
when initially complete. Send periodic reminders of the policy
requirements, as well as detailed instructions on how to fulfill the
Provide mandatory formal training to all IT coordinators and
property custodians on how to update security controls on
Develop a process for verifying that all required security controls
are implemented on agency-owned laptops.
Develop a protocol to facilitate the efficient and routine updating
of agency-owned laptops located at headquarters.