Audit of NRC's Laptop Management
Report Information
Recommendations
Develop agencywide policy and procedures regarding theimplementation and monitoring of security controls, especiallyconcerning virus protection and operating system updates, forall agency-owned laptop computers.
Communicate the policy in recommendation 1 to the agencywhen initially complete. Send periodic reminders of the policyrequirements, as well as detailed instructions on how to fulfill therequirements.
Provide mandatory formal training to all IT coordinators andproperty custodians on how to update security controls onlaptops.
Develop a process for verifying that all required security controlsare implemented on agency-owned laptops.
Develop a protocol to facilitate the efficient and routine updatingof agency-owned laptops located at headquarters.