Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock
()
or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Implement the technical capability to disable or remove users who are inactive for greater than the organizationally defined threshold of 90 days.
Enhance the periodic recertification of access by ensuring that managers review the access privileges of their staff against the most current segregation of duties matrix to ensure the roles currently assigned conform to policy. In addition, we recommend the help desk documents the removal of roles that management has noted as unnecessary and communicates the confirmation with management that the user’s roles were removed.
Enhance the process to help ensure that STAQS Access Request Forms are completed and retained.
Enhance the process to help ensure that NRC Form 270 is completed and retained for each employee that is separated from the NRC.