U.S. flag

An official website of the United States government

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

U.S. Nuclear Regulatory Commission’s Vulnerability Assessment and External Penetration Test

Report Information

Date Issued
Report Number
OIG-23-A-11
Report Type
Audit
Description
The OIG contracted with CliftonLarsonAllen, LLP (CLA) to conduct a vulnerability assessment and an external penetration test of the U.S. Nuclear Regulatory Commission’s (NRC) information system environment in support of the NRC’s fiscal year (FY) 2023 Federal Information Security Modernization Act of 2014 (FISMA) audit. During the vulnerability assessment and external penetration test, CLA identified weaknesses that, if remediated, would help strengthen the NRC’s security posture.
Joint Report
No
Agency Wide
Yes (agency-wide)
Questioned Costs
$0
Funds for Better Use
$0
View report on Oversight.gov

Recommendations

No recommendations at this time.