Date Issued
Report Number
OIG-23-A-11
Report Type
Audit
Description
The OIG contracted with CliftonLarsonAllen, LLP (CLA) to conduct a vulnerability assessment and an external penetration test of the U.S. Nuclear Regulatory Commission’s (NRC) information system environment in support of the NRC’s fiscal year (FY) 2023 Federal Information Security Modernization Act of 2014 (FISMA) audit. During the vulnerability assessment and external penetration test, CLA identified weaknesses that, if remediated, would help strengthen the NRC’s security posture.
Joint Report
No
Agency Wide
Yes (agency-wide)
Questioned Costs
$0
Funds for Better Use
$0