Independent Evaluation of the DNFSB’s Implementation of the Federal Information Security Modernization Act (FISMA) of 2014 for Fiscal Year 2020
Report Information
Recommendations
Continue current efforts to refine existing monitoring and assessment procedures to more effectively support ongoing authorization of the DNFSB system.
Update the DNFSB’s incident response plan to include profiling techniques for identifying incidents and strategies to contain all types of major incidents.
Based on the results of the DNFSB’s supply chain risk assessment included in the recommendation for the Identify function above, update the DNFSB’s contingency planning policies and procedures to address ICT supply chain risk.