Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock
()
or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Management should re-enforce requirements for performing DNFSBs change control procedures in accordance with the agency’s Configuration Management Plan by defining consequences for not following these procedures and conducting remedial training as necessary.
Implement procedures and define roles for reviewing configuration change activities to the DNFSB information system production environment by those with privileged access to verify the activity was approved by the system CCB and executed appropriately
Complete and document a risk-based justification for not implementing an automated solution (e.g. Splunk) to help maintain an up-to-date, complete, accurate, and readily available view of the security configurations for all information system components connected to the organization’s network.
Continue efforts to meet milestones of the DNFSB ICAM Strategy necessary for fully transitioning to DNFSB’s “to-be" ICAM architecture.
Complete current efforts to refine existing monitoring and
assessment procedures to more effectively support ongoing
authorization of the DNFSB system.