Independent Evaluation of the DNFSB’S Implementation of the Federal Information Security Modernization Act of 2014 for FY 2021
Report Information
Recommendations
Configure all incident response tools in place to be interoperable, can collect and retain relevant and meaningful data that is consistent with the incident response policy, plans and procedures.
Develop and track metrics related to the performance of contingency planning and recovery related activities.
Conduct a business impact assessment within every two years to assess mission essential functions and incorporate the results into strategy and mitigation planning activities.
Implement role-based training for individuals with significant contingency planning and disaster recovery related responsibilities.