U.S. flag

An official website of the United States government

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.


Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.


Independent Evaluation of NRC's Implementation of the Federal Information Security Modernization Act of 2014 for FY 2018

Report Information

Date Issued
Report Number
Report Type
Inspection / Evaluation
Joint Report
Agency Wide
No (location specific)
Questioned Costs
Funds for Better Use


Develop and implement a process to remove all non-standard software that has not been approved by an authorized agency official.

Implement a process to manage non-standard software to
ensure the software is properly approved and inspected for
security weaknesses before the software is installed on NRC’s network.

Monitor the approved installed software on NRC’s network to
determine whether it is still in use, periodically inspect the
software for known vulnerabilities, and mitigate any vulnerabilities found.

Develop and establish processes and procedures to govern
the installation of non-standard software, including processes and procedures on determining impact to agency operations or cybersecurity.

Implement a process to remove unsupported software from
NRC networks.