U.S. flag

An official website of the United States government

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.


Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.


Independent Evaluation of NRC's Implementation of the Federal Information Security Modernization Act of 2014 For FY 2016

Report Information

Date Issued
Report Number
Report Type
Inspection / Evaluation
Joint Report
Agency Wide
Yes (agency-wide)
Questioned Costs
Funds for Better Use


Develop a plan and schedule for ensuring all common controls are tested in accordance with NRC’s continuous monitoring process.

Develop a plan and schedule for developing a comprehensive inventory of all NRC systems.

Develop supporting processes, procedures, and guidance for ensuring the NRC systems inventory is maintained.

Based on the updated inventory of contractor systems, identify those that are not compliant with ISD-PROS-2030, NRC Risk Management Framework, and complete appropriate authorization activities for those systems.

Develop procedures for ensuring the annual IT risk management activities for systems owned and/or operated by other agencies or contractors are completed in accordance with NRC requirements.