Independent Evaluation of NRC’s Implementation of the Federal Information Security Management Act (FISMA) for FY 2011
Report Information
Recommendations
Revise existing configuration management procedures to include performance measures and/or monitoring procedures to ensure all identified vulnerabilities, including configuration-related vulnerabilities, scan findings and security patch-related vulnerabilities, are remediated in a timely manner in accordance with the timeframes established by NRC.