Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock
()
or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Update the rack diagrams for each NRC remote location.
Provide refresher training to all staff responsible for implementing NRC’s POA&M process.
Configure the agency’s automated POA&M tool to do the following: (i) prevent scheduled completion dates from being changed, (ii) prevent weaknesses from being created without a scheduled completion date or weakness source, (iii) prevent weaknesses from being closed without specifying an actual date closed, (iv) prevent users from entering actual completion dates in the future, (v) prevent users from entering an actual completion date when the status is not closed, and (vi) automatically change the weakness status from on track to delayed once the scheduled completion date has passed.
Update the IT environment contingency plan to include procedures for responding to short-term disruptions (those that last less than 24 hours), such as restoring components using alternate equipment or performing some or all of the affected business processes using alternate processing (manual) means.
Update the IT environment contingency plan to update contingency planning procedures specific to NRC remote locations that are not up-to-date. Specifically, update the list of IT environment servers supporting NRC remote locations that are referenced in Appendix H of the IT environment contingency plan and update the contingency plans for NRC remote locations that are attached to the IT environment contingency plan.