U.S. flag

An official website of the United States government

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Independent Evaluation of NRC’s Implementation of the Federal Information Security Management Act for Fiscal Year 2014

Report Information

Date Issued
Report Number
OIG-15-A-02
Report Type
Inspection / Evaluation
Joint Report
No
Agency Wide
No (location specific)
Questioned Costs
$0
Funds for Better Use
$0
View report on Oversight.gov

Recommendations

In support of continuous monitoring, develop a plan and schedule for updating all NRC system security plans, as well as the NRC Information Security Program Plan, to reflect NIST SP 800-53, Revision 4.

Based on the updated inventory of contractor systems, identify those that are not compliant with CSO-PROS-2030, NRC Risk Management Framework, and complete appropriate authorization activities for those systems.

Based on the updated inventory of contractor systems, identify those that are not compliant with CSO-PROS-2030, NRC Risk Management Framework, and complete appropriate authorization activities for those systems.