U.S. flag

An official website of the United States government

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Independent Evaluation of NRC's Implementation of the FISMA Act of 2014 for FY17

Report Information

Date Issued
Report Number
OIG-18-A-02
Report Type
Inspection / Evaluation
Joint Report
No
Agency Wide
No (location specific)
Questioned Costs
$0
Funds for Better Use
$0
View report on Oversight.gov

Recommendations

Perform a gap analysis to identify required IT security program documents, IT security program documents that need to be developed, and IT security program documents that need to be updated and/or finalized.

Develop a schedule for developing, updating and completing all required IT security program documentation.

Develop policies and procedures for keeping IT security program documentation up-to-date.

Develop and implement a schedule for reviewing and updating all security categorizations.

Develop and implement a schedule for reviewing and updating all business impact assessments and for developing them if they are missing.