Annual Plan Fiscal Year 2024
The Annual Plan provides the audit and investigative strategies and associated summaries of the specific work planned for the coming year.
In addition, it sets forth the OIG’s formal process for identifying priority issues and managing its workload and resources for FY 2024. Since 2014, the NRC OIG has also been assigned to serve as the OIG for the Defense Nuclear Facilities Safety Board. A separate document contains the OIG’s Annual Plan for our work pertaining to that agency.
Audit of the U.S. Nuclear Regulatory Commission’s (NRC) Implementation of the Federal Information Security Modernization Act of 2014 for Fiscal Year 2023
For this year’s review, IGs were required to assess 20 Core IG FISMA Reporting Metrics and 20 Supplemental IG FISMA Reporting Metrics across five security function areas — Identify, Protect, Detect, Respond, and Recover — to determine the effectiveness of their agencies’ information security program and the maturity level of each function area.1 The maturity levels are: Level 1 - Ad Hoc, Level 2 - Defined, Level 3 - Consistently Implemented, Level 4 - Managed and Measurable, and Level 5 - Optimized.