Information Security Risk Evaluation of Region II – Atlanta, GA
Report Information
Recommendations
Update offsite backup storage procedures to include the correct references to the backup procedures for seat-managed and NRC-managed servers.
Establish a general laptop system and complete the process described in the NRC Laptop Security Policy for authorization of the general laptop system.
Update ROI 1250.1/1250.2 to correspond to the SGI laptop systems in use at Region II and currently authorized to operate.
Develop, document, and implement a procedure for reviewing and updating IT security program procedures, including regional office instructions, on an annual basis.