Text of Recommendation | Improve the procurement risk assessment for mission-critical ICT products by incorporating necessary information from the vendor threat and product vulnerability assessments; complete likelihood and impact analyses for identified vulnerabilities, including assigning likelihood and impact ratings; and document an overall risk score for the procurement, to better align the procurement risk assessment with IC Standard 731-05. |
---|---|
Recommendation Number | 9 |
Recommendation Status | Open |
Significant Recommendation | No |
Recommendation Questioned Costs | $0 |
Recommendation Funds for Better Use | $0 |
Additional Information | Accurate as of February 29, 2024. Also available on the DOJ OIG's website at the following link. |
Additional Details Link |
Submitting OIG | |
---|---|
Linked Report |