Text of Recommendation | We recommend that OPM document the governance requirements of the CSCC that at a minimum contain the following elements as stated by NIST: a) Assigns responsibilities for oversight of the CSCC; b) Mandates the same assessment and monitoring requirements as system-specific controls in OPM information systems; and c) Requires the communication of assessment results to SOs and ISSOs. |
---|---|
Recommendation Number | 1 |
Recommendation Status | Closed |
Significant Recommendation | No |
Recommendation Questioned Costs | $0 |
Recommendation Funds for Better Use | $0 |
Submitting OIG | |
---|---|
Linked Report |