Text of Recommendation | FHFA should identify and implement solutions, in coordination with vendors, where a solution does not exist for systems to natively forward event logs to the SIEM tool. If there are no viable solutions, perform a risk assessment and cost benefit analysis. Based on the risk assessment, document any risk-based decisions, including compensating controls, for systems not in compliance with OMB M-21-31.
|
---|---|
Recommendation Number | AUD-2023-004-6 |
Recommendation Status | Open |
Significant Recommendation | No |
Recommendation Questioned Costs | $0 |
Recommendation Funds for Better Use | $0 |
Submitting OIG | |
---|---|
Linked Report |