Submitting OIG:
Report Description:
The OIG contracted with CliftonLarsonAllen, LLP (CLA) to conduct a vulnerability assessment and an external penetration test of the U.S. Nuclear Regulatory Commission’s (NRC) information system environment in support of the NRC’s fiscal year (FY) 2023 Federal Information Security Modernization Act of 2014 (FISMA) audit. During the vulnerability assessment and external penetration test, CLA identified weaknesses that, if remediated, would help strengthen the NRC’s security posture.
Date Issued:
Friday, September 29, 2023
Agency Reviewed / Investigated:
Submitting OIG-Specific Report Number:
OIG-23-A-11
Location(s):
Agency-Wide
Type of Report:
Audit
Questioned Costs:
$0
Funds for Better Use:
$0
Number of Recommendations:
2
Report updated under NDAA 5274:
No
View Document:
| Attachment | Size |
|---|---|
 OIG-23-11NRC-VAPT-Results-BriefPublicly-Available92923HV.pdf | 7.65 MB |