ML18163A218
| ML18163A218 | |
| Person / Time | |
|---|---|
| Issue date: | 06/12/2018 |
| From: | Baker B NRC/OIG/AIGA |
| To: | Roscetti C, Sklar G NRC/OGC |
| References | |
| DNFSB-16-A-07 | |
| Download: ML18163A218 (3) | |
Text
Defense Nuclear Facilities Safety Board Washington, DC 20004-2901 Office of the Inspector General June 12, 2018 MEMORANDUM TO: Glenn Sklar General Manager Christopher Roscetti Deputy General Manager FROM: Dr. Brett M. Baker /RA/
Assistant Inspector General for Audits
SUBJECT:
STATUS OF RECOMMENDATIONS: CYBERSECURITY ACT OF 2015 AUDIT FOR DNFSB (DNFSB-16-A-07)
REFERENCE:
GENERAL MANAGER MEMORANDUM DATED MAY 30, 2018 Attached is the Office of the Inspector Generals (OIG) analysis and status of recommendations as discussed in the Boards response dated May 30, 2018. Based on this response, recommendations 1 and 2 remain in resolved status. Please provide an updated status of the resolved recommendations by September 4, 2018.
If you have any questions or concerns, please contact me at (301) 415-5915 or Beth Serepca, Team Leader, at (301) 415-5911.
Attachment:
As stated cc: R. Howard, OGM
Audit Report CYBERSECURITY ACT OF 2015 AUDIT FOR DNFSB DNFSB-16-A-07 Status of Recommendations Recommendation 1: Revise current policies and procedures to comply with the Privacy Act of 1974 Requirements and E-Government Act of 2002, and assign responsibility for complying with those requirements.
Agency Response Dated May 30, 2018: Work continues on the Operating Procedures and it is expected to be introduced into the formal concurrence process by June 15, 2018, and published by August 31, 2018.
Implementation of this recommendation is still in progress.
OIG Analysis: The proposed corrective action of updating the Operating Procedures addresses the intent of OIGs recommendation to revise the policies and procedures. This recommendation will be closed when OIG receives and reviews the revised Operating Procedures and verifies they assign responsibility for complying with the Privacy Act of 1974 and E-Government Act of 2002.
Status: Resolved.
Audit Report CYBERSECURITY ACT OF 2015 AUDIT FOR DNFSB DNFSB-16-A-07 Status of Recommendations Recommendation 2: Finalize, publish, and disseminate the Draft Handbook for Safeguarding Personally Identifiable Information, dated October 2015.
Agency Response Dated May 30, 2018: The Handbook was converted to a Work Practice in accordance with OGC recommendations. The Work Practice is currently in the formal concurrence process with Office Directors, and is expected to be completed by August 31, 2018.
Implementation of this recommendation is still in progress.
OIG Analysis: The proposed corrective action of issuing a Work Practice addresses the intent of OIGs recommendation. This recommendation will be closed when OIG receives and reviews the finalized Work Practice and verifies it contains language for safeguarding personally identifiable information, and was disseminated.
Status: Resolved.