ML18219A955
ML18219A955 | |
Person / Time | |
---|---|
Issue date: | 08/07/2018 |
From: | Baker B NRC/OIG/AIGA |
To: | Margaret Doane NRC/EDO |
References | |
OIG-17-A-03 | |
Download: ML18219A955 (3) | |
Text
UNITED STATES NUCLEAR REGULATORY COMMISSION WASHINGTON, D.C. 20555-0001 OFFICE OF THE INSPECTOR GENERAL August 7, 2018 MEMORANDUM TO: Margaret M. Doane Executive Director for Operations FROM: Dr. Brett M. Baker /RA/
Assistant Inspector General for Audits
SUBJECT:
STATUS OF RECOMMENDATIONS: INDEPENDENT EVALUATION OF NRCS IMPLEMENTATION OF THE FEDERAL INFORMATION SECURITY MODERNIZATION ACT OF 2014 FOR FISCAL YEAR 2016 (OIG-17-A-03)
REFERENCE:
CHIEF INFORMATION OFFICER MEMORANDUM DATED JULY 2, 2018 Attached is the Office of the Inspector Generals (OIG) analysis and status of recommendations as discussed in the agencys response dated July 2, 2018. Based on this response, recommendation 4 is closed and recommendation 3 remains resolved.
Recommendations 1, 2, and 5 were closed previously. Please provide an updated status of the resolved recommendation by January 5, 2019.
If you have questions or concerns, please call me at (301) 415-5915, or Eric Rivera, Team Leader at (301) 415-7032.
Attachment:
As stated cc: H. Rasouli, OEDO R. Lewis, OEDO J. Jolicoeur, OEDO J. Bowen, OEDO EDO_ACS Distribution
INDEPENDENT EVALUATION OF NRCS IMPLEMENTATION OF THE FEDERAL INFORMATION SECURITY MODERNIZATION ACT OF 2014 FOR FISCAL YEAR 2016 OIG-17-A-03 Status of Recommendations Recommendation 3: Develop supporting processes, procedures, and guidance for ensuring the NRC systems inventory is maintained.
Agency Response Dated July 2, 2018: The NRC is on target to complete this activity by December 29, 2018.
Revised Target Completion Date: December 29, 2018 OIG Analysis: The proposed actions as initially identified in the agencys response dated December 7, 2016, meet the intent of the recommendation. OIG understands the need to revise the completion date and will close this recommendation when OIG receives evidence showing NRC has developed supporting processes, procedures, and guidance for ensuring the NRC systems inventory is maintained.
Status: Resolved.
INDEPENDENT EVALUATION OF NRCS IMPLEMENTATION OF THE FEDERAL INFORMATION SECURITY MODERNIZATION ACT OF 2014 FOR FISCAL YEAR 2016 OIG-17-A-03 Status of Recommendations Recommendation 4: Based on the updated inventory of contractor systems, identify those that are not compliant with ISD-PROS-2030, NRC Risk Management Framework, and complete appropriate authorization activities for those systems.
Agency Response Dated July 2, 2018: All of the 30 contractor systems are currently authorized.
The NRC believes the intent of the OIG recommendation has been fulfilled.
Target Completion Date: Completed OIG Analysis: OIG reviewed the documentation provided by the agency and determined NRC has identified those contractor systems that were not compliant with ISD-PROS-2030, NRC Risk Management Framework, and completed appropriate authorization activities. Therefore, this recommendation is considered closed.
Status: Closed.