ML19032A077
| ML19032A077 | |
| Person / Time | |
|---|---|
| Issue date: | 02/01/2019 |
| From: | Baker B NRC/OIG/AIGA |
| To: | Sklar G NRC/OIG |
| References | |
| DNFSB-16-A-07 | |
| Download: ML19032A077 (3) | |
Text
Defense Nuclear Facilities Safety Board Washington, DC 20004-2901 Office of the Inspector General February 1, 2019 MEMORANDUM TO: Glenn Sklar General Manager FROM: Dr. Brett M. Baker /RA/
Assistant Inspector General for Audits
SUBJECT:
STATUS OF RECOMMENDATIONS: CYBERSECURITY ACT OF 2015 AUDIT FOR DNFSB (DNFSB-16-A-07)
REFERENCE:
GENERAL MANAGER MEMORANDUM DATED JANUARY 14, 2019 Attached is the Office of the Inspector Generals (OIG) analysis and status of recommendations as discussed in the Boards response dated January 14, 2019. Based on this response, recommendations 1 and 2 are closed. As such, all recommendations for this report are now closed.
If you have any questions or concerns, please contact me at (301) 415-5915 or Eric Rivera, Team Leader, at (301) 415-7032.
Attachment:
As stated cc: R. Howard, OGM
Audit Report CYBERSECURITY ACT OF 2015 AUDIT FOR DNFSB DNFSB-16-A-07 Status of Recommendations Recommendation 1: Revise current policies and procedures to comply with the Privacy Act of 1974 Requirements and E-Government Act of 2002, and assign responsibility for complying with those requirements.
Agency Response Dated January 14, 2019: OGM/Division of Operational Services has revised current policy and procedures to comply with the Privacy Act of 1974, and assigned the Privacy Officer the responsibility for compliance to those requirements. The Privacy Officer is designated responsibility for reporting directly to the GM on these responsibilities. Directive D-260.2 is attached below as supporting documentation. The corresponding Operating Procedure and Handbook for Safeguarding Personally Identifiable Information have also been published and are attached below as supporting documentation.
We request closure of this recommendation based on the supporting documentation provided in this status update.
OIG Analysis: OIG reviewed the documentation for the Privacy Program Directive (D-260.2), approved on May 23, 2017; Privacy Program Compliance Guidance Handbook, dated October 2018; and the Privacy Program Operating Procedures (OP-260.2-1) provided by the agency. OIG determined that the agency has revised current policies and procedures to comply with the Privacy Act of 1974 Requirements and the E-Government Act of 2002, and assigned responsibility for complying with those requirements.
Status: Closed.
Audit Report CYBERSECURITY ACT OF 2015 AUDIT FOR DNFSB DNFSB-16-A-07 Status of Recommendations Recommendation 2: Finalize, publish, and disseminate the Draft Handbook for Safeguarding Personally Identifiable Information, dated October 2015.
Agency Response Dated January 14, 2019: OGM/Division of Operational Services has finalized and published the Operating Procedure and Handbook for Safeguarding Personally Identifiable Information, which are attached below as supporting documentation.
We request closure of this recommendation based on the supporting documentation provided in this status update.
OIG Analysis: OIG reviewed the documentation provided by the agency for the Privacy Program Compliance Guidance Handbook, dated October 2018 and the operating procedures for the Privacy Program Operating Procedures (OP-260.2-1),
approved on October 11, 2018. OIG has determined that the agency has finalized, published, and disseminated the Handbook for Safeguarding Personally Identifiable Information, dated October 2018. Therefore, this recommendation is considered closed.
Status: Closed.