Text

OFFICIAL USE ONLY - SENSITIVE INTERNAL INFORMATION February 28, 2022 The Honorable Eugene L. Dodaro Comptroller General of the United States U.S. Government Accountability Office 441 G Street, NW Washington, DC 20548

Dear Mr. Dodaro:

On behalf of the U.S. Nuclear Regulatory Commission (NRC), I am providing the agencys Federal Information Security Management Act (FISMA) report for fiscal year (FY) 2021, as well as the required transmittal letter that accompanied the report when the NRC sent it to the Office of Management and Budget (OMB) in October 2021.

The NRC remains fully committed to maintaining the security of its automated information systems. The NRC became aware of the October 2021 findings identified in the Inspector Generals section of the enclosed report and will develop a plan to address them. Please contact me if you have any questions about the NRCs FY 2021 FISMA report or the transmittal letter to the OMB.

Sincerely, Signed by Dorman, Dan on 02/28/22 Daniel H. Dorman Executive Director for Operations

Enclosures:

1. SAOP/FY 2021 FISMA Report

2. CIO/Quarter 4 Annual FISMA Report

3. Computer Security Incident Response Policy

4. 2021 Privacy Program Memo

5. Agency Privacy Continuous Monitoring Strategy Enclosure 1, 2, and 3 transmitted

6. Agency Privacy Program - Uniform herewith contain Official Use Only-Resource Locator Sensitive Internal Information.

7. Agency Privacy Program Plan When separated from this

8. Social Security Number Eliminated and enclosure, this document is Progress Report decontrolled.

9. 10/18/2021 - Letter to S. Young, OMB OFFICIAL USE ONLY - SENSITIVE INTERNAL INFORMATION

ML22049A083 (Pkg.)

OFFICE OCIO/GEMSD/CSB QTE OCIO/GEMSD/D OCIO/CISO NAME GNalabandian JDougherty JMoses JFeibus DATE 02/22/2022 02/17/2022 02/22/2022 02/22/2022 OFFICE OGC/NLO OIG/AIGA OCIO/D OCA NAME MNorris ERivera DNelson EDacus DATE 02/22/2022 02/23/2022 02/23/2022 02/ /2022 OFFICE EDO NAME DDorman DATE 02/ 28 /2022