United States African Development Foundation's chief information security officer fully develop and document a risk management strategy for information technology operations that requires the Foundation to identify: (i) risk assumptions; (ii) risk constraints (iii) risk tolerance; and (iv) priorities and trade-offs.
United States African Development Foundation's chief information security officer update the Foundation's access control policies and procedures to include the use of personal identity verification credentials and how the credentials are enforced for logical access to USADF's information technology resources.
United States African Development Foundation's chief information security officer update the Foundation's continuous monitoring policies and procedures to include how its chief Information officer, information technology systems administrator, and security analyst gather, document, assess, and remediate information system vulnerabilities, threats, and risks in a timely manner and then implement the procedures.