The Chief Information Officer finalize and implement the Standard Operating Procedure for the Use of ePolicy Orchestrator Policy Auditor For Baselines Monitoring and Reporting.
The Chief Information Officer document and implement a process to ensure that all baselines are appropriately implemented and periodically checked for compliance in accordance with Agency policy.
The Chief Information Officer develop and implement a process to remediate vulnerabilities within an Agency-defined time frame, as appropriate, or document acceptance of the risks of those vulnerabilities.
The Chief Information Officer document and implement a process for monitoring Agency devices for unauthorized application software, preventing the installation of such software, and removing it if found.