Audit of USAID's Computer Network Change-Control Process

Recommendations

Recommendation 1

The Chief Information Officer finalize and implement the Standard Operating Procedure for the Use of ePolicy Orchestrator Policy Auditor For Baselines Monitoring and Reporting.

Questioned Cost:
$0
Close Date:
Recommendation 2

The Chief Information Officer document and implement a process to ensure that all baselines are appropriately implemented and periodically checked for compliance in accordance with Agency policy.

Questioned Cost:
$0
Close Date:
Recommendation 3

The Chief Information Officer develop and implement a process to remediate vulnerabilities within an Agency-defined time frame, as appropriate, or document acceptance of the risks of those vulnerabilities.

Questioned Cost:
$0
Close Date:
Recommendation 4

The Chief Information Officer document and implement a process for monitoring Agency devices for unauthorized application software, preventing the installation of such software, and removing it if found.

Questioned Cost:
$0
Close Date: