Audit of USAID's Federal Information Security Management Act of 2002 Action Plan

Recommendations

Recommendation 1

The Chief Information Officer update the USAID FISMA Cybersecurity Roadmap and Work Plan to address each activity and milestone clearly in the Federal Information Security Management Act action plan.

Questioned Cost:
$0
Close Date:
Recommendation 2

The Chief Information Officer fully implement a process to test FISMA Action Plan activities identified as complete before closing them in the USAID FISMA Cybersecurity Roadmap and Work Plan.

Questioned Cost:
$0
Close Date:
Recommendation 3

The Chief Information Officer test activities already identified as complete to verify they have been implemented fully and effectively.

Questioned Cost:
$0
Close Date:
Recommendation 4

The Chief Information Officer document and implement a formal process to centrally review all USAID security assessment packages for proper selection, documentation, and evaluation of security controls before the packages are sent to the Chief Information Officer for approval.

Questioned Cost:
$0
Close Date: