USAID's Chief Information Officer conduct updated risk assessments for the two systems we identified
USAID's Chief Information Officer perform security controls assessments for the two systems we identified.
USAID's Chief Information Officer determine whether the Agency included cybersecurity duties in position descriptions and performance plans. If not, take corrective action, including addressing the causes for not doing so.
USAID's Chief Information Officer determine whether the Agency developed and implemented policies and procedures for maintaining data and metadata inventories for its various data types, including data from third-party providers. If not, take corrective action, including addressing the causes for not doing so.
USAID's Chief Information Officer determine whether the Agency implemented network monitoring and enforcement mechanisms to identify and disconnect or isolate noncompliant devices. If not, take corrective action, including addressing the causes for not doing so.