U.S. Department of Agriculture, Office of the Chief Information Officer, Fiscal Year 2019 Federal Information Security Modernization Act

To help ensure that contractors gain tax-exempt status and prevent inappropriate reimbursement of taxes, we recommend that the Department of State Office of Procurement Executive; USAID Office of Acquisition and Assistance; the Commander USACE; and the Commander CJTSCC: Issue guidance and training to contracting officers on how to properly identify taxes in contracts and invoices.

Perform a complete review to identify the full population and last review date of all IT policies and procedures maintained by the Department. For each policy/procedure that does not have evidence of review within the time frame prescribed by DR 0100-001, perform a review, and make appropriate revisions before obtaining the appropriate approver’s signature and timestamp. Revised policies/procedures should be disseminated to employees as required by NIST SP 800-53 Revision 4.

Enforce USDA’s non-mission software policy and remove the unauthorized software from USDA systems.