United States
U.S. Department of Agriculture, Office of the Chief Information Officer, Fiscal Year 2019 Federal Information Security Modernization Act
Report Information
Recommendations
Perform a complete review to identify the full population and last review date of all IT policies and procedures maintained by the Department. For each policy/procedure that does not have evidence of review within the time frame prescribed by DR 0100-001, perform a review, and make appropriate revisions before obtaining the appropriate approver’s signature and timestamp. Revised policies/procedures should be disseminated to employees as required by NIST SP 800-53 Revision 4.
Enforce USDA’s non-mission software policy and remove the unauthorized software from USDA systems.