U.S. Department of Agriculture, Office of the Chief Information Officer, Fiscal Year 2020 Federal Information Security Modernization Act
Report Information
Recommendations
We recommend the Department implement an improved patch and upgraded process to address security deficiencies identified by the independent OIG scans and SIEM.
We recommend the Department incorporate tools from DHS CDM Phase 2 and establish an ICAM steering committee to oversee the enterprise level ICAM approach.
We recommend the Department implement the policy and procedures related to media sanitization. In addition, the Department should consistently perform sanitization of decommissioned hardware devices and maintain the sanitization certifications.
We recommend the Department design and implement the necessary oversight and enforcement mechanisms and controls to ensure all system contingency plans are tested annually. The results of all tests should be reviewed annually to ensure corrective actions can be initiated, as necessary.