Audit of NARA's Publicly-Accessible Websites
Report Information
Recommendations
We recommend the Chief Innovation Office (CINO) coordinate with the CIO to improve NARA’s management and internal controls surrounding the security of NARA’s publicly-accessible websites. Specifically, we recommend the CIO requires all NARA publicly-...
We recommend the Chief Innovation Office (CINO) coordinate with the CIO to improve NARA’s management and internal controls surrounding the security of NARA’s publicly-accessible websites. Specifically, we recommend the CIO analyzes all publicly-...
We recommend the Chief Innovation Office (CINO) coordinate with the CIO to improve NARA’s management and internal controls surrounding the security of NARA’s publicly-accessible websites. Specifically, we recommend the CIO requires users to change their...
We recommend the Chief Innovation Office (CINO) coordinate with the CIO to improve NARA’s management and internal controls surrounding the security of NARA’s publicly-accessible websites. Specifically, we recommend the: CINO coordinate with the CIO on...
We recommend the Chief Innovation Office (CINO) coordinate with the CIO to improve NARA’s management and internal controls surrounding the security of NARA’s publicly-accessible websites. Specifically, we recommend the CIO documents the process...
We recommend the Chief Innovation Office (CINO) coordinate with the CIO to improve NARA’s management and internal controls surrounding the security of NARA’s publicly-accessible websites. Specifically, we recommend the CIO regularly (at least quarterly...
We recommend the CIO document a process to review all security assessments by a qualified official.
We recommend the CIO ensure Information Services personnel review all cloud hosting security assessments.
We recommend the CIO ensure Information Services personnel document their review of the IT security assessments.