Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock
()
or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
We recommend that the Director develop a strategy and structure that integrates information security into the agency’s business operations. This should include an established responsibility for assessing information security risks in all agency programs and operations and providing this analysis to senior leadership, including the ERM Council, for decision-making.
that the Director develop a strategy and structure that integrates information security into the agency’s business operations. This should include an established responsibility for assessing information security risks in all agency programs and operations and providing this analysis to senior leadership, including the ERM Council, for decision-making.
We recommend that the Director appoint the chief information security officer to serve on the Enterprise Risk Management Council as a voting member.
OIG recommended that the Director appoint the chief information security officer to serve on the Enterprise Risk Management Council as a voting member
We recommend that the Director further define and implement the Enterprise Risk Management program to ensure information security risks are communicated and monitored at the system, business process, and entity levels.