NASA OIG outlines recommendations for improvement of Information Security Program

“In order to strengthen the Agency’s information security program, we made nine recommendations to the Acting Chief Information Officer to include: (1) ensuring the information system oversight process identifies delinquent control risk assessments and timely corrective action initiated to ensure that controls are reviewed and tested; (2) issuing clarifying policy guidance to ensure that controls for all active NASA information systems that are categorized as “other than satisfied” are properly supported; (3) issuing clarifying policy guidance that the Agency’s system authorizing officials should ensure that all active information systems operated for the benefit of NASA are covered by an approved contingency plan, when required; (4) issuing clarifying policy guidance that the Agency’s system authorizing officials should implement a review process to ensure that contingency plans for all applicable active information systems are reviewed on an annual basis; and (5) developing and implementing an effective process to ensure that all IT Security Handbooks and other IT governance documents are reviewed and updated at least annually in accordance with NASA requirements.” Access the full report here.

Source: Evaluation of NASA’s Information Security Program under the Federal Information Security Modernization Act for Fiscal Year 2019 – June 25, 2020.


This topic contains 0 replies, has 1 voice, and was last updated by  Jackie Gilbert 7 months ago.

  • Author
  • #101252

    Replies viewable by members only


You must be logged in to reply to this topic.


Questions?. Send us an email and we'll get back to you, asap.


©2021 G2Xchange all rights reserved | Community and Member Guidelines | Privacy Policy | About G2Xchange FedCiv

Opportunities. Starting Points.

About our Data

The Vault is a listing of expiring contracts, task orders, etc. within a certain set of parameters, to include:

  • Have an initial total estimated contract value of $10 million or above
  • Federal Civilian Only – DHS, Transportation, Justice, Labor, Interior, Commerce, Energy, State, and Treasury Actions
  • NAICS codes include: 511210, 518210, 519130, 519190, 541511,
    541513, 541519, 541611, 541618,
    541690, 541720, 541990
  • Were modified within the last 12 calendar months
  • The data represented is based on information provided by the government

Who has access? Please note that ALL G2Xchange FedCiv Members will receive access to all basic and much of the advanced data. G2Xchange FedCiv Corporate Members will receive access to ALL Vault content (basic and advanced).

Feedback/Suggestions? Contact us at and let us know what you think. 

G2Xchange FedCiv

Log in with your credentials for G2Xchange FedCiv

Forgot your details?