CFPB Report: 2013-IT-C-020 December 2, 2013
| Rec. no. | Report page no. | Recommendation | Responsible office |
|---|---|---|---|
| 1 | 5 |
Strengthen the CFPB's information security continuous monitoring program by a. defining and implementing performance measures to facilitate decisionmaking and improve performance of the agency's continuous monitoring program. b. identifying additional automated tools to assess security controls and analyze and respond to the results of continuous monitoring activities. |
Office of the Chief Information Officer |
| 2 | 7 | Develop and implement an organization-wide configuration management plan and a consistent process for patch management. | Office of the Chief Information Officer |
| 3 | 8 | Design, develop, and implement a role-based security training program for individuals with significant security responsibilities. | Office of the Chief Information Officer |
| 4 | 10 | Ensure that audit logs and security incident information from all relevant sources are centrally tracked, analyzed, and correlated. | Office of the Chief Information Officer |
