Audit Reports
Report Recommendations
# | Recommendation | Status | Value | Initial Management Response | USPS Proposed Resolution | OIG Response | Final Resolution |
---|---|---|---|---|---|---|---|
1 | R - 1 -- Provide system administrators access to current hardening standards policies. |
Closed | $0 | Agree | |||
2 | R - 2 -- Conduct a thorough review of vendor recommendations for patching and Postal Service standards for configuration to ensure appropriate measures are taken to correct the significant number of identified vulnerabilities. |
Closed | $0 | Agree | |||
3 | R - 3 -- Develop a technical refresh plan for the engineering infrastructure that addresses obsolete Windows operating systems. |
Closed | $0 | Agree | |||
4 | R - 4 -- Configure and patch operating systems according to Handbook AS-805, Information Security, requirements. |
Closed | $0 | Disagree | |||
5 | R - 5 -- Review information system configurations in accordance with policy to ensure information systems remain configured according to security standards. |
Closed | $0 | Agree | |||
6 | R - 6 -- Configure and patch all database servers to ensure compliance with appropriate hardening standards for their configuration. |
Closed | $0 | Agree | |||
7 | R - 7 -- Determine the minimum privileges necessary for the Biohazard Detection Servers anonymous Internet guest account to function and configure the guest account accordingly. |
Closed | $0 | Agree | |||
8 | R - 8 -- Ensure all personnel with access to Postal Service resources receive annual security awareness training or provide a waiver for all personnel considered exempt from training. |
Closed | $0 | Agree |