Date Issued
Report Number
2023-20-023
Report Type
Audit
Joint Report
No
Agency Wide
Yes (agency-wide)
Questioned Costs
$0
Funds for Better Use
$0
Recommendations
Implement a process to create and maintain an approved consolidated list mapping systems to MEFs.
Ensure that the disaster recovery planning tool is updated with the current systems supporting MEFs and periodically validated to ensure accuracy.
The CIO should coordinate with system owners to ensure that they update their respective system’s RTO.
Ensure that the Cybersecurity and Enterprise Operations functions, in conjunction with the business operating divisions and, as needed, with the new replication vendor, perform disaster recovery testing of the three systems that were not yet tested in FISMA Year 2023.
Develop Plan of Action and Milestones to document the planned remediation actions to ensure that systems are recovered within the MTD for MEFs.