The Chief, FMSS, should update the EPACS Operations Guide to provide clarity on granting and disabling operator accounts and the specific entitlements that are required in the BEARS for all EPACS roles.
The Chief Information Officer should ensure that the Cybersecurity function’s Enterprise Security Audit Trails team in collaboration with the ACM team prioritizes completing the Audit Worksheet so that the audit logs can be monitored and reviewed.
Ensure that all 1,286 noncompliant card readers are replaced with Federally compliant card readers and are properly configured.
Replace the two single-factor authentication card readers in the Limited Areas at Site 1 and the broken two-factor authentication card reader at Site 3.
Determine the cause for the inoperable alarm at Site 6 and resolve the issue to enable alarms to appear in the EPACS Event Viewer.