U.S. flag

An official website of the United States government

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.


Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.


Security Weaknesses Are Not Timely Resolved and Effectively Managed

Report Information

Date Issued
Report Number
Report Type
Joint Report
Agency Wide
Yes (agency-wide)
Questioned Costs
Funds for Better Use


Consolidate the best business unit POA&M remediation practices and implement a consistent process agency-wide to adequately manage security risk remediation in accordance with Federal guidelines.

Prioritize staffing and other resource allocations to address both management and remediation of POA&Ms agency-wide and review progress on an ongoing basis.

Specifically consider POA&M estimated costs in budget formulation.

Collaborate with business unit representatives to ensure POA&M costs are updated at closure.