Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock
()
or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Define audit review, analysis and reporting policies and procedures for the tool and the independent review of logged activity on a periodic basis (performed by one who is knowledgeable but not performing the activity).
Implement the defined audit review, analysis, and reporting policies and procedures for the tool and ensure operational effectiveness and compliance.
Align its process to approved policies to ensure they are congruent.
Perform, document, and maintain supporting audit evidence.
Ensure that all identified vulnerabilities are appropriately remediated per EXIM policies.
Formally document and track all vulnerabilities that will not be mitigated accordingly.
Enforce EXIM’s existing policies and procedures regarding access control management related to recertification and formally document the performance in a timely manner.
Enhance the precision of the review control over the re-estimate model to ensure all relevant data is input accurately.