OIG: NASA Information Security Does Not Fully Meet DHS Requirements
NASA OIG Annual Report: Federal Information Security Management Act: Fiscal Year 2011 Evaluation
“Overall, the Agency established and is maintaining a program for each of the 11 areas listed above. However, the Agency’s programs for risk management, configuration monitoring management, and POA&M need significant improvements as they do not include all required attributes identified by the Department of Homeland Security.”