Consumer Product Safety Risk Management System Information Security Review Report
Open Recommendations
Identify the participants of the CPSC Risk Executive Council and define specific tasks/milestones for implementing the proposed Risk Management Framework.
Develop an Enterprise Architecture that includes a comprehensive IT security architecture using the CIO Council's guidance and incorporate this into the Security Control Documents.
Fully document the implementation of the security controls.
Update the CPSRMS SSP to be the single authoritative system security document.
Define the specific Public Access controls in place/planned.