.jpg?la=en&h=170&w=310&hash=28D637EA26BBE268084F86772B5A79DA)
Deutschland
India
Lietuva
United Kingdom
Search
Search
Search
The Department of Defense (DoD) has been under some level of financial statement audit for the last several years. The majority of information technology (IT) Notification of Findings and Recommendations (NFRs) are coming from areas that could have been detected and corrected during the Risk Management Framework (RMF) process. As a result, auditors are finding significant control deficiencies and material weaknesses for systems authorized under RMF. With the scope of the audit expanded to full financial statements, additional IT systems will be audited leading to more findings. RMF can be used as a tool to enforce compliance with audit requirements and decrease the volume of IT NFRs.
Guidehouse is a global consultancy providing advisory, digital, and managed services to the commercial and public sectors. Purpose-built to serve the national security, financial services, healthcare, energy, and infrastructure industries, we collaborate with leaders to outwit complexity and achieve transformational changes that meaningfully shape the future.