.jpg?la=en&h=170&w=310&hash=28D637EA26BBE268084F86772B5A79DA)
Deutschland
India
Lietuva
United Kingdom
Search
Search
Search
The Department of Defense (DoD) has been under some level of financial statement audit for the last several years. The majority of information technology (IT) Notification of Findings and Recommendations (NFRs) are coming from areas that could have been detected and corrected during the Risk Management Framework (RMF) process. As a result, auditors are finding significant control deficiencies and material weaknesses for systems authorized under RMF. With the scope of the audit expanded to full financial statements, additional IT systems will be audited leading to more findings. RMF can be used as a tool to enforce compliance with audit requirements and decrease the volume of IT NFRs.
Guidehouse is a global advisory, technology, and managed services firm delivering value to commercial businesses and federal, state, and local governments. Serving industries focused on communities, energy, and infrastructure, healthcare, financial services, and defense and national security, we position clients for AI-led innovation, efficiency, and resilience.