|
|
||||||||||||||||||
Use layout NORIGHTSIDEBAR NORIGHTSIDEBAR Effective Date: October 1, 2016 - September 30, 2017
...
5.2 FY17 Assessment Schedule
| # | Assessment Type | Schedule (and Title) | Performed By |
|---|---|---|---|
2.2 | Peer Reviews | Every 3-5 years, last assessed in June 2010. | Similar institutions |
2.3 | Internal Audit | Per IAS Audit Plan. The FY17 audit plan does not include any IT focused audits, although some of the audits will likely touch IT. | Berkeley Lab Internal Audit Services |
2.4 | IG Audits and Reviews | Assessment of Berkeley Lab occurs at the discretion of oversight entity, audits include:
| DOE Inspector General (often using KPMG) |
2.5 | Berkeley Site Office Oversight Activities | Assessment occurs at the discretion of oversight entity. | BSO |
2.5 | DOE-HSS Oversight Activities | Assessment occurs at the discretion of oversight entity. | DOE-HSS |
| 2.5 | Safeguard and Security Review | Every 3 years. Scheduled for Q1 FY 17 | DOE Office of Science |
2.6 | Advisory Board | Typically annually. | Board members |
3.2 | Project Assessments | Within 1 month of end of FY. | Office of the CIO |
3.3 | Self-Assessment Risk Assessment | Annually by Q1 FY. | Office of the CIO/Cyber Security Program |
3.4 | FMFIA/Entity Assessment | Last assessed Q4 FY13 (Subset of controls related to IT operations). | Berkeley Lab Line Management |
3.5 | UC Self-Assessment | Assessment occurs at the discretion of UC. Scheduled for Q2 FY 17. | Office of the CIO/Cyber Security Program |
3.6 | IAS Advisory Service | Follow-up to Q4 FY16 Multifactor Authentication Implementation Management Advisory by request of IT. End of Q1 FY17. | Berkeley Lab Internal Audit Services |
