Writing at CSO, the inimitable George V. Hulme reports independent auditors have released their screed illustrating the failure of the United States Nuclear Regulatory Commision to achieve certification relevant to statutes inherent in the Federal Information Security Management Act of 2002 (FISMA). Evidentiary data within the report alludes to fundamental challenges within the Commission’s information security and vulnerability management program.
You can examine detailed guidance via the National Institute of Standards and Technology’s Special Publication 800-53 “Recommended Security Controls for Federal Information Systems”.
I highly encourage you to read George V. Hulmes’ well-crafted write-up at CSOOnline, and communicate with your Congressional Representatives and Senators to spur the Commission to adhere to the Act, Stat.