ig_recommendations: 36

This data as json

rowid	report_id	rec_number	significant	text	questioned_costs	funds_for_better_use
36	2025-audit-cfpbs-information-security-program	4	No	Perform a review of previously granted risk acceptance memorandums to determine whether they were based on a complete review of the system or common controls (as required by National Institute of Standards and Technology Special Publication 800-37, Revision 2) and perform additional risk analysis and/or compensating controls as needed for affected systems.	0	0