All Topics » Information Security
Information Security (161 - 170 of 425 items)
Managing Sensitive Information: DOJ Needs a More Complete Staffing Strategy for Managing Classified Information and a Set of Internal Controls for Other Sensitive Information
GAO-07-83: Published: Oct 20, 2006. Publicly Released: Nov 20, 2006.
The September 11 attacks showed that agencies must balance the need to protect and share sensitive information to prevent future attacks. Agencies classify this information or designate it sensitive but unclassified to protect and limit access to it. The National Archives' Information Security Oversight Office (ISOO) assesses agencies' classification management programs, and in July 2004 and April...
Information Security: Coordination of Federal Cyber Security Research and Development
GAO-06-811: Published: Sep 29, 2006. Publicly Released: Oct 31, 2006.
Research and development (R&D) of cyber security technology is essential to creating a broader range of choices and more robust tools for building secure, networked computer systems in the federal government and in the private sector. The National Strategy to Secure Cyberspace identifies national priorities to secure cyberspace, including a federal R&D agenda. GAO was asked to identify the (1) fed...
Information Security: The Centers for Medicare & Medicaid Services Needs to Improve Controls over Key Communication Network
GAO-06-750: Published: Aug 30, 2006. Publicly Released: Oct 3, 2006.
The Centers for Medicare & Medicaid Services (CMS), a component within the Department of Health and Human Services (HHS), is responsible for overseeing the Medicare and Medicaid programs--the nation's largest health insurance programs--which benefit about one in every four Americans. CMS relies on a contractor-owned and operated network to facilitate communication and data transmission among CMS b...
Critical Infrastructure Protection: DHS Leadership Needed to Enhance Cybersecurity
GAO-06-1087T: Published: Sep 13, 2006. Publicly Released: Sep 13, 2006.
Increasing computer interconnectivity has revolutionized the way that our nation and much of the world communicate and conduct business. While the benefits have been enormous, this widespread interconnectivity also poses significant risks to our nation's computer systems and, more importantly, to the critical operations and infrastructures they support. The Homeland Security Act of 2002 and federa...
Information Security: Federal Deposit Insurance Corporation Needs to Improve Its Program
GAO-06-620: Published: Aug 31, 2006. Publicly Released: Aug 31, 2006.
The Federal Deposit Insurance Corporation (FDIC) has a demanding responsibility enforcing banking laws, regulating financial institutions, and protecting depositors. The corporation relies extensively on computerized systems to support and carry out its financial and mission-related operations. As part of the audit of the calendar year 2005 financial statements, GAO assessed (1) the progress FDIC...
Information Security: Federal Reserve Needs to Address Treasury Auction Systems
GAO-06-659: Published: Aug 30, 2006. Publicly Released: Aug 30, 2006.
The Federal Reserve System's Federal Reserve Banks (FRB) serve as fiscal agents of the U.S. government when they are directed to do so by the Secretary of the Treasury. In this capacity, the FRBs operate and maintain several mainframe and distributed-based systems--including the systems that support the Department of the Treasury's auctions of marketable securities--on behalf of the department's B...
Internet Protocol Version 6: Federal Government in Early Stages of Transition and Key Challenges Remain
GAO-06-675: Published: Jun 30, 2006. Publicly Released: Jul 31, 2006.
The Internet protocol (IP) provides the addressing mechanism that defines how and where information such as text, voice, music, and video move across interconnected networks. IP version 4 (IPv4), which is widely used today, may not be able to accommodate the increasing number of global users and devices that are connecting to the Internet. As a result, Internet version 6 (IPv6) was developed to in...
Managing Sensitive Information: Actions Needed to Ensure Recent Changes in DOE Oversight Do Not Weaken an Effective Classification System
GAO-06-785: Published: Jun 30, 2006. Publicly Released: Jun 30, 2006.
In recent years, the Congress has become increasingly concerned that federal agencies are misclassifying information. Classified information is material containing national defense or foreign policy information determined by the U.S. government to require protection for reasons of national security. GAO was asked to assess the extent to which (1) DOE's training, guidance, and oversight ensure that...
Managing Sensitive Information: DOD Can More Effectively Reduce the Risk of Classification Errors
GAO-06-706: Published: Jun 30, 2006. Publicly Released: Jun 30, 2006.
Misclassification of national security information impedes effective information sharing, can provide adversaries with information to harm the United States and its allies, and incurs millions of dollars in avoidable administrative costs. As requested, GAO examined (1) whether the implementation of the Department of Defense's (DOD) information security management program, effectively minimizes the...
Information Security: Leadership Needed to Address Weaknesses and Privacy Issues at Veterans Affairs
GAO-06-897T: Published: Jun 20, 2006. Publicly Released: Jun 20, 2006.
The recent information security breach at the Department of Veterans Affairs (VA), in which personal data on millions of veterans were compromised, has highlighted the importance of the department's security weaknesses, as well as the ability of federal agencies to protect personal information. Robust federal security programs are critically important to properly protect this information and the p...