Computer networks (61 - 70 of 79 items)
Information Security: Fundamental Weaknesses Place EPA Data and Operations at Risk
T-AIMD-00-97: Published: Feb 17, 2000. Publicly Released: Feb 17, 2000.
Pursuant to a congressional request, GAO discussed its recent review of information security at the Environmental Protection Agency (EPA).GAO noted that: (1) GAO's review found serious and pervasive problems that essentially render EPA's agencywide information security program ineffective; (2) current security program planning and management is largely a paper exercise that has done little to subs...
Critical Infrastructure Protection: National Plan for Information Systems Protection
AIMD-00-90R: Published: Feb 11, 2000. Publicly Released: Feb 11, 2000.
Pursuant to a congressional request, GAO assessed national security legal authorities related to infrastructure protection, focusing on the administration's National Plan for Information Systems Protection.GAO noted that: (1) the National Plan for Information Systems Protection is an important and positive step toward building the cyber-defense necessary to protect critical information assets and...
Critical Infrastructure Protection: Comments on the National Plan for Information Systems Protection
T-AIMD-00-72: Published: Feb 1, 2000. Publicly Released: Feb 1, 2000.
Pursuant to a congressional request, GAO discussed the National Plan for Information Systems Protection, focusing on: (1) a detailed overview of the plan; (2) opportunities for sharpening the plan's proposals for improving the federal government's security programs; and (3) the challenges facing the government in building the public-private partnerships necessary for comprehensive infrastructure p...
VA Systems Security: Information System Controls at the North Texas Health Care System
AIMD-00-52R: Published: Feb 1, 2000. Publicly Released: Feb 1, 2000.
Pursuant to a legislative requirement, GAO reviewed the weaknesses of the North Texas Health Care System's (NTHCS) information system general controls and the status of corrective actions taken to mitigate these weaknesses.GAO noted that: (1) NTHCS made progress in correcting specific computer security weaknesses that GAO identified in its previous evaluation of information system general controls...
Information Security: SSA's Computer Intrusion Detection Capabilities
AIMD-00-16R: Published: Oct 27, 1999. Publicly Released: Oct 27, 1999.
GAO reviewed the Social Security Administration's (SSA) computing environment, focusing on its policies, procedures, and techniques designed to detect, respond to, and report on incidents of computer intrusion and misuse.GAO noted that: (1) while SSA has a basic system and network management policies and procedures that provide a foundation for more effective intrusion and misuse detection capabil...
Critical Infrastructure Protection: Comprehensive Strategy Can Draw on Year 2000 Experiences
AIMD-00-1: Published: Oct 1, 1999. Publicly Released: Oct 5, 1999.
Pursuant to a congressional request, GAO provided information on efforts to protect the nation's critical infrastructures, focusing on: (1) GAO's recent findings on computer security and critical infrastructure protection; and (2) preliminary lessons learned from the year 2000 date conversion experience that can benefit critical infrastructure protection efforts.GAO noted that: (1) the nation's co...
Information Security: NRC's Computer Intrusion Detection Capabilities
AIMD-99-273R: Published: Aug 27, 1999. Publicly Released: Aug 27, 1999.
GAO reviewed the Nuclear Regulatory Commission's (NRC) policies and practices regarding intrusion detection and response capabilities in the federal government.GAO noted that: (1) overall, GAO found that NRC has instituted an integrated network and security management program to detect and respond to anomalies that may indicate computer network intrusions and misuse for the systems that support it...
Information Security: Answers to Posthearing Questions
AIMD-99-272R: Published: Aug 9, 1999. Publicly Released: Aug 9, 1999.
Pursuant to a congressional request, GAO responded to congressional questions regarding its June 24, 1999, testimony on the need for stronger information security management, focusing on: (1) the effectiveness of federal agencies' implementation of the 1987 Computer Security Act; (2) what gaps the Presidential Decision Directive (PDD) No. 63 will fill within existing federal programs that would im...
Information Security: Recent Attacks on Federal Web Sites Underscore Need for Stronger Information Security Management
T-AIMD-99-223: Published: Jun 24, 1999. Publicly Released: Jun 24, 1999.
Pursuant to a congressional request, GAO discussed the recent break-ins of federal web sites.GAO noted that: (1) the recent series of attacks on federal web sites have primarily focused on defacing, or vandalizing web site content or initiating denial of service attacks in order to crash servers; (2) fortunately, the consequences of recent attacks on federal web sites have been largely confined to...
Social Security Administration: Responses to Subcommittee Questions About the On-line PEBES Service
AIMD-97-121R: Published: Jun 20, 1997. Publicly Released: Jun 20, 1997.
Pursuant to a congressional request, GAO provided answers to questions relating to its May 6, 1997, testimony on the Social Security Administration's (SSA) use of the Internet to provide Personal Earnings and Benefit Estimate Statements (PEBES) to individuals.GAO noted that: (1) discussion should include a focus on system security for the following reasons; (a) there have been recent problems in i...