Computer security (91 - 100 of 307 items)
Information Security: Federal Deposit Insurance Corporation Needs to Sustain Progress Improving Its Program
GAO-07-351: Published: May 18, 2007. Publicly Released: May 18, 2007.
The Federal Deposit Insurance Corporation (FDIC) has a demanding responsibility enforcing banking laws, regulating financial institutions, and protecting depositors. As part of its audit of the calendar year 2006 financial statements, GAO assessed (1) the progress FDIC has made in correcting or mitigating information security weaknesses previously reported and (2) the effectiveness of FDIC's syste...
Privacy: Lessons Learned about Data Breach Notification
GAO-07-657: Published: Apr 30, 2007. Publicly Released: Apr 30, 2007.
A May 2006 data breach at the Department of Veterans Affairs (VA) and other similar incidents since then have heightened awareness of the importance of protecting computer equipment containing personally identifiable information and responding effectively to a breach that poses privacy risks. GAO's objective was to identify lessons learned from the VA data breach and other similar federal data bre...
Information Security: Persistent Weaknesses Highlight Need for Further Improvement
GAO-07-751T: Published: Apr 19, 2007. Publicly Released: Apr 19, 2007.
For many years, GAO has reported that weaknesses in information security are a widespread problem with potentially devastating consequences--such as intrusions by malicious users, compromised networks, and the theft of personally identifiable information. In reports to Congress since 1997, GAO has identified information security as a governmentwide high-risk issue. Concerned by reports of signific...
Information Security: Further Efforts Needed to Address Significant Weaknesses at the Internal Revenue Service
GAO-07-364: Published: Mar 30, 2007. Publicly Released: Mar 30, 2007.
In fiscal year 2006, the Internal Revenue Service (IRS) collected about $2.5 trillion in tax payments and paid about $277 billion in refunds. Because IRS relies extensively on computerized systems, effective information security controls are essential to ensuring that financial and taxpayer information is adequately protected from inadvertent or deliberate misuse, fraudulent use, improper disclosu...
Information Security: Sustained Progress Needed to Strengthen Controls at the Securities and Exchange Commission
GAO-07-256: Published: Mar 27, 2007. Publicly Released: Mar 27, 2007.
In carrying out its mission to ensure that securities markets are fair, orderly, and efficiently maintained, the Securities and Exchange Commission (SEC) relies extensively on computerized systems. Integrating effective information security controls into a layered control strategy is essential to ensure that SEC's financial and sensitive information is protected from inadvertent or deliberate misu...
Information Security: Veterans Affairs Needs to Address Long-Standing Weaknesses
GAO-07-532T: Published: Feb 28, 2007. Publicly Released: Feb 28, 2007.
Security breaches at the Department of Veterans Affairs (VA) and other public and private organizations have highlighted the importance of well-designed and implemented information security programs. GAO was asked to testify on its past work on VA's information security program, as well as ongoing reviews that it is conducting at VA. In developing its testimony, GAO drew on over 15 of its previous...
Information Security: Coordination of Federal Cyber Security Research and Development
GAO-06-811: Published: Sep 29, 2006. Publicly Released: Oct 31, 2006.
Research and development (R&D) of cyber security technology is essential to creating a broader range of choices and more robust tools for building secure, networked computer systems in the federal government and in the private sector. The National Strategy to Secure Cyberspace identifies national priorities to secure cyberspace, including a federal R&D agenda. GAO was asked to identify the (1) fed...
Information Security: The Centers for Medicare & Medicaid Services Needs to Improve Controls over Key Communication Network
GAO-06-750: Published: Aug 30, 2006. Publicly Released: Oct 3, 2006.
The Centers for Medicare & Medicaid Services (CMS), a component within the Department of Health and Human Services (HHS), is responsible for overseeing the Medicare and Medicaid programs--the nation's largest health insurance programs--which benefit about one in every four Americans. CMS relies on a contractor-owned and operated network to facilitate communication and data transmission among CMS b...
Critical Infrastructure Protection: DHS Leadership Needed to Enhance Cybersecurity
GAO-06-1087T: Published: Sep 13, 2006. Publicly Released: Sep 13, 2006.
Increasing computer interconnectivity has revolutionized the way that our nation and much of the world communicate and conduct business. While the benefits have been enormous, this widespread interconnectivity also poses significant risks to our nation's computer systems and, more importantly, to the critical operations and infrastructures they support. The Homeland Security Act of 2002 and federa...
Information Security: Federal Reserve Needs to Address Treasury Auction Systems
GAO-06-659: Published: Aug 30, 2006. Publicly Released: Aug 30, 2006.
The Federal Reserve System's Federal Reserve Banks (FRB) serve as fiscal agents of the U.S. government when they are directed to do so by the Secretary of the Treasury. In this capacity, the FRBs operate and maintain several mainframe and distributed-based systems--including the systems that support the Department of the Treasury's auctions of marketable securities--on behalf of the department's B...