Confidential communication (31 - 40 of 78 items)
Information Security: The Proposed Computer Security Enhancement Act of 1999
T-AIMD-99-302: Published: Sep 30, 1999. Publicly Released: Sep 30, 1999.
Pursuant to a congressional request, GAO discussed the proposed Computer Security Enhancement Act of 1999 (H.R. 2413), focusing on: (1) the urgent need to strengthen computer security across the federal government; (2) the current and future privacy concerns with any computer security legislation; (3) GAO's views on the proposed act; and (4) what can be done to further strengthen security program...
DOD Information Security: Serious Weaknesses Continue to Place Defense Operations at Risk
AIMD-99-107: Published: Aug 26, 1999. Publicly Released: Aug 26, 1999.
GAO updated its previous report on the security of the Department of Defense's (DOD) information systems, focusing on DOD's efforts to: (1) address specific weaknesses identified in GAO's 1996 reports; and (2) develop a comprehensive departmentwide information security program.GAO noted that: (1) serious weaknesses in DOD information security continue to provide both hackers and hundreds of thousa...
Information Security Risk Assessment: Practices of Leading Organizations (Exposure Draft)
AIMD-99-139: Published: Aug 1, 1999. Publicly Released: Aug 1, 1999.
GAO published a guide to aid federal managers in implementing an ongoing information security risk assessment process. GAO provided case studies of practical risk assessment procedures that have been successfully adopted by four organizations known for their efforts to implement good risk assessment practices...
USDA Information Security: Weaknesses at National Finance Center Increase Risk of Fraud, Misuse, and Improper Disclosure
AIMD-99-227: Published: Jul 30, 1999. Publicly Released: Jul 30, 1999.
Pursuant to a legislative requirement, GAO provided information on the quality of the Department of Agriculture's (USDA) information security at its National Finance Center (NFC).GAO noted that: (1) serious access control weaknesses affected NFC's ability to prevent or detect unauthorized changes to payroll and other payment data or computer software, control electronic access to Thrift Savings Pr...
Information Security: Recent Attacks on Federal Web Sites Underscore Need for Stronger Information Security Management
T-AIMD-99-223: Published: Jun 24, 1999. Publicly Released: Jun 24, 1999.
Pursuant to a congressional request, GAO discussed the recent break-ins of federal web sites.GAO noted that: (1) the recent series of attacks on federal web sites have primarily focused on defacing, or vandalizing web site content or initiating denial of service attacks in order to crash servers; (2) fortunately, the consequences of recent attacks on federal web sites have been largely confined to...
VA Information Systems: The Austin Automation Center Has Made Progress in Improving Information System Controls
AIMD-99-161: Published: Jun 8, 1999. Publicly Released: Jun 8, 1999.
Pursuant to a legislative requirement, GAO assessed the effectiveness of information system general controls at the Department of Veterans Affairs' (VA) Austin Automation Center (AAC).GAO noted that: (1) AAC had made substantial progress in correcting specific computer security weaknesses that GAO identified in its previous evaluation of information system controls; (2) AAC had established a solid...
Information Security: Many NASA Missions-Critical Systems Face Serious Risks
AIMD-99-47: Published: May 20, 1999. Publicly Released: May 20, 1999.
Pursuant to a congressional request, GAO provided information on the National Aeronautics and Space Administration's (NASA) information security program, focusing on: (1) whether NASA's mission-critical information systems are vulnerable to unauthorized access; (2) whether NASA is effectively managing information systems security; and (3) what NASA is doing to address the risk of unauthorized acce...
Information Security: The Melissa Computer Virus Demonstrates Urgent Need for Stronger Protection Over Systems and Sensitive Data
T-AIMD-99-146: Published: Apr 15, 1999. Publicly Released: Apr 15, 1999.
Pursuant to a congressional request, GAO discussed: (1) the immediate effects of the Melissa virus and variations of it as well as its broader implications for the federal government; and (2) critical measures that should be taken to ensure that federal departments and agencies are better prepared for future viruses and other forms of attack.GAO noted that: (1) Melissa is a macro virus that can af...
Information Security: Serious Weaknesses Place Critical Federal Operations and Assets at Risk
AIMD-98-92: Published: Sep 23, 1998. Publicly Released: Sep 23, 1998.
Pursuant to a congressional request, GAO reviewed: (1) the effectiveness of federal information security practices based on recently issued audit reports; (2) efforts to centrally oversee and manage federal information security; and (3) actions taken by the Office of Management and Budget (OMB) and the federal Chief Information Officers (CIO) Council to address federal information security problem...
Information Security: Strengthened Management Needed to Protect Critical Federal Operations and Assets
T-AIMD-98-312: Published: Sep 23, 1998. Publicly Released: Sep 23, 1998.
GAO discussed the state of information security in the federal government, focusing on the Department of Veterans Affairs' (VA) and the Social Security Administration's (SSA) efforts to develop and maintain an effective security management program.GAO noted that: (1) as the importance of computer security has increased, so have the rigor and frequency of federal audits in this area; (2) during the...