Internal controls (61 - 70 of 202 items)
Information Security: TVA Needs to Address Weaknesses in Control Systems and Networks
GAO-08-526: Published: May 21, 2008. Publicly Released: May 21, 2008.
Securing the control systems that regulate the nation's critical infrastructures is vital to ensuring our economic security and public health and safety. The Tennessee Valley Authority (TVA), a federal corporation and the nation's largest public power company, generates and distributes power in an area of about 80,000 square miles in the southeastern United States. GAO was asked to determine wheth...
Information Security: TVA Needs to Enhance Security of Critical Infrastructure Control Systems and Networks
GAO-08-775T: Published: May 21, 2008. Publicly Released: May 21, 2008.
The control systems that regulate the nation's critical infrastructures face risks of cyber threats, system vulnerabilities, and potential attacks. Securing these systems is therefore vital to ensuring national security, economic well-being, and public health and safety. While most critical infrastructures are privately owned, the Tennessee Valley Authority (TVA), a federal corporation and the nat...
Information Security: Although Progress Reported, Federal Agencies Need to Resolve Significant Deficiencies
GAO-08-496T: Published: Feb 14, 2008. Publicly Released: Feb 14, 2008.
Information security is especially important for federal agencies, where the public's trust is essential and poor information security can have devastating consequences. Since 1997, GAO has identified information security as a governmentwide high-risk issue in each of its biennial reports to the Congress. Concerned by reports of significant weaknesses in federal computer systems, Congress passed t...
Information Security: IRS Needs to Address Pervasive Weaknesses
GAO-08-211: Published: Jan 8, 2008. Publicly Released: Jan 8, 2008.
The Internal Revenue Service (IRS) relies extensively on computerized systems to carry out its demanding responsibilities to collect taxes (about $2.7 trillion in fiscal year 2007), process tax returns, and enforce the nation's tax laws. Effective information security controls are essential to ensuring that financial and taxpayer information is adequately protected from inadvertent or deliberate m...
Information Security: Selected Departments Need to Address Challenges in Implementing Statutory Requirements
GAO-07-528: Published: Aug 31, 2007. Publicly Released: Oct 1, 2007.
The Federal Information Security Management Act of 2002 (FISMA) strengthened security requirements by, among other things, requiring federal agencies to establish programs to provide cost-effective security for information and information systems. In overseeing FISMA implementation, the Office of Management and Budget (OMB) has established supporting processes and reporting requirements. However,...
Information Security: Sustained Management Commitment and Oversight Are Vital to Resolving Long-standing Weaknesses at the Department of Veterans Affairs
GAO-07-1019: Published: Sep 7, 2007. Publicly Released: Sep 19, 2007.
In May 2006, the Department of Veterans Affairs (VA) announced that computer equipment containing personal information on approximately 26.5 million veterans and active duty military personnel had been stolen. Given the importance of information technology (IT) to VA's mission, effective information security controls are critical to maintaining public and veteran confidence in its ability to prote...
Information Security: Homeland Security Needs to Immediately Address Significant Weaknesses in Systems Supporting the US-VISIT Program
GAO-07-870: Published: Jul 13, 2007. Publicly Released: Aug 2, 2007.
Intended to enhance the security of U.S. citizens and visitors, United States Visitor and Immigrant Status Indicator Technology (US-VISIT) program encompasses the pre-entry, entry, status management, and exit of foreign national travelers who enter and leave the United States at 285 air, sea, and land ports of entry. GAO was asked to determine whether Department of Homeland Security (DHS) has impl...
Information Security: Despite Reported Progress, Federal Agencies Need to Address Persistent Weaknesses
GAO-07-837: Published: Jul 27, 2007. Publicly Released: Jul 27, 2007.
For many years, GAO has reported that weaknesses in information security are a widespread problem with potentially devastating consequences--such as intrusions by malicious users, compromised networks, and the theft of personally identifiable information--and has identified information security as a governmentwide high-risk issue. Concerned by reports of significant vulnerabilities in federal comp...
Information Security: Homeland Security Needs to Enhance Effectiveness of Its Program
GAO-07-1003T: Published: Jun 20, 2007. Publicly Released: Jun 20, 2007.
To protect and mitigate threats and attacks against the United States, 22 federal agencies and organizations were merged to form the Department of Homeland Security (DHS) in 2002. One of the department's components, U.S. Customs and Border Protection (CBP), is responsible for securing the nation's borders. DHS and CBP rely on a variety of computerized information systems to support their operation...
Bureau of the Public Debt: Areas for Improvement in Information Security Controls
GAO-07-899R: Published: Jun 14, 2007. Publicly Released: Jun 14, 2007.
In connection with fulfilling our requirement to audit the financial statements of the U.S. government, we audited and reported on the Schedules of Federal Debt Managed by the Bureau of the Public Debt (BPD) for the fiscal years ended September 30, 2006 and 2005. As part of these audits, we performed a review of the general and application information security controls over key BPD financial syste...