Confidential communication (61 - 70 of 83 items)
Computer Security Weaknesses at the Department of Justice
T-IMTEC-91-15: Published: Jun 27, 1991. Publicly Released: Jun 27, 1991.
GAO discussed computer security weaknesses in the Department of Justice's (DOJ) computer systems that store highly sensitive law enforcement information. GAO noted that DOJ: (1) security weaknesses have life-and-death implications for such individuals as witnesses, informants, and law enforcement officials whose identities could be disclosed because of inadequate controls; (2) did not develop secu...
Serious Questions Remain About Justice's Management of ADP and Computer Security
T-IMTEC-91-17: Published: Jun 27, 1991. Publicly Released: Jun 27, 1991.
GAO discussed the Department of Justice's (DOJ) management of its automatic data processing (ADP) resources and its computer security. GAO noted that: (1) the actions DOJ took to address ADP management shortcomings have mainly been organizational and structural and may be insufficient to solve the pervasive problems in DOJ information resources management (IRM); (2) DOJ lacks a system that can acc...
OSS-11.1.4: Published: Apr 1, 1991. Publicly Released: Apr 1, 1991.
GAO provided a publication to: (1) introduce employees to the GAO Security Manual; and (2) acquaint employees with their security responsibilities and the manual's requirements...
Justice's Weak ADP Security Compromises Sensitive Data
T-IMTEC-91-6: Published: Mar 21, 1991. Publicly Released: Mar 21, 1991.
GAO discussed the Department of Justice's (DOJ): (1) recent sale of surplus computer equipment that was later found to have highly sensitive data; and (2) continuing exposure to similar breaches of security. GAO noted that DOJ: (1) showed patterns of neglect and inattention in ensuring information security nationwide; (2) was unable to provide it with such basic factual information as the total nu...
Computers and Privacy: How the Government Obtains, Verifies, Uses, and Protects Personal Data
IMTEC-90-70BR: Published: Aug 3, 1990. Publicly Released: Aug 31, 1990.
Pursuant to a congressional request, GAO presented information on: (1) how federal agencies obtain, verify, use, and protect personal data; (2) how individuals are made aware of information collected about them; (3) what telecommunications and network facilities agencies' systems use to transmit data; and (4) what effect new technologies have on the sharing of personal data.GAO found that: (1) age...
Justice Automation: Tighter Computer Security Needed
IMTEC-90-69: Published: Jul 30, 1990. Publicly Released: Aug 23, 1990.
Pursuant to a congressional request, GAO reviewed the Department of Justice's (DOJ) computer security program, focusing on compliance with the Computer Security Act of 1987 and other applicable laws and regulations.GAO found that: (1) DOJ computer security program weaknesses posed significant risks to the integrity of its computer systems and sensitive information within its organizations; (2) wea...
Computer Security: Governmentwide Planning Process Had Limited Impact
IMTEC-90-48: Published: May 10, 1990. Publicly Released: May 10, 1990.
Pursuant to a congressional request, GAO reviewed the governmentwide computer security planning and review process that the Computer Security Act of 1987 required, focusing on: (1) 10 civilian agencies' planning processes and implementation of planned controls in 22 selected plans; and (2) the National Institute of Standards and Technology's (NIST) and the National Security Agency's (NSA) review o...
Computer Security: Unauthorized Access to a NASA Scientific Network
IMTEC-90-2: Published: Nov 13, 1989. Publicly Released: Dec 18, 1989.
Pursuant to a congressional request, GAO reviewed the National Aeronautics and Space Administration's (NASA) Space Physics Analysis Network (SPAN), focusing on: (1) SPAN characteristics; (2) instances of unauthorized use of the SPAN system; and (3) steps NASA took to minimize unauthorized SPAN use.GAO found that: (1) SPAN was a worldwide computer network that the scientific community used to condu...
Computer Security: Identification of Sensitive Systems Operated on Behalf of Ten Agencies
IMTEC-89-70: Published: Sep 27, 1989. Publicly Released: Sep 27, 1989.
Pursuant to a congressional request, GAO provided information on 10 federal agencies' identification of sensitive computer systems operated by contractors, states, and other organizations.GAO found that: (1) 9 agencies reported in November 1988 a total of 812 sensitive computer systems operated by contractors or other organizations and none operated by states; (2) the Environmental Protection Agen...
Computer Security: Compliance With Security Plan Requirements of the Computer Security Act
IMTEC-89-55: Published: Jun 21, 1989. Publicly Released: Jun 21, 1989.
Pursuant to a congressional request, GAO determined federal agencies' compliance with a legislative requirement to submit security plans for their computers containing sensitive information to the National Institute of Standards and Technology and the National Security Agency.GAO found that: (1) the Computer Security Act of 1987 required agencies to establish and submit their computer security pla...