Information resources management (31 - 40 of 120 items)
Information Security: Improvements Needed in Treasury's Security Management Program
GAO-04-77: Published: Nov 14, 2003. Publicly Released: Nov 14, 2003.
The Department of the Treasury relies heavily on information systems--and on the public's trust in its work. Information security is therefore critical to Treasury operations. In support of its annual audit of the government's financial statements, GAO assessed the effectiveness of (1) Treasury's information security controls in protecting the confidentiality, integrity, and availability of the de...
Information Security: Challenges in Using Biometrics
GAO-03-1137T: Published: Sep 9, 2003. Publicly Released: Sep 9, 2003.
One of the primary functions of any security system is the control of people into or out of protected areas, such as physical buildings, information systems, and our national border. Technologies called biometrics can automate the identification of people by one or more of their distinct physical or behavioral characteristics. The term biometrics covers a wide range of technologies that can be use...
Information Security: Continued Efforts Needed to Fully Implement Statutory Requirements
GAO-03-852T: Published: Jun 24, 2003. Publicly Released: Jun 24, 2003.
Since 1996, GAO has reported that poor information security in the federal government is a widespread problem with potentially devastating consequences. Further, GAO has identified information security as a governmentwide high-risk issue in reports to the Congress since 1997--most recently in January 2003. To strengthen information security practices throughout the federal government, information...
FDIC Information Security: Progress Made but Existing Weaknesses Place Data at Risk
GAO-03-630: Published: Jun 18, 2003. Publicly Released: Jun 18, 2003.
Effective controls over information systems are essential to ensuring the protection of financial and personnel information and the security and reliability of bank examination data maintained bythe Federal Deposit Insurance Corporation (FDIC). As part of GAO's 2002 financial statement audits of the three FDIC funds, we assessed (1) the corporation's progress in addressing computer security weakne...
Information Security: Progress Made, But Challenges Remain to Protect Federal Systems and the Nation's Critical Infrastructures
GAO-03-564T: Published: Apr 8, 2003. Publicly Released: Apr 8, 2003.
Protecting the computer systems that support federal agencies' operations and our nation's critical infrastructures--such as power distribution, telecommunications, water supply, and national defense--is a continuing concern. These concerns are well-founded for a number of reasons, including the dramatic increases in reported computer security incidents, the ease of obtaining and using hacking too...
High-Risk Series: Protecting Information Systems Supporting the Federal Government and the Nation's Critical Infrastructures
GAO-03-121: Published: Jan 1, 2003. Publicly Released: Jan 1, 2003.
Since GAO designated computer security in the federal government as high risk in 1997, evidence of pervasive weaknesses has been continuing. Also, related risks have been escalating, in part because of the dramatic increases in computer interconnectivity and increasing dependence on computers to support critical operations and infrastructures, such as power distribution, water supply, national def...
Critical Infrastructure Protection: Federal Efforts Require a More Coordinated and Comprehensive Approach for Protecting Information Systems
GAO-02-474: Published: Jul 15, 2002. Publicly Released: Jul 15, 2002.
Critical infrastructure protection (CIP) involves activities that enhance the security of the nation's cyber and physical public and private infrastructures that are essential to national security, economic activity, and public health and safety. At least 50 federal organizations within 13 major departments and agencies mentioned in Presidential Decision Directive 63 are involved in CIP activities...
Information Security: Additional Actions Needed to Fully Implement Reform Legislation
GAO-02-407: Published: May 2, 2002. Publicly Released: May 2, 2002.
In March, GAO testified on the federal government's fiscal-year implementation of legislative provisions for government information security reform. (See GAO-02-470T.) GAO reported that implementation of the reforms addresses serious, pervasive information security weaknesses. GAO also noted the Office of Management and Budget needs to (1) further guide agencies and encourage them to implement the...
Information Security: Comments on the Proposed Federal Information Security Management Act of 2002
GAO-02-677T: Published: May 2, 2002. Publicly Released: May 2, 2002.
The Federal Information Security Management Act of 2002 reauthorizes and expands the information security, evaluation, and reporting requirements enacted in the National Defense Authorization Act for Fiscal Year 2001. Concerned that pervasive information security weaknesses place federal operations at significant risk of disruption, tampering, fraud, and inappropriate disclosures of sensitive info...
Information Security: Subcommittee Post-Hearing Questions Concerning the Additional Actions Needed to Implement Reform Legislation
GAO-02-649R: Published: Apr 16, 2002. Publicly Released: Apr 16, 2002.
This report reviews efforts by the Office of Management and Budget (OMB), 24 of the largest federal agencies, and the agencies' inspectors general to implement requirements set forth as part of the National Defense Authorization Act for Fiscal Year 2001. GAO discusses (1) OMB's assessment of the top six security weaknesses within federal agencies, (2) information security weaknesses in federal inf...