Confidential communication (21 - 26 of 26 items)
Executive Guide: Information Security Management--Learning From Leading Organizations (Supersedes AIMD-98-21)
AIMD-98-68: Published: May 1, 1998. Publicly Released: May 1, 1998.
This publication supersedes AIMD-98-21, Executive Guide: Information Security Management--Learning From Leading Organizations, May 1998. GAO published a guide to assist federal agencies in establishing a management framework for exploring and reducing the information security risks associated with their operations...
Executive Guide: Information Security Management: Learning From Leading Organizations (Exposure Draft) (Superseded by AIMD-98-68)(Superseded by AIMD-00-21.2.8)
AIMD-98-21: Published: Nov 1, 1997. Publicly Released: Nov 1, 1997.
This publication has been superseded by AIMD-00-21.2.8, Travel System Requirements: Checklist for Reviewing Systems Under the Federal Financial Management Improvement Act of 1996, December 1999. This publication has been superseded by AIMD-98-68, Executive Guide: Information Security Management--Learning From Leading Organizations, March 1998. GAO published a guide to assist federal agencies in es...
Information Security: Computer Attacks at Department of Defense Pose Increasing Risks
T-AIMD-96-92: Published: May 22, 1996. Publicly Released: May 22, 1996.
GAO discussed information security procedures at the Department of Defense (DOD). GAO noted that: (1) as many as 250,000 DOD computer systems were attacked in 1995; (2) hackers successfully penetrate DOD computer systems 65 percent of the time; (3) hackers attack DOD computer systems to steal and destroy sensitive data and install reentry devices; (4) these attacks cost the government over half a...
GSA's Computer Security Guidance
AIMD-93-7R: Published: Jul 19, 1993. Publicly Released: Aug 17, 1993.
Pursuant to a congressional request, GAO reviewed Federal Information Resources Management Regulation (FIRMR) Bulletin C-22, which provides guidance to federal agencies on the security and privacy protection of federal computer resources. GAO noted that the guidance: (1) is intended for general use by federal agencies; (2) does not address the various types of sensitive information disclosure; and...
Computer Security: DEA Is Not Adequately Protecting Sensitive Drug Enforcement Data
IMTEC-92-83: Published: Sep 22, 1992. Publicly Released: Sep 30, 1992.
Pursuant to a congressional request, GAO assessed the adequacy of the Drug Enforcement Administration's (DEA) computer security, focusing on: (1) DEA compliance with laws and requirements for protecting sensitive computer information; and (2) Department of Justice (DOJ) oversight of DEA compliance with computer security requirements.GAO found that: (1) DEA has not identified all of its computer sy...
Serious Questions Remain About Justice's Management of ADP and Computer Security
T-IMTEC-91-17: Published: Jun 27, 1991. Publicly Released: Jun 27, 1991.
GAO discussed the Department of Justice's (DOJ) management of its automatic data processing (ADP) resources and its computer security. GAO noted that: (1) the actions DOJ took to address ADP management shortcomings have mainly been organizational and structural and may be insufficient to solve the pervasive problems in DOJ information resources management (IRM); (2) DOJ lacks a system that can acc...