Homeland security (1 - 10 of 24 items)
Federal Information Security: Mixed Progress in Implementing Program Components; Improved Metrics Needed to Measure Effectiveness
GAO-13-776: Published: Sep 26, 2013. Publicly Released: Sep 26, 2013.
In fiscal year 2012, 24 major federal agencies had established many of the components of an information security program required by The Federal Information Security Management Act of 2002 (FISMA); however, they had partially established others. FISMA requires each federal agency to establish an information security program that incorporates eight key components, and each agency inspector general...
Information Security: Department of Homeland Security Needs to Fully Implement Its Security Program
GAO-05-700: Published: Jun 17, 2005. Publicly Released: Jul 8, 2005.
The Homeland Security Act of 2002 mandated the merging of 22 federal agencies and organizations to create the Department of Homeland Security (DHS), whose mission, in part, is to protect our homeland from threats and attacks. DHS relies on a variety of computerized information systems to support its operations. GAO was asked to review DHS's information security program. In response, GAO determined...
Information Security: Radio Frequency Identification Technology in the Federal Government
GAO-05-551: Published: May 27, 2005. Publicly Released: May 27, 2005.
Radio frequency identification (RFID) is an automated data-capture technology that can be used to electronically identify, track, and store information contained on a tag that is attached to or embedded in an object, such as a product, case, or pallet. Federal agencies have begun implementation of RFID technology, which offers them new capabilities and efficiencies in operations. The reduced cost...
Information Security: Department of Homeland Security Faces Challenges in Fulfilling Statutory Requirements
GAO-05-567T: Published: Apr 14, 2005. Publicly Released: Apr 14, 2005.
For many years, GAO has reported that poor information security is a widespread problem that has potentially devastating consequences. Accordingly, since 1997, GAO has identified information security as a governmentwide high-risk issue in reports to Congress--most recently in January 2005. Concerned with accounts of attacks on commercial systems via the Internet and reports of significant weakness...
Information Security: Challenges in Using Biometrics
GAO-03-1137T: Published: Sep 9, 2003. Publicly Released: Sep 9, 2003.
One of the primary functions of any security system is the control of people into or out of protected areas, such as physical buildings, information systems, and our national border. Technologies called biometrics can automate the identification of people by one or more of their distinct physical or behavioral characteristics. The term biometrics covers a wide range of technologies that can be use...
Information Security: Progress Made, But Challenges Remain to Protect Federal Systems and the Nation's Critical Infrastructures
GAO-03-564T: Published: Apr 8, 2003. Publicly Released: Apr 8, 2003.
Protecting the computer systems that support federal agencies' operations and our nation's critical infrastructures--such as power distribution, telecommunications, water supply, and national defense--is a continuing concern. These concerns are well-founded for a number of reasons, including the dramatic increases in reported computer security incidents, the ease of obtaining and using hacking too...
High-Risk Series: Protecting Information Systems Supporting the Federal Government and the Nation's Critical Infrastructures
GAO-03-121: Published: Jan 1, 2003. Publicly Released: Jan 1, 2003.
Since GAO designated computer security in the federal government as high risk in 1997, evidence of pervasive weaknesses has been continuing. Also, related risks have been escalating, in part because of the dramatic increases in computer interconnectivity and increasing dependence on computers to support critical operations and infrastructures, such as power distribution, water supply, national def...
Critical Infrastructure Protection: Federal Efforts Require a More Coordinated and Comprehensive Approach for Protecting Information Systems
GAO-02-474: Published: Jul 15, 2002. Publicly Released: Jul 15, 2002.
Critical infrastructure protection (CIP) involves activities that enhance the security of the nation's cyber and physical public and private infrastructures that are essential to national security, economic activity, and public health and safety. At least 50 federal organizations within 13 major departments and agencies mentioned in Presidential Decision Directive 63 are involved in CIP activities...
Critical Infrastructure Protection: Significant Challenges in Developing Analysis, Warning, and Response Capabilities
GAO-01-1005T: Published: Jul 25, 2001. Publicly Released: Jul 25, 2001.
The National Infrastructure Protection Center (NIPC) is an important element of the U.S.' strategy to protect the nation's infrastructures from hostile attacks, especially computer-based attacks. This testimony discusses the key findings of a GAO report on NIPC's progress in developing national capabilities for analyzing cyber threats and vulnerability data and issuing warnings, enhancing its capa...
Computer Security: Weaknesses Continue to Place Critical Federal Operations and Assets at Risk
GAO-01-600T: Published: Apr 5, 2001. Publicly Released: Apr 5, 2001.
This testimony discusses GAO's analysis of security audits at federal agencies. The widespread interconnectivity of computers poses significant risks to federal computer systems and the operations and the infrastructures they support. GAO's evaluations show that federal computer systems are riddled with weaknesses that continue to put critical operations and assets at risk. GAO found weaknesses in...