Information technology (61 - 70 of 70 items)
Information Security: Continued Action Needed to Improve Software Patch Management
GAO-04-706: Published: Jun 2, 2004. Publicly Released: Jun 2, 2004.
Flaws in software code can introduce vulnerabilities that may be exploited to cause significant damage to federal information systems. Such risks continue to grow with the increasing speed, sophistication, and volume of reported attacks, as well as the decreasing period of the time from vulnerability announcement to attempted exploits. The process of applying software patches to fix flaws, referre...
Information Security: Information System Controls at the Federal Deposit Insurance Corporation
GAO-04-630: Published: May 28, 2004. Publicly Released: May 28, 2004.
Effective controls over information systems are essential to ensuring the protection of financial and personnel information and the security and reliability of bank examination data maintained by the Federal Deposit Insurance Corporation (FDIC). As part of our calendar year 2003 financial statement audits of three FDIC Funds, GAO assessed the effectiveness of the corporation's general controls on...
Information Security: Continued Efforts Needed to Sustain Progress in Implementing Statutory Requirements
GAO-04-483T: Published: Mar 16, 2004. Publicly Released: Mar 16, 2004.
For many years, GAO has reported on the widespread negative impact of poor information security within federal agencies and has identified it as a governmentwide high-risk issue since 1997. Legislation designed to improve information security was enacted in October 2000. It was strengthened in December 2002 by new legislation, the Federal Information Security Management Act of 2002 (FISMA), which...
Information Security: Technologies to Secure Federal Systems
GAO-04-467: Published: Mar 9, 2004. Publicly Released: Mar 16, 2004.
Federal agencies rely extensively on computerized information systems and electronic data to carry out their missions. The security of these systems and date is essential to preventing data tampering, disruptions in critical operations, fraud, and inappropriate disclosure of sensitive information. Congress and the executive branch have taken actions to address this challenge, such as enacting and...
Information Security: Continued Efforts Needed to Fully Implement Statutory Requirements
GAO-03-852T: Published: Jun 24, 2003. Publicly Released: Jun 24, 2003.
Since 1996, GAO has reported that poor information security in the federal government is a widespread problem with potentially devastating consequences. Further, GAO has identified information security as a governmentwide high-risk issue in reports to the Congress since 1997--most recently in January 2003. To strengthen information security practices throughout the federal government, information...
Information Security: Progress Made, But Challenges Remain to Protect Federal Systems and the Nation's Critical Infrastructures
GAO-03-564T: Published: Apr 8, 2003. Publicly Released: Apr 8, 2003.
Protecting the computer systems that support federal agencies' operations and our nation's critical infrastructures--such as power distribution, telecommunications, water supply, and national defense--is a continuing concern. These concerns are well-founded for a number of reasons, including the dramatic increases in reported computer security incidents, the ease of obtaining and using hacking too...
Information Security: Subcommittee Post-Hearing Questions Concerning the Additional Actions Needed to Implement Reform Legislation
GAO-02-649R: Published: Apr 16, 2002. Publicly Released: Apr 16, 2002.
This report reviews efforts by the Office of Management and Budget (OMB), 24 of the largest federal agencies, and the agencies' inspectors general to implement requirements set forth as part of the National Defense Authorization Act for Fiscal Year 2001. GAO discusses (1) OMB's assessment of the top six security weaknesses within federal agencies, (2) information security weaknesses in federal inf...
Information Security: Weaknesses Place Commerce Data and Operations at Serious Risk
GAO-01-1004T: Published: Aug 3, 2001. Publicly Released: Aug 3, 2001.
This testimony discusses information security controls over computer systems at the Department of Commerce. Dramatic increases in computer interconnectivity, especially in the use of the Internet, are revolutionizing the way the government, the nation, and much of the world communicate and conduct business. However, this widespread interconnectivity also poses significant risks to the nation's com...
Information Security: Vulnerabilities in DOE's Systems for Unclassified Civilian Research
AIMD-00-140: Published: Jun 9, 2000. Publicly Released: Jun 30, 2000.
Pursuant to a congressional request, GAO reviewed the security of the Department of Energy's (DOE) unclassified information systems that support its civilian research programs, focusing on: (1) whether DOE's unclassified systems for civilian research are vulnerable to unauthorized access; (2) whether DOE is effectively managing information systems security; and (3) what DOE is doing to address the...
Management Agenda for the Presidential and Congressional Transition: Strengthen Cybersecurity Over Sensitive Data and Protect Critical Infrastructure
D15087: Nov 10, 2016
GAO’s Management Agenda is a streamlined tool for new leaders to quickly learn about critical management challenges and risks facing the federal government and the actions needed to address those challenges. Eight management challenges are highlighted in the Management Agenda:Manage Finances to Improve the Nation’s Fiscal ConditionManage Acquisitions to Maximize Cost Savings and PerformanceDev...