Information systems (71 - 80 of 193 items)
Federal Reserve Banks: Areas for Improvement in Information Security Controls
GAO-08-836R: Published: Jun 16, 2008. Publicly Released: Jun 16, 2008.
In connection with fulfilling our requirement to audit the financial statements of the U.S. government, we audited and reported on the Schedules of Federal Debt Managed by the Bureau of the Public Debt (BPD) for the fiscal years ended September 30, 2007 and 2006. As part of these audits, we performed a review of the general and application information security controls over key financial systems m...
Information Security: FDIC Sustains Progress but Needs to Improve Configuration Management of Key Financial Systems
GAO-08-564: Published: May 30, 2008. Publicly Released: May 30, 2008.
The Federal Deposit Insurance Corporation (FDIC) has a demanding responsibility enforcing banking laws, regulating financial institutions, and protecting depositors. Effective information security controls are essential to ensure that FDIC systems and information are adequately protected from inadvertent misuse, fraudulent, or improper disclosure. As part of its audit of FDIC's 2007 financial stat...
Information Security: TVA Needs to Address Weaknesses in Control Systems and Networks
GAO-08-526: Published: May 21, 2008. Publicly Released: May 21, 2008.
Securing the control systems that regulate the nation's critical infrastructures is vital to ensuring our economic security and public health and safety. The Tennessee Valley Authority (TVA), a federal corporation and the nation's largest public power company, generates and distributes power in an area of about 80,000 square miles in the southeastern United States. GAO was asked to determine wheth...
Information Security: TVA Needs to Enhance Security of Critical Infrastructure Control Systems and Networks
GAO-08-775T: Published: May 21, 2008. Publicly Released: May 21, 2008.
The control systems that regulate the nation's critical infrastructures face risks of cyber threats, system vulnerabilities, and potential attacks. Securing these systems is therefore vital to ensuring national security, economic well-being, and public health and safety. While most critical infrastructures are privately owned, the Tennessee Valley Authority (TVA), a federal corporation and the nat...
Information Security: Progress Reported, but Weaknesses at Federal Agencies Persist
GAO-08-571T: Published: Mar 12, 2008. Publicly Released: Mar 12, 2008.
Information security is especially important for federal agencies, where the public's trust is essential and poor information security can have devastating consequences. Since 1997, GAO has identified information security as a governmentwide high-risk issue in each of our biennial reports to Congress. Concerned by reports of significant weaknesses in federal computer systems, Congress passed the F...
Information Security: Securities and Exchange Commission Needs to Continue to Improve Its Program
GAO-08-280: Published: Feb 29, 2008. Publicly Released: Feb 29, 2008.
In carrying out its mission to ensure that securities markets are fair, orderly, and efficiently maintained, the Securities and Exchange Commission (SEC) relies extensively on computerized systems. Integrating effective information security controls into a layered control strategy is essential to ensure that SEC's financial and sensitive information are protected from inadvertent or deliberate mis...
Information Security: Protecting Personally Identifiable Information
GAO-08-343: Published: Jan 25, 2008. Publicly Released: Feb 22, 2008.
The loss of personally identifiable information can result in substantial harm, embarrassment, and inconvenience to individuals and may lead to identity theft or other fraudulent use of the information. As shown in prior GAO reports, compromises to such information and long-standing weaknesses in federal information security raise important questions about what steps federal agencies should take t...
Information Security: Selected Departments Need to Address Challenges in Implementing Statutory Requirements
GAO-07-528: Published: Aug 31, 2007. Publicly Released: Oct 1, 2007.
The Federal Information Security Management Act of 2002 (FISMA) strengthened security requirements by, among other things, requiring federal agencies to establish programs to provide cost-effective security for information and information systems. In overseeing FISMA implementation, the Office of Management and Budget (OMB) has established supporting processes and reporting requirements. However,...
Veterans Affairs: Sustained Management Commitment and Oversight Are Essential to Completing Information Technology Realignment and Strengthening Information Security
GAO-07-1264T: Published: Sep 26, 2007. Publicly Released: Sep 26, 2007.
The Department of Veterans Affairs (VA) has encountered numerous challenges in managing its information technology (IT) and securing its information systems. In October 2005, the department initiated a realignment of its IT program to provide greater authority and accountability over its resources. The May 2006 security incident highlighted the need for additional actions to secure personal inform...
Information Security: Homeland Security Needs to Immediately Address Significant Weaknesses in Systems Supporting the US-VISIT Program
GAO-07-870: Published: Jul 13, 2007. Publicly Released: Aug 2, 2007.
Intended to enhance the security of U.S. citizens and visitors, United States Visitor and Immigrant Status Indicator Technology (US-VISIT) program encompasses the pre-entry, entry, status management, and exit of foreign national travelers who enter and leave the United States at 285 air, sea, and land ports of entry. GAO was asked to determine whether Department of Homeland Security (DHS) has impl...