Information systems (111 - 120 of 193 items)
Information Security: Effective Patch Management is Critical to Mitigating Software Vulnerabilities
GAO-03-1138T: Published: Sep 10, 2003. Publicly Released: Sep 10, 2003.
Attacks on computer systems--in government and the private sector--are increasing at an alarming rate, placing both federal and private-sector operations and assets at considerable risk. By exploiting software vulnerabilities, hackers can cause significant damage. While patches, or software fixes, for these vulnerabilities are often well publicized and available, they are frequently not quickly or...
Information Security: Computer Controls over Key Treasury Internet Payment System
GAO-03-837: Published: Jul 30, 2003. Publicly Released: Jul 30, 2003.
"Pay.gov" is an Internet portal sponsored and managed by the Department of the Treasury's Financial Management Service (FMS) and operated at three Federal Reserve facilities. Pay.gov is intended to allow the public to make certain non-income-tax-payments to the federal government securely over the Internet. FMS estimates that Pay.gov eventually could annually process 80 million transactions valued...
Information Security: Further Efforts Needed to Fully Implement Statutory Requirements in DOD
GAO-03-1037T: Published: Jul 24, 2003. Publicly Released: Jul 24, 2003.
The Department of Defense (DOD) faces many risks in its use of globally networked computer systems to perform operational missions--such as identifying and tracking enemy targets--and daily management functions--such as paying soldiers and managing supplies. Weaknesses in these systems, if present, could give hackers and other unauthorized users the opportunity to modify, steal, inappropriately di...
Information Security: Continued Efforts Needed to Fully Implement Statutory Requirements
GAO-03-852T: Published: Jun 24, 2003. Publicly Released: Jun 24, 2003.
Since 1996, GAO has reported that poor information security in the federal government is a widespread problem with potentially devastating consequences. Further, GAO has identified information security as a governmentwide high-risk issue in reports to the Congress since 1997--most recently in January 2003. To strengthen information security practices throughout the federal government, information...
FDIC Information Security: Progress Made but Existing Weaknesses Place Data at Risk
GAO-03-630: Published: Jun 18, 2003. Publicly Released: Jun 18, 2003.
Effective controls over information systems are essential to ensuring the protection of financial and personnel information and the security and reliability of bank examination data maintained bythe Federal Deposit Insurance Corporation (FDIC). As part of GAO's 2002 financial statement audits of the three FDIC funds, we assessed (1) the corporation's progress in addressing computer security weakne...
Information Security: Progress Made, but Weaknesses at the Internal Revenue Service Continue to Pose Risks
GAO-03-44: Published: May 30, 2003. Publicly Released: May 30, 2003.
As part of its annual audits of IRS's financial statements, GAO assessed the effectiveness of information security controls at certain IRS facilities and over certain specific applications--controls meant to protect IRS's information systems and taxpayer data. Because the detailed reports that followed these reviews contained sensitive information and could be detrimental to the government if rele...
High-Risk Series: Protecting Information Systems Supporting the Federal Government and the Nation's Critical Infrastructures
GAO-03-121: Published: Jan 1, 2003. Publicly Released: Jan 1, 2003.
Since GAO designated computer security in the federal government as high risk in 1997, evidence of pervasive weaknesses has been continuing. Also, related risks have been escalating, in part because of the dramatic increases in computer interconnectivity and increasing dependence on computers to support critical operations and infrastructures, such as power distribution, water supply, national def...
FDIC Information Security: Improvements Made but Weaknesses Remain
GAO-02-689: Published: Jul 15, 2002. Publicly Released: Jul 15, 2002.
GAO reviewed information systems general controls in the calendar year 2001 financial statement audits of the Federal Deposit Insurance Corporation's (FDIC) Bank Insurance Fund, Savings Association Insurance Fund, and Federal Savings and Loan Insurance Corporation Resolution Fund. FDIC made progress in correcting information security weaknesses previously identified and has taken steps to improve...
Information Security: Corps of Engineers Making Improvements, But Weaknesses Continue
GAO-02-589: Published: Jun 10, 2002. Publicly Released: Jun 10, 2002.
GAO tested selected general and application controls of the Corps of Engineers Financial Management System (CEFMS). The Corps relies on CEFMS to perform key financial management functions supporting the Corps' military and civil works missions. The Corps has made substantial progress in improving computer controls at each of its data processing centers and other Corps sites. The Corps had complete...
Information Security: Comments on the Proposed Federal Information Security Management Act of 2002
GAO-02-677T: Published: May 2, 2002. Publicly Released: May 2, 2002.
The Federal Information Security Management Act of 2002 reauthorizes and expands the information security, evaluation, and reporting requirements enacted in the National Defense Authorization Act for Fiscal Year 2001. Concerned that pervasive information security weaknesses place federal operations at significant risk of disruption, tampering, fraud, and inappropriate disclosures of sensitive info...