Information technology (41 - 50 of 50 items)
Information Security: Continued Action Needed to Improve Software Patch Management
GAO-04-706: Published: Jun 2, 2004. Publicly Released: Jun 2, 2004.
Flaws in software code can introduce vulnerabilities that may be exploited to cause significant damage to federal information systems. Such risks continue to grow with the increasing speed, sophistication, and volume of reported attacks, as well as the decreasing period of the time from vulnerability announcement to attempted exploits. The process of applying software patches to fix flaws, referre...
Information Security: Information System Controls at the Federal Deposit Insurance Corporation
GAO-04-630: Published: May 28, 2004. Publicly Released: May 28, 2004.
Effective controls over information systems are essential to ensuring the protection of financial and personnel information and the security and reliability of bank examination data maintained by the Federal Deposit Insurance Corporation (FDIC). As part of our calendar year 2003 financial statement audits of three FDIC Funds, GAO assessed the effectiveness of the corporation's general controls on...
Information Security: Continued Efforts Needed to Sustain Progress in Implementing Statutory Requirements
GAO-04-483T: Published: Mar 16, 2004. Publicly Released: Mar 16, 2004.
For many years, GAO has reported on the widespread negative impact of poor information security within federal agencies and has identified it as a governmentwide high-risk issue since 1997. Legislation designed to improve information security was enacted in October 2000. It was strengthened in December 2002 by new legislation, the Federal Information Security Management Act of 2002 (FISMA), which...
Information Security: Technologies to Secure Federal Systems
GAO-04-467: Published: Mar 9, 2004. Publicly Released: Mar 16, 2004.
Federal agencies rely extensively on computerized information systems and electronic data to carry out their missions. The security of these systems and date is essential to preventing data tampering, disruptions in critical operations, fraud, and inappropriate disclosure of sensitive information. Congress and the executive branch have taken actions to address this challenge, such as enacting and...
Information Security: Continued Efforts Needed to Fully Implement Statutory Requirements
GAO-03-852T: Published: Jun 24, 2003. Publicly Released: Jun 24, 2003.
Since 1996, GAO has reported that poor information security in the federal government is a widespread problem with potentially devastating consequences. Further, GAO has identified information security as a governmentwide high-risk issue in reports to the Congress since 1997--most recently in January 2003. To strengthen information security practices throughout the federal government, information...
Information Security: Subcommittee Post-Hearing Questions Concerning the Additional Actions Needed to Implement Reform Legislation
GAO-02-649R: Published: Apr 16, 2002. Publicly Released: Apr 16, 2002.
This report reviews efforts by the Office of Management and Budget (OMB), 24 of the largest federal agencies, and the agencies' inspectors general to implement requirements set forth as part of the National Defense Authorization Act for Fiscal Year 2001. GAO discusses (1) OMB's assessment of the top six security weaknesses within federal agencies, (2) information security weaknesses in federal inf...
Education Information Security: Improvements Made But Control Weaknesses Remain
GAO-01-1067: Published: Sep 12, 2001. Publicly Released: Sep 12, 2001.
The Department of Education relies heavily on the central automated processing system (EDCAPS) to support its core financial management information functions, including general ledger and funds management, grant planning and payment processing, and purchasing and contract management. Education's Inspector General (IG) has reported serious information system control weaknesses in this system. These...
Information Security: Weaknesses Place Commerce Data and Operations at Serious Risk
GAO-01-1004T: Published: Aug 3, 2001. Publicly Released: Aug 3, 2001.
This testimony discusses information security controls over computer systems at the Department of Commerce. Dramatic increases in computer interconnectivity, especially in the use of the Internet, are revolutionizing the way the government, the nation, and much of the world communicate and conduct business. However, this widespread interconnectivity also poses significant risks to the nation's com...
The Need for a Better Trained EDP Auditor
117740: Jan 1, 1982
The demand for electronic data processing auditors is discussed in this article, which appeared in the GAO Review, Vol. 17, Issue 1, Winter 1982, as well as the skills needed in training a capable informations systems auditor...
Management Agenda for the Presidential and Congressional Transition: Strengthen Cybersecurity Over Sensitive Data and Protect Critical Infrastructure
D15087: Nov 10, 2016
GAO’s Management Agenda is a streamlined tool for new leaders to quickly learn about critical management challenges and risks facing the federal government and the actions needed to address those challenges. Eight management challenges are highlighted in the Management Agenda:Manage Finances to Improve the Nation’s Fiscal ConditionManage Acquisitions to Maximize Cost Savings and PerformanceDev...