Information systems (1 - 3 of 3 items) in Past Year
Information Security: FDA Needs to Rectify Control Weaknesses That Place Industry and Public Health Data at Risk
GAO-16-513: Published: Aug 30, 2016. Publicly Released: Sep 29, 2016.
Although the Food and Drug Administration (FDA), an agency of the Department of Health and Human Services (HHS), has taken steps to safeguard the seven systems GAO reviewed, a significant number of security control weaknesses jeopardize the confidentiality, integrity, and availability of its information and systems. The agency did not fully or consistently implement access controls, which are inte...
Information Security: Agencies Need to Improve Controls over Selected High-Impact Systems
GAO-16-501: Published: May 18, 2016. Publicly Released: Jun 21, 2016.
In GAO's survey of 24 federal agencies, the 18 agencies having high-impact systems identified cyber attacks from “nations” as the most serious and most frequently-occurring threat to the security of their systems. These agencies also noted that attacks delivered through e-mail were the most serious and frequent. During fiscal year 2014, 11 of the 18 agencies reported 2,267 incidents affecting...
Information Security: Opportunities Exist for SEC to Improve Its Controls over Financial Systems and Data
GAO-16-493: Published: Apr 28, 2016. Publicly Released: Apr 28, 2016.
The Securities and Exchange Commission (SEC) improved its information security by addressing weaknesses previously identified by GAO, including separating the user production network from the internal management network. However, weaknesses continue to limit the effectiveness of other security controls. In particular:While SEC had issued policies and implemented controls based on those policies, i...