Risk management (71 - 80 of 81 items)
Information Security: Federal Deposit Insurance Corporation Needs to Sustain Progress
GAO-05-486: Published: May 19, 2005. Publicly Released: May 19, 2005.
The Federal Deposit Insurance Corporation (FDIC) relies extensively on computerized systems to support its financial and mission-related operations. As part of GAO's audit of the calendar year 2004 financial statements for the three funds administered by FDIC, GAO assessed (1) the progress FDIC has made in correcting or mitigating information system control weaknesses identified in our audits for...
Information Security: Securities and Exchange Commission Needs to Address Weak Controls over Financial and Sensitive Data
GAO-05-262: Published: Mar 23, 2005. Publicly Released: Mar 23, 2005.
The Securities and Exchange Commission (SEC) relies extensively on computerized systems to support its financial and mission-related operations. As part of the audit of SEC's fiscal year 2004 financial statements, GAO assessed the effectiveness of the commission's information system controls in protecting the integrity, confidentiality, and availability of its financial and sensitive information.S...
Financial Market Preparedness: Improvements Made, but More Action Needed to Prepare for Wide-Scale Disasters
GAO-04-984: Published: Sep 27, 2004. Publicly Released: Oct 27, 2004.
In February 2003 reports, GAO identified actions needed to better prepare critical financial market participants for wide-scale disasters, such as terrorist attacks. To determine progress made since then, GAO assessed (1) actions that critical securities market organizations took to improve their ability to prevent and recover from disruptions, (2) actions that financial market and telecommunicati...
Information Security: Computer Controls over Key Treasury Internet Payment System
GAO-03-837: Published: Jul 30, 2003. Publicly Released: Jul 30, 2003.
"Pay.gov" is an Internet portal sponsored and managed by the Department of the Treasury's Financial Management Service (FMS) and operated at three Federal Reserve facilities. Pay.gov is intended to allow the public to make certain non-income-tax-payments to the federal government securely over the Internet. FMS estimates that Pay.gov eventually could annually process 80 million transactions valued...
Computer Security: Progress Made, But Critical Federal Operations and Assets Remain at Risk
GAO-03-303T: Published: Nov 19, 2002. Publicly Released: Nov 19, 2002.
Protecting the computer systems that support our critical operations and infrastructures has never been more important because of the concern about attacks from individuals and groups with malicious intent, including terrorism. These concerns are well founded for a number of reasons, including the dramatic increases in reported computer security incidents, the ease of obtaining and using hacking t...
Critical Infrastructure Protection: Significant Challenges in Protecting Federal Systems and Developing Analysis and Warning Capabilities
GAO-01-1132T: Published: Sep 12, 2001. Publicly Released: Sep 12, 2001.
Federal computer systems are riddled with weaknesses that continue to put critical operations and assets at risk. New information security provisions introduced by Congress will be a major catalyst for federal agencies to improve their security program management. To help maintain the momentum that the new information security reform provisions have generated, federal agencies must act quickly to...
Information Security Risk Assessment: Practices of Leading Organizations
AIMD-00-33: Published: Nov 1, 1999. Publicly Released: Nov 1, 1999.
This document is a supplement to GAO's May 1998 executive guide on information security management. It is intended to help federal managers implement an ongoing information security risk assessment process by providing examples, or case studies, of practical risk assessment procedures that have been successfully adopted by four organizations known for their efforts to implement good risk assessmen...
Information Security Risk Assessment: Practices of Leading Organizations (Exposure Draft)
AIMD-99-139: Published: Aug 1, 1999. Publicly Released: Aug 1, 1999.
GAO published a guide to aid federal managers in implementing an ongoing information security risk assessment process. GAO provided case studies of practical risk assessment procedures that have been successfully adopted by four organizations known for their efforts to implement good risk assessment practices...
Social Security Administration: Responses to Subcommittee Questions About the On-line PEBES Service
AIMD-97-121R: Published: Jun 20, 1997. Publicly Released: Jun 20, 1997.
Pursuant to a congressional request, GAO provided answers to questions relating to its May 6, 1997, testimony on the Social Security Administration's (SSA) use of the Internet to provide Personal Earnings and Benefit Estimate Statements (PEBES) to individuals.GAO noted that: (1) discussion should include a focus on system security for the following reasons; (a) there have been recent problems in i...
High-Risk Areas: Benefits to Be Gained by Continued Emphasis on Addressing High-Risk Areas
T-AIMD-97-54: Published: Mar 4, 1997. Publicly Released: Mar 4, 1997.
Pursuant to a congressional request, GAO discussed major government programs and operations GAO has identified as high-risk areas, focusing on high-risk areas related to the Internal Revenue Service (IRS) and the Medicare and Supplemental Security Income (SSI) programs.GAO noted that: (1) overall, legislative and agency actions have resulted in progress toward fixing these high-risk areas and esta...