Information technology (31 - 40 of 117 items)
Social Security Administration: Improved Planning and Performance Measures Are Needed to Help Ensure Successful Technology Modernization
GAO-12-495: Published: Apr 26, 2012. Publicly Released: May 9, 2012.
The Social Security Administration (SSA) has undertaken numerous modernization efforts, but it lacks effective measurement tools to determine progress. Since 2001, SSA has reported spending about $5 billion on the modernization of its systems. Specifically, the agency has undertaken hundreds of modernization projects each year from 2001 to 2011, and officials identified 120 such initiatives that t...
Information Technology: FDA Needs to Fully Implement Key Management Practices to Lessen Modernization Risks
GAO-12-346: Published: Mar 15, 2012. Publicly Released: Apr 16, 2012.
While FDA has taken several important steps toward modernizing its IT environment, much remains to be done. FDA reported spending about $400 million for IT investments in fiscal year 2011; however, the agency currently lacks a comprehensive IT inventory that identifies and provides key information about the systems it uses and is developing. Office of Management and Budget (OMB) and GAO guidance c...
HUD Information Technology: More Work Remains to Implement Necessary Management Controls
GAO-12-580T: Published: Mar 29, 2012. Publicly Released: Mar 29, 2012.
HUD has made progress in implementing prior GAO recommendations on modernizing its IT environment; however more actions are needed. In 2009, GAO reported that HUD lacked key IT management controls; which are essential to achieving successful outcomes. Specifically,Although the department had established an IT strategic plan that outlined goals and performance measures, it had not assessed its perf...
IT Supply Chain: Additional Efforts Needed by National Security-Related Agencies to Address Risks
GAO-12-579T: Published: Mar 27, 2012. Publicly Released: Mar 27, 2012.
Reliance on a global supply chain introduces multiple risks to federal information systems and underscores the importance of threat assessments and mitigation. Supply chain threats are present at various phases of a systems development life cycle and could create an unacceptable risk to federal agencies. Key supply chain-related threats includeinstallation of intentionally harmful hardware o...
IT Supply Chain: National Security-Related Agencies Need to Better Address Risks
GAO-12-361: Published: Mar 23, 2012. Publicly Released: Mar 23, 2012.
Reliance on a global supply chain introduces multiple risks to federal information systems. These risks include threats posed by actorssuch as foreign intelligence services or counterfeiterswho may exploit vulnerabilities in the supply chain and thus compromise the confidentiality, integrity, or availability of an end system and the information it contains. This in turn can adversely a...
Data Mining: DHS Needs to Improve Executive Oversight of Systems Supporting Counterterrorism
GAO-11-742: Published: Sep 7, 2011. Publicly Released: Oct 7, 2011.
Data mining--a technique for extracting useful information from large volumes of data--is one type of analysis that the Department of Homeland Security (DHS) uses to help detect and prevent terrorist threats. While data-mining systems offer a number of promising benefits, their use also raises privacy concerns. GAO was asked to (1) assess DHS policies for evaluating the effectiveness and privacy p...
Organizational Transformation: Military Departments Can Improve Their Enterprise Architecture Programs
GAO-11-902: Published: Sep 26, 2011. Publicly Released: Sep 26, 2011.
The Department of Defense (DOD) spends billions of dollars annually to build and maintain information technology (IT) systems intended to support its mission. For decades, DOD has been challenged in modernizing its systems environment to reduce duplication and increase integration. Such modernizations can be guided by an enterprise architecture--a blueprint that describes an organization's current...
Information Security: State Has Taken Steps to Implement a Continuous Monitoring Application, but Key Challenges Remain
GAO-11-149: Published: Jul 8, 2011. Publicly Released: Aug 8, 2011.
The Department of State (State) has implemented a custom application called iPost and a risk scoring program that is intended to provide continuous monitoring capabilities of information security risk to elements of its information technology (IT) infrastructure. Continuous monitoring can facilitate nearer real-time risk management and represents a significant change in the way information securit...
Department of Defense: Further Actions Needed to Institutionalize Key Business System Modernization Management Controls
GAO-11-684: Published: Jun 29, 2011. Publicly Released: Jun 29, 2011.
For decades, the Department of Defense (DOD) has been challenged in modernizing its timeworn business systems. Since 1995, GAO has designated DOD's business systems modernization program as high risk. Between 2001 and 2005, GAO reported that the modernization program had spent hundreds of millions of dollars on an enterprise architecture and investment management structures that had limited value...
Information Technology: Department of Veterans Affairs Faces Ongoing Management Challenges
GAO-11-663T: Published: May 11, 2011. Publicly Released: May 11, 2011.
The use of information technology (IT) is crucial to helping the Department of Veterans Affairs (VA) effectively serve the nation's veterans, and the department has expended billions of dollars annually over the last several years to manage and secure its information systems and assets. VA has, however, experienced challenges in managing its IT. GAO has previously highlighted VA's weaknesses in ma...