Computer Security:

Weaknesses Continue to Place Critical Federal Operations and Assets at Risk

GAO-01-600T: Published: Apr 5, 2001. Publicly Released: Apr 5, 2001.

Additional Materials:

Contact:

Joel C. Willemssen
(202) 512-6253
contact@gao.gov

 

Office of Public Affairs
(202) 512-4800
youngc1@gao.gov

This testimony discusses GAO's analysis of security audits at federal agencies. The widespread interconnectivity of computers poses significant risks to federal computer systems and the operations and the infrastructures they support. GAO's evaluations show that federal computer systems are riddled with weaknesses that continue to put critical operations and assets at risk. GAO found weaknesses in following six areas: (1) security program management, (2) access controls, (3) software development and change controls, (4) segregation of duties, (5) operating systems controls, and (6) service continuity. Weaknesses in these areas place a broad range of critical operations and assets at risk for fraud, misuse, and disruption. Federal agencies have tried to address these problems, and many have good remedial efforts underway. However, these efforts will not be fully effective and lasting unless they are supported by a strong agencywide security management framework. Establishing such a management framework requires that agencies take a comprehensive approach that involves both (1) senior agency program managers who understand which aspects of their missions are the most critical and sensitive and (2) technical experts who know the agencies' systems and can suggest appropriate technical security control techniques.

Sep 18, 2014

Sep 16, 2014

Sep 8, 2014

Jul 17, 2014

Jun 25, 2014

May 30, 2014

Apr 17, 2014

Apr 2, 2014

Jan 28, 2014

Jan 8, 2014

Looking for more? Browse all our products here