Federal Information Security:

Actions Needed to Address Widespread Weaknesses

T-AIMD-00-135: Published: Mar 29, 2000. Publicly Released: Mar 29, 2000.

Additional Materials:


Jack L. Brock, Jr
(202) 512-4841


Office of Public Affairs
(202) 512-4800

Pursuant to a congressional request, GAO discussed federal information security, focusing on actions federal agencies can take immediately to strengthen their security programs as well as other actions required to make more fundamental and long-term improvements.

GAO noted that: (1) federal agencies can act immediately to address federal information security weaknesses and reduce the related risks; (2) specifically, they can: (a) increase awareness; (b) ensure that existing controls are operating effectively; (c) ensure that software patches are up-to-date; (d) use automated scanning and testing tools to quickly identify problems; (e) propagate their best practices; and (f) ensure that their most common vulnerabilities are addressed; (3) none of these actions alone will ensure good security; (4) however, they take advantage of readily available information and tools and, thus, do not involve significant new resources; and (5) as a result, they are steps that can be made without delay.

Nov 17, 2015

Oct 21, 2015

Sep 29, 2015

Sep 24, 2015

Jul 8, 2015

Jul 2, 2015

Jun 24, 2015

Jun 2, 2015

Apr 22, 2015

Looking for more? Browse all our products here