Computer Security Weaknesses at the Department of Justice

T-IMTEC-91-15: Published: Jun 27, 1991. Publicly Released: Jun 27, 1991.

Additional Materials:


Office of Public Affairs
(202) 512-4800

GAO discussed computer security weaknesses in the Department of Justice's (DOJ) computer systems that store highly sensitive law enforcement information. GAO noted that DOJ: (1) security weaknesses have life-and-death implications for such individuals as witnesses, informants, and law enforcement officials whose identities could be disclosed because of inadequate controls; (2) did not develop security plans or conduct risk analyses for its computer systems; (3) did not ensure adequate protection for its highly sensitive computer systems, did not exercise adequate system oversight, lacked contingency plans to combat service interruptions, and did not mandate computer security training for employees using the systems; (4) did not properly control access to its main data center, did not position guards to visually survey activities at the center, and lacked recording mechanisms to store and retrieve information about data center activities; and (5) disposed of surplus computer equipment which was later found to contain highly sensitive data. GAO also noted that DOJ acknowledged its need to improve computer security and identified such efforts as: (1) a more proactive leadership role; (2) a major security upgrade of the data center; (3) increased security awareness training; and (4) more aggressive oversight of contingency plan preparation and use.

Nov 25, 2015

Nov 12, 2015

Nov 10, 2015

Nov 4, 2015

Oct 21, 2015

Sep 23, 2015

Sep 15, 2015

Jun 29, 2015

Jun 19, 2015

May 28, 2015

Looking for more? Browse all our products here