Information Security:
Software Change Controls at the National Aeronautics and Space Administration
AIMD-00-196R: Published: Jun 30, 2000. Publicly Released: Jun 30, 2000.
Additional Materials:
- Full Report:
Contact:
(202) 512-6253
contact@gao.gov
Office of Public Affairs
(202) 512-4800
youngc1@gao.gov
Pursuant to a congressional request, GAO reviewed the National Aeronautics and Space Administration's (NASA) software change controls, focusing on: (1) whether key controls as described in agency policies and procedures regarding software change authorization, testing, and approval complied with federal guidance; and (2) the extent to which agencies contracted for year 2000 remediation of mission-critical systems and involved foreign nationals in these efforts.
GAO noted that: (1) NASA does not have a formally documented agency-level software change control policy; (2) development and implementation of software change policies and procedures are the responsibility of each component; (3) according to the NASA official, the components used their routine software change control processes for year 2000 remediation; (4) however, GAO was not provided copies of these component policies to make comparisons to federal guidance; (5) instead, the agency official provided GAO with a written explanation of software change practices at NASA components; (6) based on GAO's interview, the agency official was not familiar with contractor practices for software management; (7) this is of potential concern because contractors performed remediation of all 156 mission-critical systems; (8) for example, one contract was with a foreign-owned company that also hired foreign nationals; (9) in addition, source code for two systems was transmitted to contractor facilities, one of which was a foreign-owned facility that received source code for administrative systems; and (10) the NASA official provided no details regarding protective controls over the source code when the code was out of the agency's direct control.
Jul 11, 2018
NASA Commercial Crew Program:
Plan Needed to Ensure Uninterrupted Access to the International Space StationGAO-18-476: Published: Jul 11, 2018. Publicly Released: Jul 11, 2018.
Jun 14, 2018
-
NASA Major Projects:
Portfolio Is at Risk for Continued Cost Growth and Schedule DelaysGAO-18-576T: Published: Jun 14, 2018. Publicly Released: Jun 14, 2018.
May 1, 2018
-
NASA:
Assessments of Major ProjectsGAO-18-280SP: Published: May 1, 2018. Publicly Released: May 1, 2018.
Apr 9, 2018
-
NASA Contractor Whistleblowers:
Steps Taken to Implement Program but Improvements to Timeliness and Guidance NeededGAO-18-262: Published: Mar 8, 2018. Publicly Released: Apr 9, 2018.
Feb 28, 2018
-
James Webb Space Telescope:
Integration and Test Challenges Have Delayed Launch and Threaten to Push Costs Over CapGAO-18-273: Published: Feb 28, 2018. Publicly Released: Feb 28, 2018.
Jan 17, 2018
-
NASA Commercial Crew Program:
Continued Delays Pose Risks for Uninterrupted Access to the International Space StationGAO-18-317T: Published: Jan 17, 2018. Publicly Released: Jan 17, 2018.
Dec 12, 2017
-
Global Positioning System:
Better Planning and Coordination Needed to Improve Prospects for Fielding Modernized CapabilityGAO-18-74: Published: Dec 12, 2017. Publicly Released: Dec 12, 2017.
Dec 6, 2017
-
NASA:
Preliminary Observations on the Management of Space TelescopesGAO-18-277T: Published: Dec 6, 2017. Publicly Released: Dec 6, 2017.
Oct 19, 2017
-
NASA Human Space Exploration:
Integration Approach Presents Challenges to Oversight and IndependenceGAO-18-28: Published: Oct 19, 2017. Publicly Released: Oct 19, 2017.
Oct 4, 2017
-
Space Exploration:
Improved Planning and Communication Needed for Plutonium-238 and Radioisotope Power Systems ProductionGAO-18-161T: Published: Oct 4, 2017. Publicly Released: Oct 4, 2017.
Looking for more? Browse all our products here
Explore our Key Issues on Space
Explore our other Key Issues here
