Information Systems:

Agencies Overlook Security Controls During Development

IMTEC-88-11S: Published: May 31, 1988. Publicly Released: May 31, 1988.

Additional Materials:

Contact:

Office of Public Affairs
(202) 512-4800
youngc1@gao.gov

GAO provided a supplement to its report on agencies' development of automated systems. GAO provided information regarding the model it used in determining that federal agencies it reviewed did not meet federal criteria or practice sound system development methods for successfully incorporating appropriate security controls during their development of automated information systems.

GAO discussed the model's: (1) construction, which it based on federal guidance and standards and generally accepted practices of software engineering; and (2) sub-activities, including the initiation, definition, design, construction, integration, installation, and test phases. GAO also discussed the potential effects of agencies not performing security activities during each of the model's systems development phases.

Sep 17, 2018

Sep 7, 2018

Sep 6, 2018

Jul 31, 2018

Jul 25, 2018

Jul 12, 2018

Jun 14, 2018

May 14, 2018

Apr 24, 2018

Mar 7, 2018

Looking for more? Browse all our products here