Computer Security:
Identification of Sensitive Systems Operated on Behalf of Ten Agencies
IMTEC-89-70: Published: Sep 27, 1989. Publicly Released: Sep 27, 1989.
Additional Materials:
- Full Report:
Contact:
Pursuant to a congressional request, GAO provided information on 10 federal agencies' identification of sensitive computer systems operated by contractors, states, and other organizations.
GAO found that: (1) 9 agencies reported in November 1988 a total of 812 sensitive computer systems operated by contractors or other organizations and none operated by states; (2) the Environmental Protection Agency (EPA) reported that it operated all of its sensitive computer systems; (3) the Departments of Agriculture (USDA), Interior, Justice (DOJ), Labor (DOL), and the Treasury sent their components definitions of sensitive computer systems and then consolidated component-supplied information to determine their total numbers of sensitive systems; (4) DOJ, DOL, Treasury, and the Department of Defense (DOD) used computer security plans, inventories, or other documentation to ensure that their reported lists were complete; and (5) in response to a March 1989 request that they revise their lists, which did not appear to include all sensitive systems operated by contractors, states, or other organizations, DOD, Interior, DOL, Treasury, and the Department of Health and Human Services reported a total of 220 additional systems, while other agencies reviewed their original responses and verified their accuracy.
Oct 9, 2020
Aviation Cybersecurity:
FAA Should Fully Implement Key Practices to Strengthen Its Oversight of Avionics RisksGAO-21-86: Published: Oct 9, 2020. Publicly Released: Oct 9, 2020.
Sep 22, 2020
-
Cybersecurity:
Clarity of Leadership Urgently Needed to Fully Implement the National StrategyGAO-20-629: Published: Sep 22, 2020. Publicly Released: Sep 22, 2020.
Sep 21, 2020
-
Information Security and Privacy:
HUD Needs a Major Effort to Protect Data Shared with External EntitiesGAO-20-431: Published: Sep 21, 2020. Publicly Released: Sep 21, 2020.
Sep 17, 2020
-
Critical Infrastructure Protection:
Treasury Needs to Improve Tracking of Financial Sector Cybersecurity Risk Mitigation EffortsGAO-20-631: Published: Sep 17, 2020. Publicly Released: Sep 17, 2020.
Sep 16, 2020
-
Veterans Affairs:
VA Needs to Address Persistent IT Modernization and Cybersecurity ChallengesGAO-20-719T: Published: Sep 16, 2020. Publicly Released: Sep 16, 2020.
Aug 18, 2020
-
Cybersecurity:
DHS and Selected Agencies Need to Address Shortcomings in Implementation of Network Monitoring ProgramGAO-20-598: Published: Aug 18, 2020. Publicly Released: Aug 18, 2020.
May 27, 2020
-
Cybersecurity:
Selected Federal Agencies Need to Coordinate on Requirements and Assessments of StatesGAO-20-123: Published: May 27, 2020. Publicly Released: May 27, 2020.
May 13, 2020
-
Management Report:
Improvements Are Needed to Enhance the Internal Revenue Service's Information System Security ControlsGAO-20-411R: Published: May 13, 2020. Publicly Released: May 13, 2020.
Apr 24, 2020
-
Information Security:
FCC Made Significant Progress, but Needs to Address Remaining Control Deficiencies and Improve Its ProgramGAO-20-265: Published: Mar 25, 2020. Publicly Released: Apr 24, 2020.
Apr 13, 2020
-
Cybersecurity:
DOD Needs to Take Decisive Actions to Improve Cyber HygieneGAO-20-241: Published: Apr 13, 2020. Publicly Released: Apr 13, 2020.
Looking for more? Browse all our products here
Explore our Key Issues on Information Security
Explore our other Key Issues here
