Computer Security Weaknesses at the Department of Justice

T-IMTEC-91-15: Published: Jun 27, 1991. Publicly Released: Jun 27, 1991.

Additional Materials:


Office of Public Affairs
(202) 512-4800

GAO discussed computer security weaknesses in the Department of Justice's (DOJ) computer systems that store highly sensitive law enforcement information. GAO noted that DOJ: (1) security weaknesses have life-and-death implications for such individuals as witnesses, informants, and law enforcement officials whose identities could be disclosed because of inadequate controls; (2) did not develop security plans or conduct risk analyses for its computer systems; (3) did not ensure adequate protection for its highly sensitive computer systems, did not exercise adequate system oversight, lacked contingency plans to combat service interruptions, and did not mandate computer security training for employees using the systems; (4) did not properly control access to its main data center, did not position guards to visually survey activities at the center, and lacked recording mechanisms to store and retrieve information about data center activities; and (5) disposed of surplus computer equipment which was later found to contain highly sensitive data. GAO also noted that DOJ acknowledged its need to improve computer security and identified such efforts as: (1) a more proactive leadership role; (2) a major security upgrade of the data center; (3) increased security awareness training; and (4) more aggressive oversight of contingency plan preparation and use.

Jul 18, 2018

Jul 16, 2018

Jun 27, 2018

May 31, 2018

May 17, 2018

Apr 18, 2018

Apr 12, 2018

Mar 20, 2018

Mar 13, 2018

Mar 12, 2018

Looking for more? Browse all our products here