Computer Security Weaknesses at the Department of Justice

T-IMTEC-91-15: Published: Jun 27, 1991. Publicly Released: Jun 27, 1991.

Additional Materials:


Office of Public Affairs
(202) 512-4800

GAO discussed computer security weaknesses in the Department of Justice's (DOJ) computer systems that store highly sensitive law enforcement information. GAO noted that DOJ: (1) security weaknesses have life-and-death implications for such individuals as witnesses, informants, and law enforcement officials whose identities could be disclosed because of inadequate controls; (2) did not develop security plans or conduct risk analyses for its computer systems; (3) did not ensure adequate protection for its highly sensitive computer systems, did not exercise adequate system oversight, lacked contingency plans to combat service interruptions, and did not mandate computer security training for employees using the systems; (4) did not properly control access to its main data center, did not position guards to visually survey activities at the center, and lacked recording mechanisms to store and retrieve information about data center activities; and (5) disposed of surplus computer equipment which was later found to contain highly sensitive data. GAO also noted that DOJ acknowledged its need to improve computer security and identified such efforts as: (1) a more proactive leadership role; (2) a major security upgrade of the data center; (3) increased security awareness training; and (4) more aggressive oversight of contingency plan preparation and use.

Jan 8, 2018

Dec 21, 2017

Dec 13, 2017

Nov 6, 2017

Oct 25, 2017

Oct 12, 2017

Sep 26, 2017

Sep 7, 2017

Jul 31, 2017

Jul 26, 2017

Looking for more? Browse all our products here