Serious Questions Remain About Justice's Management of ADP and Computer Security

T-IMTEC-91-17: Published: Jun 27, 1991. Publicly Released: Jun 27, 1991.

Additional Materials:


Office of Public Affairs
(202) 512-4800

GAO discussed the Department of Justice's (DOJ) management of its automatic data processing (ADP) resources and its computer security. GAO noted that: (1) the actions DOJ took to address ADP management shortcomings have mainly been organizational and structural and may be insufficient to solve the pervasive problems in DOJ information resources management (IRM); (2) DOJ lacks a system that can accurately provide the total number of cases in litigation or the total number of litigation staff; (3) DOJ lacks a comprehensive IRM plan and a senior IRM official with clear authority to implement IRM decisions; and (4) DOJ acknowledged that it did not have sufficient staff with adequate technical and managerial capabilities to conduct ADP acquisitions and provide oversight. GAO also noted that: (1) DOJ did not ensure adequate protection of its computer systems containing highly sensitive data; (2) DOJ did not control access to its main data center or position guards to adequately protect and survey the facility; (3) DOJ disposed of excess computer equipment which was later discovered to contain highly sensitive data; (4) to improve computer system security, DOJ established a more active leadership role for security staff, planned a major security upgrade of its data center, and increased security awareness training; and (5) DOJ did not develop security plans or conduct risk analyses for its planned Enhanced Automation for the Government Legal Environment network of computer systems, intended to hold highly sensitive law enforcement information.

Sep 17, 2018

Sep 7, 2018

Sep 6, 2018

Jul 31, 2018

Jul 25, 2018

Jul 12, 2018

Jun 14, 2018

May 14, 2018

Apr 24, 2018

Mar 7, 2018

Looking for more? Browse all our products here