Information Security: Responses to Posthearing Questions

Pursuant to a congressional request, GAO responded to questions concerning its October 1999 testimony on the information security weaknesses at 22 federal agencies, focusing on: (1) whether GAO has taken the necessary steps since its previous testimony to ensure that identified security lapses at three agencies were quickly and permanently closed; (2) how agencies are addressing and responding to the security problems; (3) whether there has been enough time since the issuance of Presidential Decision Directive 63 in May 1998 to work out the details of the National Infrastructure Assurance Plan; (4) whether the threat to the nation's critical infrastructures are serious enough to warrant a full-scale and timely effort to develop and institute an action plan for establishing certain safeguards over them; and (5) whether satisfactory steps have been taken to prevent hackers from penetrating sensitive Department of Defense (DOD) systems.