This is a publication by GAO's Inspector General that concerns internal GAO operations. A full report on this evaluation was prepared for GAO internal use only. Although not obligated by law to comply, GAO has adopted the requirements of the Federal Information Security Management Act of 2002 (FISMA) to strengthen its information security program and demonstrate its ongoing commitment to lead by example. GAO's Office of Inspector General (OIG) conducted an evaluation to assess (1) the effectiveness of the agency's information security policies, procedures, and practices, and (2) agency compliance with the information security requirements of FISMA and other federal information security policies, procedures, standards, and guidelines.
Skip to Highlights