GAO’s reports and testimonies give Congress, federal agencies, and the public timely, fact-based, non-partisan information that can improve government operations and save taxpayers billions of dollars.
“Cyber hygiene” is a set of practices for managing the most common and pervasive cybersecurity risks. The Department of Defense’s cyber hygiene is critical as threats to its information and networks increase.
DOD has had 3 cyber hygiene initiatives underway.
The Federal Information Security Management Act of 2002 reauthorizes and expands the information security, evaluation, and reporting requirements enacted in the National Defense Authorization Act for Fiscal Year 2001.
This report reviews efforts by the Office of Management and Budget (OMB), 24 of the largest federal agencies, and the agencies' inspectors general to implement requirements set forth as part of the National Defense Authorization Act for Fiscal Year 2001.
Provisions in the National Defense Authorization Act for Fiscal Year 2001 seek to minimize pervasive information security weaknesses that place federal operations at significant risk of disruption, tampering, fraud, and inappropriate disclosure of sensitive information.