GAO’s reports and testimonies give Congress, federal agencies, and the public timely, fact-based, non-partisan information that can improve government operations and save taxpayers billions of dollars.
What GAO Found No one solution can address the range of potential risks from a data breach, according to interviews with academic, consumer, government, and industry experts and documentation GAO reviewed.
Concerns have been raised about the privacy and security of personal information in light of advances in information technology and the increasingly sophisticated ways in which the government obtains and uses information.
The loss of personally identifiable information can result in substantial harm, embarrassment, and inconvenience to individuals and may lead to identity theft or other fraudulent use of the information.
This publication has been superseded by GAO-08-585G, Financial Audit Manual: Volume 1, July 2008. The U.S. Government Accountability Office (GAO) and the President's Council on Integrity and Efficiency (PCIE) maintain the GAO/PCIE Financial Audit Manual (FAM).
For many years, GAO has reported that weaknesses in information security are a widespread problem with potentially devastating consequences--such as intrusions by malicious users, compromised networks, and the theft of personally identifiable information--and has identified information security as a...
This letter summarizes our review of the Internal Revenue Service's (IRS) implementation of the requirements of the Office of Management and Budget's (OMB) revised Circular No. A-123, Management's Responsibility for Internal Control (A-123) during fiscal year 2006.
A May 2006 data breach at the Department of Veterans Affairs (VA) and other similar incidents since then have heightened awareness of the importance of protecting computer equipment containing personally identifiable information and responding effectively to a breach that poses privacy risks.
For many years, GAO has reported that ineffective information security is a widespread problem that has potentially devastating consequences. In its reports to Congress since 1997, GAO has identified information security as a governmentwide high-risk issue--most recently in January 2005.