GAO’s reports and testimonies give Congress, federal agencies, and the public timely, fact-based, non-partisan information that can improve government operations and save taxpayers billions of dollars.
Misclassification of national security information impedes effective information sharing, can provide adversaries with information to harm the United States and its allies, and incurs millions of dollars in avoidable administrative costs.
Department of Defense (DOD) contractors perform numerous services that require access to classified information. With access comes the possibility of compromise, particularly as foreign entities increasingly seek U.S. military technologies.
GAO tested selected general and application controls of the Corps of Engineers Financial Management System (CEFMS). The Corps relies on CEFMS to perform key financial management functions supporting the Corps' military and civil works missions.
This report reviews efforts by the Office of Management and Budget (OMB), 24 of the largest federal agencies, and the agencies' inspectors general to implement requirements set forth as part of the National Defense Authorization Act for Fiscal Year 2001.
Pursuant to a congressional request, GAO reviewed software change controls at the Department of Defense (DOD), focusing on: (1) whether key controls as described in agency policies and procedures regarding software change authorization, testing, and approval complied with federal guidance; and (2) the...
Pursuant to a congressional request, GAO provided information on fiscal years 1998 through 2000 appropriations and obligations for four major computer security initiatives, including: (1) the Federal Bureau of Investigation's National Infrastructure Protection Center (NIPC); (2) the Department of Defense's...
GAO updated its previous report on the security of the Department of Defense's (DOD) information systems, focusing on DOD's efforts to: (1) address specific weaknesses identified in GAO's 1996 reports; and (2) develop a comprehensive departmentwide information security program.