Resources for Federal Information Security Management Act (FISMA)

Report: VA's IT security still needs work

www.computerworld.com

The U.S. Department of Veterans Affairs has made some progress since a May 2006 data breach, but it has not completed 20 of 22 recommendations from an internal auditor, according to a report released Wednesday.

As of May, the VA had not yet addressed several "critical success factors" for transforming its IT management, the U.S. Government Accountability Office said in its report. The VA had only completed two of 22 recommendations from its inspector general following the breach, in which a laptop and hard drive containing personal records of 26.5 million veterans and family members were stolen from a VA employee's home.

The VA also needs to improve its IT asset control, the GAO said, referencing a July report showing about 2,400 missing IT devices at four VA locations in 2005 and 2006. While the VA has "many significant initiatives under way," problems persist, even in the programs meant to fix past problems, the GAO report said.

View the Resource

Share or bookmarklet this web page at: