Resources for Federal Information Security Management Act (FISMA)

Government still suffers from information insecurity

www.govexec.com

Federal agencies continue to struggle with information security, according to a new report from the Government Accountability Office. Weak access controls, network device configuration, and management procedures leave systems vulnerable to malicious attacks and data at risk of exposure.

The report (GAO-08-496), which GAO presented to Congress during a hearing Thursday, summarized agency progress in performing key control activities, the effectiveness of information security efforts, and opportunities to strengthen security, based upon prior audits, federal policies, and inspectors general reports.

"Significant weaknesses continue to threaten the confidentiality, integrity, and availability of critical information and information systems used to support the operations, assets and personnel of federal agencies," the report said. In their fiscal 2007 performance and accountability reports, 20 of 24 major agencies indicated that inadequate information security controls were either a significant deficiency or a material weakness. GAO audits returned similar findings for financial and non-financial systems.

View the Resource

Share or bookmarklet this web page at: