Federal Information Security Agencies Need To Correct Weaknesses And Fully Implement Security Programs
Download Federal Information Security Agencies Need To Correct Weaknesses And Fully Implement Security Programs full books in PDF, epub, and Kindle. Read online free Federal Information Security Agencies Need To Correct Weaknesses And Fully Implement Security Programs ebook anywhere anytime directly on your device. Fast Download speed and no annoying ads. We cannot guarantee that every ebooks is available!
Author | : U.s. Government Accountability Office |
Publisher | : Createspace Independent Publishing Platform |
Total Pages | : 72 |
Release | : 2017-07-28 |
Genre | : |
ISBN | : 9781973961772 |
" Since 1997, GAO has designated federal information security as a government-wide high risk area, and in 2003 expanded this area to include computerized systems supporting the nation's critical infrastructure. In February 2015, in its high risk update, GAO further expanded this area to include protecting the privacy of personal information that is collected, maintained, and shared by both federal and nonfederal entities. FISMA required federal agencies to develop, document, and implement an agency-wide information security program. The act also assigned OMB with overseeing agencies' implementation of security requirements. FISMA also included a provision for GAO to periodically report to Congress on (1) the adequacy and effectiveness of agencies' information security policies and practices and (2) agencies' implementation of FISMA requirements. GAO analyzed information security-related reports and data from 24 federal agencies, their inspectors general, and OMB; reviewed prior GAO work; examined documents from OMB and DHS; and spoke to agency officials. "
Author | : United States. Government Accountability Office |
Publisher | : |
Total Pages | : 64 |
Release | : 2015 |
Genre | : Administrative agencies |
ISBN | : |
"Since 1997, GAO has designated federal information security as a government-wide high risk area, and in 2003 expanded this area to include computerized systems supporting the nation's critical infrastructure. In February 2015, in its high risk update, GAO further expanded this area to include protecting the privacy of personal information that is collected, maintained, and shared by both federal and nonfederal entities. FISMA required federal agencies to develop, document, and implement an agency-wide information security program. The act also assigned OMB with overseeing agencies' implementation of security requirements. FISMA also included a provision for GAO to periodically report to Congress on (1) the adequacy and effectiveness of agencies' information security policies and practices and (2) agencies' implementation of FISMA requirements. GAO analyzed information security-related reports and data from 24 federal agencies, their inspectors general, and OMB; reviewed prior GAO work; examined documents from OMB and DHS; and spoke to agency officials"--Publisher's web site.
Author | : United States. Government Accountability Office |
Publisher | : |
Total Pages | : 64 |
Release | : 2015 |
Genre | : Administrative agencies |
ISBN | : |
"Since 1997, GAO has designated federal information security as a government-wide high risk area, and in 2003 expanded this area to include computerized systems supporting the nation's critical infrastructure. In February 2015, in its high risk update, GAO further expanded this area to include protecting the privacy of personal information that is collected, maintained, and shared by both federal and nonfederal entities. FISMA required federal agencies to develop, document, and implement an agency-wide information security program. The act also assigned OMB with overseeing agencies' implementation of security requirements. FISMA also included a provision for GAO to periodically report to Congress on (1) the adequacy and effectiveness of agencies' information security policies and practices and (2) agencies' implementation of FISMA requirements. GAO analyzed information security-related reports and data from 24 federal agencies, their inspectors general, and OMB; reviewed prior GAO work; examined documents from OMB and DHS; and spoke to agency officials"--Publisher's web site.
Author | : U S Government Accountability Offi Gao |
Publisher | : |
Total Pages | : 72 |
Release | : 2019-06-20 |
Genre | : |
ISBN | : 9781073847570 |
FEDERAL INFORMATION SECURITY: Agencies Need to Correct Weaknesses and Fully Implement Security Programs
Author | : Gregory C. Wilshusen |
Publisher | : |
Total Pages | : 71 |
Release | : 2015-11-02 |
Genre | : |
ISBN | : 9781457870682 |
Author | : Gregory C. Wilshusen |
Publisher | : DIANE Publishing |
Total Pages | : 66 |
Release | : 2009-11 |
Genre | : Computers |
ISBN | : 1437919383 |
Weaknesses in info. security (IS) are a widespread problem that can have serious consequences -- such as intrusions by malicious users, compromised networks, and the theft of intellectual property and personally identifiable info. -- and has identified IS as a governmentwide high-risk issue since 1997. Concerned by reports of significant vulnerabilities in fed. computer systems, Congress passed the Fed. IS Mgmt. Act of 2002 (FISMA), which authorized and strengthened IS program, evaluation, and reporting requirements for fed. agencies. This report evaluates: (1) the adequacy and effectiveness of agencies' IS policies and practices; and (2) fed. agencies' implementation of FISMA requirements. Includes recommendations. Illustrations.
Author | : U. s. Government Accountability Office |
Publisher | : Createspace Independent Pub |
Total Pages | : 50 |
Release | : 2012-08-13 |
Genre | : Political Science |
ISBN | : 9781479121885 |
For many years, GAO has reported that weaknesses in information security can lead to serious consequences--such as intrusions by malicious individuals, compromised networks, and the theft of sensitive information including personally identifiable information--and has identified information security as a government wide high-risk area. The Federal Information Security Management Act of 2002 (FISMA) established information security program, evaluation, and annual reporting requirements for federal agencies. The act requires the Office of Management and Budget (OMB) to oversee and report to Congress on agency information security policies and practices, including agencies' compliance with FISMA. FISMA also requires that GAO periodically report to Congress on (1) the adequacy and effectiveness of agencies' information security policies and practices and (2) agencies' implementation of FISMA requirements. To do this, GAO analyzed information security-related reports and data from 24 major federal agencies, their inspectors general, OMB, and GAO. Weaknesses in information security policies and practices at 24 major federal agencies continue to place the confidentiality, integrity, and availability of sensitive information and information systems at risk. Consistent with this risk, reports of security incidents from federal agencies are on the rise, increasing over 650 percent over the past 5 years. Each of the 24 agencies reviewed had weaknesses in information security controls. An underlying reason for these weaknesses is that agencies have not fully implemented their information security programs. As a result, they have limited assurance that controls are in place and operating as intended to protect their information resources, thereby leaving them vulnerable to attack or compromise. In reports for fiscal years 2010 and 2011, GAO and agency inspectors general have made hundreds of recommendations to agencies for actions necessary to resolve control deficiencies and information security program shortfalls. Agencies generally agreed with most of GAO's recommendations and indicated that they would implement them. OMB, agencies, and the National Institute of Standards and Technology took actions intended to improve the implementation of security requirements, but more work is necessary. Beginning in fiscal year 2009, OMB provided agencies with a new online tool to report their information security postures and, in fiscal year 2010, instituted the use of new and revised metrics. Nevertheless, OMB's guidance for those metrics did not always provide performance targets for measuring improvement. In addition, weaknesses were identified in the processes agencies used to implement requirements. Specifically, agencies did not always ensure (1) personnel with significant responsibilities received training; (2) security controls were monitored continuously; (3) weaknesses were remediated effectively; and (4) incidents were resolved in a timely manner, among other areas. Until hundreds of recommendations are implemented and program weaknesses are corrected, agencies will continue to face challenges in securing their information and information systems. GAO is recommending that the Director of OMB provide performance targets for metrics included in OMB's annual FISMA reporting instructions to agencies and inspectors general. OMB stated it was more appropriate for those targets to be included in the performance metrics that are now issued separately by the Department of Homeland Security. GAO agrees that this meets the intent of its recommendation.
Author | : Gregory C. Wilshusen |
Publisher | : DIANE Publishing |
Total Pages | : 7 |
Release | : 2010-08 |
Genre | : Computers |
ISBN | : 1437918638 |
Addresses additional questions arising from the May 19, 2009, hearing on federal information security held by the Subcommittee on Government Management, Organization, and Procurement. In that hearing, there was a discussion on the current state of information security throughout the federal government and agency efforts to comply with the requirements of the Federal Information Security Management Act of 2002 (FISMA). Congress had the following two questions: (1) Comment on the need for improved cyber security relating to S.773, the proposed Cybersecurity Act of 2009; and (2) Provide recommendations to improve the Federal Information Security Management Act. This report provides the responses.
Author | : Gregory C. Wilshusen |
Publisher | : DIANE Publishing |
Total Pages | : 16 |
Release | : 2009-12 |
Genre | : |
ISBN | : 1437917631 |
Without proper safeguards, fed. agencies' computer systems are vulnerable to intrusions by individuals and groups who have malicious intentions and can obtain sensitive info., commit fraud, disrupt operations, or launch attacks against other computer systems and networks. Concerned by reports of significant weaknesses in fed. systems, Congress passed the Fed. Info. Security Mgmt. Act (FISMA), which permanently authorized and strengthened info. security program, evaluation, and annual reporting requirements for fed. agencies. This is testimony on a draft report on: (1) the adequacy and effectiveness of fed. agencies' info. security policies and practices; and (2) their implementation of FISMA requirements.
Author | : United States Government Accountability Office |
Publisher | : DIANE Publishing |
Total Pages | : 54 |
Release | : 2005 |
Genre | : Administrative agencies |
ISBN | : 1428931287 |