Confidential communication (1 - 10 of 26 items)
Information Security: Weak Controls Place DC Highway Trust Fund and Other Data at Risk
GAO-01-155: Published: Jan 31, 2001. Publicly Released: Jan 31, 2001.
GAO reviewed information system general controls over the financial systems that process and account for the financial activities of the District of Columbia's Highway Trust Fund. GAO identified serious computer security weaknesses that place District information at risk of deliberate or inadvertent misuse. These general control problems affected the District's ability to (1) prevent or detect una...
Internet Privacy: Comparison of Federal Agency Practices With FTC's Fair Information Principles
GAO-01-113T: Published: Oct 11, 2000. Publicly Released: Oct 11, 2000.
This testimony compares federal agency Internet privacy policies with the Federal Trade Commission's (FTC) fair information principles. The World Wide Web requires the collection of certain data, such as Internet addresses, from individuals who visit web sites. However, the collection of even this most basic data can be controversial because of the public's apprehension about what information is c...
VA Information Systems: Computer Security Weaknesses Persist at the Veterans Health Administration
AIMD-00-232: Published: Sep 8, 2000. Publicly Released: Sep 8, 2000.
Pursuant to a legislative requirement, GAO reviewed information system general controls over financial and sensitive veteran medical information maintained by the Veterans Health Administration (VHA), focusing on: (1) specific computer security weaknesses GAO identified at the New Mexico and North Texas health care systems in conjunction with the audit of the Department of Veterans Affairs (VA) fi...
GGD-00-191: Published: Sep 5, 2000. Publicly Released: Sep 5, 2000.
Pursuant to a congressional request, GAO provided information on whether agencies were adhering to the Office of Management and Budget's (OMB) memorandum requiring federal agencies to post privacy policies on their Internet Websites, focusing on: (1) whether agencies have clearly labelled and easily accessed privacy policies posted on their principal Web sites; (2) whether agencies' privacy polici...
Information Security: Vulnerabilities in DOE's Systems for Unclassified Civilian Research
AIMD-00-140: Published: Jun 9, 2000. Publicly Released: Jun 30, 2000.
Pursuant to a congressional request, GAO reviewed the security of the Department of Energy's (DOE) unclassified information systems that support its civilian research programs, focusing on: (1) whether DOE's unclassified systems for civilian research are vulnerable to unauthorized access; (2) whether DOE is effectively managing information systems security; and (3) what DOE is doing to address the...
Information Security: Comments on Proposed Government Information Act of 1999
T-AIMD-00-107: Published: Mar 2, 2000. Publicly Released: Mar 2, 2000.
Pursuant to a congressional request, GAO discussed S. 1993, the Government Information Security Act of 1999 and its impact on strengthening the information security practices throughout the federal government, focusing on: (1) potential improvements in federal agency performance in addressing computer security issues; (2) the need for better-defined control standards; and (3) centralized leadershi...
Information Security: Fundamental Weaknesses Place EPA Data and Operations at Risk
T-AIMD-00-97: Published: Feb 17, 2000. Publicly Released: Feb 17, 2000.
Pursuant to a congressional request, GAO discussed its recent review of information security at the Environmental Protection Agency (EPA).GAO noted that: (1) GAO's review found serious and pervasive problems that essentially render EPA's agencywide information security program ineffective; (2) current security program planning and management is largely a paper exercise that has done little to subs...
Information Security: Responses to Posthearing Questions
AIMD-00-46R: Published: Nov 30, 1999. Publicly Released: Nov 30, 1999.
Pursuant to a congressional request, GAO responded to questions concerning its October 1999 testimony on the information security weaknesses at 22 federal agencies, focusing on: (1) whether GAO has taken the necessary steps since its previous testimony to ensure that identified security lapses at three agencies were quickly and permanently closed; (2) how agencies are addressing and responding to...
Information Systems: The Status of Computer Security at the Department of Veterans Affairs
AIMD-00-5: Published: Oct 4, 1999. Publicly Released: Oct 4, 1999.
Pursuant to a legislative requirement, GAO reported on the status of computer security throughout the Department of Veterans Affairs (VA).GAO noted that: (1) in September 1998, GAO reported that VA's information system controls placed critical department operations, such as financial management, health care delivery, benefit payments, and other operations, at risk of misuse and disruption; (2) sin...
Information Security: The Proposed Computer Security Enhancement Act of 1999
T-AIMD-99-302: Published: Sep 30, 1999. Publicly Released: Sep 30, 1999.
Pursuant to a congressional request, GAO discussed the proposed Computer Security Enhancement Act of 1999 (H.R. 2413), focusing on: (1) the urgent need to strengthen computer security across the federal government; (2) the current and future privacy concerns with any computer security legislation; (3) GAO's views on the proposed act; and (4) what can be done to further strengthen security program...