Skip to main content

Information Security: Veterans Affairs Needs to Resolve Long-Standing Weaknesses

GAO-10-727T Published: May 19, 2010. Publicly Released: May 19, 2010.
Jump To:
Skip to Highlights

Highlights

Since 1997, GAO has identified information security as a governmentwide high-risk issue. This has been particularly true at the Department of Veterans Affairs (VA), where the department has been challenged in protecting the availability, confidentiality, and integrity of its information and systems. Since the 1990s, GAO has highlighted the challenges the department has faced, including the need to safeguard personal information. GAO was asked to testify on VA's progress in implementing information security and the department's compliance with the Federal Information Security Management Act of 2002 (FISMA), a comprehensive framework for securing federal information resources. In preparing this testimony, GAO analyzed prior GAO, Office of Management and Budget, VA Office of Inspector General, and VA reports related to the department's information security program.

Full Report

GAO Contacts

Gregory C. Wilshusen
Director
Information Technology and Cybersecurity

Media Inquiries

Sarah Kaczmarek
Managing Director
Office of Public Affairs

Topics

Computer securityConfidential communicationsCyber securityData integrityData lossEmployeesInformation disclosureInformation securityInformation systemsInformation technologyInternal controlsReporting requirementsRisk factorsRisk managementStandardsSystem vulnerabilitiesComplianceProgram implementation