Information Security: Weaknesses Continue Amid New Federal Efforts To Imple...

Description: Please refer to the section BELOW (and NOT ABOVE) this line for the product details - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Title:Information Security: Weaknesses Continue Amid New Federal Efforts To Implement RequirementsISBN13:9781479121885ISBN10:1479121886Author:Government, U. S. (Contribution by), Office, U. S. Government Accountability (Author)Description:(This is a RePrint) - For Many Years, Gao Has Reported That Weaknesses In Information Security Can Lead To Serious Consequences--Such As Intrusions By Malicious Individuals, Compromised Networks, And The Theft Of Sensitive Information Including Personally Identifiable Information--And Has Identified Information Security As A Government Wide High-Risk Area The Federal Information Security Management Act Of 2002 (Fisma) Established Information Security Program, Evaluation, And Annual Reporting Requirements For Federal Agencies The Act Requires The Office Of Management And Budget (Omb) To Oversee And Report To Congress On Agency Information Security Policies And Practices, Including Agencies' Compliance With Fisma Fisma Also Requires That Gao Periodically Report To Congress On (1) The Adequacy And Effectiveness Of Agencies' Information Security Policies And Practices And (2) Agencies' Implementation Of Fisma Requirements To Do This, Gao Analyzed Information Security-Related Reports And Data From 24 Major Federal Agencies, Their Inspectors General, Omb, And Gao Weaknesses In Information Security Policies And Practices At 24 Major Federal Agencies Continue To Place The Confidentiality, Integrity, And Availability Of Sensitive Information And Information Systems At Risk Consistent With This Risk, Reports Of Security Incidents From Federal Agencies Are On The Rise, Increasing Over 650 Percent Over The Past 5 Years Each Of The 24 Agencies Reviewed Had Weaknesses In Information Security Controls An Underlying Reason For These Weaknesses Is That Agencies Have Not Fully Implemented Their Information Security Programs As A Result, They Have Limited Assurance That Controls Are In Place And Operating As Intended To Protect Their Information Resources, Thereby Leaving Them Vulnerable To Attack Or Compromise In Reports For Fiscal Years 2010 And 2011, Gao And Agency Inspectors General Have Made Hundreds Of Recommendations To Agencies For Actions Necessary To Resolve Control Deficiencies And Information Security Program Shortfalls Agencies Generally Agreed With Most Of Gao's Recommendations And Indicated That They Would Implement Them Omb, Agencies, And The National Institute Of Standards And Technology Took Actions Intended To Improve The Implementation Of Security Requirements, But More Work Is Necessary Beginning In Fiscal Year 2009, Omb Provided Agencies With A New Online Tool To Report Their Information Security Postures And, In Fiscal Year 2010, Instituted The Use Of New And Revised Metrics Nevertheless, Omb's Guidance For Those Metrics Did Not Always Provide Performance Targets For Measuring Improvement In Addition, Weaknesses Were Identified In The Processes Agencies Used To Implement Requirements Specifically, Agencies Did Not Always Ensure (1) Personnel With Significant Responsibilities Received Training; (2) Security Controls Were Monitored Continuously; (3) Weaknesses Were Remediated Effectively; And (4) Incidents Were Resolved In A Timely Manner, Among Other Areas Until Hundreds Of Recommendations Are Implemented And Program Weaknesses Are Corrected, Agencies Will Continue To Face Challenges In Securing Their Information And Information Systems Gao Is Recommending That The Director Of Omb Provide Performance Targets For Metrics Included In Omb's Annual Fisma Reporting Instructions To Agencies And Inspectors General Omb Stated It Was More Appropriate For Those Targets To Be Included In The Performance Metrics That Are Now Issued Separately By The Department Of Homeland Security Gao Agrees That This Meets The Intent Of Its Recommendation Binding:Paperback, PaperbackPublisher:Createspace Independent Publishing PlatformPublication Date:2012-08-13Weight:0.31 lbsDimensions:0.1'' H x 11.02'' L x 8.5'' WNumber of Pages:50Language:English

Price: 17.25 USD

Location: USA

End Time: 2024-11-22T09:40:55.000Z

Shipping Cost: 0 USD