Accession Number:

AD1163973

Title:

Federal Information Security: Mixed Progress in Implementing Program Components; Improved Metrics Needed to Measure Effectiveness

Descriptive Note:

[Technical Report, Congressional Report]

Corporate Author:

GOVERNMENT ACCOUNTABILITY OFFICE WASHINGTON DC

Personal Author(s):

• Wilshusen, Gregory C.

Report Date:

2013-09-01

Pagination or Media Count:

61

Abstract:

FISMA requires the Comptroller General to periodically report to Congress on agency implementation of the acts provisions. To this end, this report summarizes GAOs evaluation of the extent to which agencies have implemented the requirements of FISMA, including the adequacy and effectiveness of agency information security policies and practices. To do this, GAO analyzed its previous information security reports, annual FISMA reports and other reports from the 24 major federal agencies, reports from inspectors general, and OMBs annual reports to Congress on FISMA implementation. GAO also interviewed agency officials at OMB, DHS, NIST, and 6 agencies selected using the total number of systems the agencies reported in fiscal year 2011.

Descriptors:

• cybersecurity
• business administration
• computer networks
• cyberattacks
• information systems
• security personnel
• computer security techniques
• personnel management
• test and evaluation
• united states government
• congress
• cyber threats
• electronic mail
• law
• national security
• social media
• computer network security

Subject Categories:

• Computer Systems Management and Standards
• Computer Programming and Software

Distribution Statement:

[A, Approved For Public Release]