Identification and Authentication Policy

Gimble, Thomas F.; Ugone, Mary L.; Pearson, Dianna J.; Truex, Kathryn M.; Cherry, H. G.

Identification and Authentication Policy

Active / Technical Report | Accession Number: ADA373143 |

Open PDF

Abstract:

The overall audit objective was to evaluate the adherence of system users to DoD information systems security policy, during and after year 2000 conversion efforts. Specifically, we were to determine the security procedures used for contractor support of year 2000 efforts, using as criteria the requirements of Administrative Instruction 26, Chapter 11, and Section 5.1.1. We will accomplish the audit objective in two phases. In this phase, we reviewed current DoD Component policies on the use of identification and authentication controls to access information systems. In the second phase, we will review procedures for identification and authentication for year 2000 renovated systems at selected locations.

Author(s):

Gimble, Thomas F. ; Ugone, Mary L. ; Pearson, Dianna J. ; Truex, Kathryn M. ; Cherry, H. G.

Author Organization(s):

INSPECTOR GENERAL DEPT OF DEFENSE ARLINGTON VA

Descriptive Note:

Audit rept.,

Pagination:

0031

Security Markings

DOCUMENT & CONTEXTUAL SUMMARY

Distribution:

Approved For Public Release

RECORD

Collection: TR

Identifying Numbers

Report Number(s):

IG/DOD-D-2000-058

Monitor Series:

IG/DOD

Subject Terms

Joint Capability Areas:

JCA_5_Command and Control; JCA_5.5_Direct; JCA_5.5.1_Communicate Intent and Guidance; JCA_5.6_Monitor; JCA_5.4_Decide; JCA_5.4.3_Establish Rule Sets; JCA_5.3_Planning; JCA_6_Net Centric; JCA_7.1.2_Prevent Non-kinetic Attack; JCA_7.1_Prevent; JCA_7_Protection; JCA_5.6.4_Assess Guidance; JCA_6.4.1_Secure Information Exchange; JCA_5.6.3_Assess Achievement of Objectives; JCA_6.4.2_Protect Data and Networks; JCA_6.4_Information Assurance; JCA_3_Force Application; JCA_3.2_Engagement; JCA_3.2.2_Non-Kinetic Means; JCA_5.3.2_Apply Situational Understanding; JCA_4.2.1_Manage Supplies and Equipment

Modernization Areas:

Cyber

Communities of Interest:

Cyber

Descriptor(s):

*MANAGEMENT PLANNING AND CONTROL, *ELECTRONIC SECURITY, *AUDITING, DEPARTMENT OF DEFENSE, POLICIES, INFORMATION SYSTEMS, DATA PROCESSING SECURITY, IDENTIFICATION, COMPUTER PROGRAM RELIABILITY, COMPUTER ACCESS CONTROL

Field(s)/Group(s):

Administration and Management, Computer Systems Management and Standards

Keyword(s):

AQ I00 05 1172, AUDIT REPORTS, YEAR 2000, AUTHENTICATION

Report Date:

1999 Dec 20

Creation Date:

2000 Feb 16