Forwarded from: William Knowles <wkat_private> http://www.gcn.com/vol1_no1/daily-updates/20398-1.html By Wilson P. Dizard III GCN Staff 11/01/02 The State Department's information system security remains weak a year after the department was told of serious flaws, according to a recent report by the State inspector general's office. The IG reviewed system security in accordance with the Government Information Security Reform Act, which calls for annual reviews. Even though State made a plan for certifying and accrediting its systems, it has no timetable, according to the IG. Department officials had certified and accredited only 4 percent of systems by August, the report said. In addition, even though 72 percent of the department's 358 systems have security classifications, only 15 percent have security plans, it said. Investigators also found problems at overseas posts, where the information system security officers "generally were not performing all the requisite duties," the report said. None of the 11 posts visited by the investigators had information security plans, according to the report, which also criticized poor management, technical and operational controls that increase "the risk to mission operations." The IG's office said it will make recommendations to correct the problems. State officials did not respond to repeated requests for comment on the report. *==============================================================* "Communications without intelligence is noise; Intelligence without communications is irrelevant." Gen Alfred. M. Gray, USMC ================================================================ C4I.org - Computer Security, & Intelligence - http://www.c4i.org *==============================================================* - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Mon Nov 04 2002 - 00:50:39 PST