http://www.metimes.com/Security/2008/12/16/analysis_fisma_not_real_security_measure/aab2/ By SHAUN WATERMAN UPI Homeland and National Security Editor December 16, 2008 WASHINGTON, Dec. 16 (UPI) -- An audit of information security at the Department of Justice says that though the agency got an A-plus rating under federal standards, those measure only processes on paper and that, in reality, no one knows how secure computers in the department -- and, by extension, the rest of the federal government -- are. The audit, by Justice Department Inspector General Glenn A. Fine, also noted that the department "lacks effective methodologies . for maintaining an inventory of devices connected to the department's various (information technology) networks." The Federal Information Security Management Act of 2002 says all federal departments and agencies must conduct yearly assessments to measure their compliance with information security standards in the act. In May the Justice Department's compliance was rated A-plus by the U.S. House Committee on Oversight and Government Reform. [...] _______________________________________________ Help InfoSecNews.org with a donation! http://www.infosecnews.org/donate.htmlReceived on Tue Dec 16 2008 - 22:15:15 PST
This archive was generated by hypermail 2.2.0 : Tue Dec 16 2008 - 22:20:59 PST