[ISN] Auditors: Coast Guard, FEMA weak on controls

From: InfoSec News <alerts_at_private>
Date: Wed, 29 Apr 2009 01:43:37 -0500 (CDT)
http://fcw.com/articles/2009/04/28/coast-guard-and-fema-weak-on-it-controls-say-auditors.aspx

By Alice Lipowicz
FCW.com
April 28, 2009

The Coast Guard made more progress than the Federal Emergency Management 
Agency in securing information technology systems in fiscal 2008, 
according to two new audits [1] released by Homeland Security Department 
Inspector General Richard Skinner.

The DHS agencies have material weakness in IT controls overall, although 
they are experiencing fewer deficiencies than in the previous year, 
according to audits conducted by KPMG and released by Skinner April 27.

Auditors found 22 weaknesses in IT controls at the Coast Guard in fiscal 
2008 — 21 repeat findings and one new finding. However, the service has 
made progress since fiscal 2007, when auditors found 42 IT-related 
control deficiencies, of which 40 were repeat problems.

In the new audit, the company found problems with application software 
development and change controls, access controls, service continuity and 
entitywide security planning and management. 

[1] http://www.dhs.gov/xoig/rpts/mgmt/editorial_0334.shtm

[...]


--
LayerOne 2009, Information Security for the discerning professional. 
May 23-24 2009 @ The Anaheim Marriott in Anaheim, California 
Visit http://layerone.info for more information
Received on Tue Apr 28 2009 - 23:43:37 PDT

This archive was generated by hypermail 2.2.0 : Tue Apr 28 2009 - 23:56:42 PDT