http://www.spaceref.com/news/viewsr.html?pid=35306 Source: NASA Office of Inspector General Posted Friday, November 12, 2010 Annual Report, "Federal Information Security Management Act: Fiscal Year 2010 Report from the Office of Inspector General" (IG-11-005, November 10, 2010) Full report [1] This annual report, submitted as a memorandum from the Inspector General to the NASA Administrator, provides the Office of Management and Budget (OMB) with our independent assessment of NASA's information technology (IT) security posture. For FY 2010, we adopted a risk-based approach in which we selected high- and moderate-impact non-national security Agency systems for review. We examined 40 systems that included systems from all 10 NASA Centers, NASA Headquarters, and the NASA Shared Services Center. Although our audit work identifies challenges to and weaknesses in NASA's information technology (IT) security program, we believe that the Agency is steadily working to improve its overall IT security posture. Our report to OMB cited that NASA established a program for certification and accreditation, security configuration management, incident response and reporting, security training, Plans of Actions and Milestones, remote access, account and identity management, continuous monitoring, business continuity/disaster recovery, and overseeing systems operated by contractors. However, we found that internal controls for these areas needed improvements. [1] http://oig.nasa.gov/audits/reports/FY11/IG-11-005-summary.pdf [...] ___________________________________________________________ Tegatai Managed Colocation: Four Provider Blended Tier-1 Bandwidth, Fortinet Universal Threat Management, Natural Disaster Avoidance, Always-On Power Delivery Network, Cisco Switches, SAS 70 Type II Datacenter. Find peace of mind, Defend your Critical Infrastructure. http://www.tegataiphoenix.com/Received on Sun Nov 14 2010 - 22:15:54 PST
This archive was generated by hypermail 2.2.0 : Sun Nov 14 2010 - 22:22:56 PST