Related to previous postings on the recent breach of Veterans’ data that was the focus of press and Congressional scrutiny, from GAO today, this report – Veterans Affairs: Leadership Needed to Address Information Security Weaknesses and Privacy Issues, full-text GAO-06-866T, and Highlights, June 14, 2006. From the report: “For many years, significant concerns have been raised about VA’s information security–particularly its lack of a robust information security program, which is vital to avoiding the compromise of government information, including sensitive personal information. Both GAO and the department’s inspector general have reported recurring weaknesses in such areas as access controls, physical security, and segregation of incompatible duties.”
Related government documents:
Press release: “Vulnerabilities in the Department of Veterans Affairs Information Technology Department (VA IT) were exposed and made worse when cyber security recommendations went unheeded, House Committee on Veterans Affairs Chairman Steve Buyer (R-Ind.) assessed during a Full Committee Oversight hearing. Testimony from past VA inspectors general (IG) and the Government Accountability Office (GAO) highlighted the failure or lack of internal controls which ultimately contributed to the recent security breach of personal and sensitive information belonging to approximately 26.5 million veterans as well as active duty and reserve component servicemembers. This is the second in a series of committee hearings that will be held in connection with VA IT security.”
Hearing on the Repeated Failures of VA’s Information Technology Management, June 14, 2006. Link to prepared witness testimony.
Sorry, comments are closed for this post.