| Information Security: State Has Taken Steps to Implement a Continuous Monitoring Application, but Key Challenges Remain | |
| United States. Government Accountability Office. | |
| United States. Government Accountability Office. | |
| 关键词: Government accountability -- United States.; information technology; information security; information security; letter report; | |
| RP-ID : GAO-11-149 RP-ID : 320824 |
|
| 美国|英语 | |
| 来源: UNT Digital Library | |
 PDF
|
|
【 摘 要 】
A letter report issued by the Government Accountability Office with an abstract that begins "The Department of State (State) has implemented a custom application called iPost and a risk scoring program that is intended to provide continuous monitoring capabilities of information security risk to elements of its information technology (IT) infrastructure. Continuous monitoring can facilitate nearer real-time risk management and represents a significant change in the way information security activities have been conducted in the past. GAO was asked to determine (1) the extent to which State has identified and prioritized risk to the department in its risk scoring program; (2) how agency officials use iPost information to implement security improvements; (3) the controls for ensuring the timeliness, accuracy, and completeness of iPost information; and (4) the benefits and challenges associated with implementing iPost. To do this, GAO analyzed program documentation and compared it to relevant standards, interviewed and surveyed department officials, and performed analyses on iPost data."
【 预 览 】
| Files | Size | Format | View |
|---|---|---|---|
| 320824.pdf | 1910KB |  download |
878987797
028-85220240
