Home / Civilian / GAO Report: State’s Info Security Program Limited

GAO Report: State’s Info Security Program Limited

Photo: Python.org

The State Department has developed a system for identifying and prioritizing information security risks but it does not paint a complete picture, a Government Accountability Office report said.

The department developed iPost, a program providing continuous monitoring capabilities of information security risk. The department also developed a scoring system for iPost.

GAO said the State Department, by developing iPost, has been at the forefront of federal efforts in developing and implementing a continuous monitoring capability.

However, the iPost scoring system does not cover all areas affecting information security risk. GAO found iPost addresses Windows hosts but not other IT assets on State’s unclassified network, does not score all information security components and did not demonstrate the extent to which scores are based on risk factors.

GAO recommended the State Department improve iPost by documenting existing controls to ensure the timeliness, accuracy and completeness of iPost data. GAO also recommended the department’s chief information officer consistently notify senior managers of the need for corrective actions.

Click here to read the full report.

Check Also

GAO: Air Force to Deploy New Combat Rescue Helicopters to Active Component by FY 2020

The Government Accountability Office has found that the U.S. Air Force intends to start fielding in fiscal 2020 new Combat Rescue Helicopters to replace aging HH-60G Pave Hawk helicopters that have recorded the most flight time when it comes to staff recovery missions. GAO said in a report published Thursday the service will initially deploy the new helicopters to the active component six years ahead of the reserve component and to the Air National Guard by 2027.

Leave a Reply

Your email address will not be published. Required fields are marked *