Home / Cybersecurity / GAO Cites Gaps in NASA’s IT Mgmt Practices for Cybersecurity, Workforce Planning

GAO Cites Gaps in NASA’s IT Mgmt Practices for Cybersecurity, Workforce Planning

The Government Accountability Office has found deficiencies in NASA’s implementation of information technology management practices.

GAO said in a report published Tuesday those deficiencies were observed in the space agency’s practices for cybersecurity, governance, workforce and strategic planning.

NASA falls short of implementing an effective cybersecurity risk management process that includes the establishment of a data security program plan; cyber risk management strategy; executive oversight of risks; and related policies to safeguard information systems, according to the report.

“Until NASA leadership fully addresses these leading practices, its ability to ensure effective management of IT across the agency and manage cybersecurity risks will remain limited,” GAO wrote.

The congressional watchdog found that NASA does not evaluate staffing and competency requirements and has failed to document processes related to IT strategic planning in agreement to leading practices.

Check Also

GAO Reports on IRS Information Security

The Government Accountability Office has reviewed the Internal Revenue Service's data security and discovered 14 new vulnerabilities. GAO said Thursday that it evaluated IRS' information security controls in fiscal year 2018 and recommends the revenue agency to bolster protection of financial and taxpayer information.

Leave a Reply

Your email address will not be published. Required fields are marked *