By SHAUN WATERMAN
UPI Homeland and National Security Editor
December 16, 2008
WASHINGTON, Dec. 16 (UPI) -- An audit of information security at the
Department of Justice says that though the agency got an A-plus rating
under federal standards, those measure only processes on paper and that,
in reality, no one knows how secure computers in the department -- and,
by extension, the rest of the federal government -- are.
The audit, by Justice Department Inspector General Glenn A. Fine, also
noted that the department "lacks effective methodologies . for
maintaining an inventory of devices connected to the department's
various (information technology) networks."
The Federal Information Security Management Act of 2002 says all federal
departments and agencies must conduct yearly assessments to measure
their compliance with information security standards in the act.
In May the Justice Department's compliance was rated A-plus by the U.S.
House Committee on Oversight and Government Reform.
Help InfoSecNews.org with a donation!