AOH :: IS1677.HTM

Audit finds holes in security of government systems protecting financial data




Audit finds holes in security of government systems protecting financial data
Audit finds holes in security of government systems protecting financial data



http://gcn.com/articles/2009/02/02/fincen-020209.aspx 

By William Jackson
GCN.com
Feb 02, 2009

The Treasury Department bureau responsible for administering the Bank 
Secrecy Act is not doing enough to protect the sensitive financial data 
that it gathers and shares with other agencies and governments, 
according to an audit of its IT systems and practices.

The Financial Crimes Enforcement Network (FinCEN) has not ignored 
security, but inadequate documentation and implementation of security 
controls have left holes, the Government Accountability Office said in 
the report, "Further Actions Needed to Address Risks to Bank Secrecy Act 
Data."

FinCEN maintains its own IT systems and also uses those of the Treasury 
Communications System and the IRS. GAO found significant weaknesses in 
the ability to ensure the confidentiality, integrity and availability of 
the data in all three of the systems.

"A key reason for many of the weaknesses was that FinCEN and IRS had not 
fully implemented key information security program activities," the 
report said. "For example, FinCEN did not always include detailed 
implementation guidance in its policies and procedures and adequately 
test and evaluate information security controls."

[...]


_______________________________________________      
Best Selling Security Books & More!
http://www.shopinfosecnews.org/ 

Site design & layout copyright © 1986-2014 CodeGods