AOH :: ISNQ7116.HTM

NASA OIG: Annual Report, "Federal Information Security Management Act: Fiscal Year 2010 Report from the Office of Inspector General [I




NASA OIG: Annual Report, "Federal Information Security Management Act: Fiscal Year 2010 Report from the Office of Inspector General
NASA OIG: Annual Report, "Federal Information Security Management Act: Fiscal Year 2010 Report from the Office of Inspector General



http://www.spaceref.com/news/viewsr.html?pid=35306 

Source: NASA Office of Inspector General
Posted Friday, November 12, 2010

Annual Report, "Federal Information Security Management Act: Fiscal Year 
2010 Report from the Office of Inspector General" (IG-11-005, November 
10, 2010) Full report [1]

This annual report, submitted as a memorandum from the Inspector General 
to the NASA Administrator, provides the Office of Management and Budget 
(OMB) with our independent assessment of NASA's information technology 
(IT) security posture. For FY 2010, we adopted a risk-based approach in 
which we selected high- and moderate-impact non-national security Agency 
systems for review. We examined 40 systems that included systems from 
all 10 NASA Centers, NASA Headquarters, and the NASA Shared Services 
Center.

Although our audit work identifies challenges to and weaknesses in 
NASA's information technology (IT) security program, we believe that the 
Agency is steadily working to improve its overall IT security posture.

Our report to OMB cited that NASA established a program for 
certification and accreditation, security configuration management, 
incident response and reporting, security training, Plans of Actions and 
Milestones, remote access, account and identity management, continuous 
monitoring, business continuity/disaster recovery, and overseeing 
systems operated by contractors. However, we found that internal 
controls for these areas needed improvements.

[1] http://oig.nasa.gov/audits/reports/FY11/IG-11-005-summary.pdf 

[...]


___________________________________________________________      
Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery 
Network, Cisco Switches, SAS 70 Type II Datacenter. 
Find peace of mind, Defend your Critical Infrastructure.
http://www.tegataiphoenix.com/ 

Site design & layout copyright © 1986-2014 CodeGods