Source: NASA Office of Inspector General
Posted Friday, November 12, 2010
Annual Report, "Federal Information Security Management Act: Fiscal Year
2010 Report from the Office of Inspector General" (IG-11-005, November
10, 2010) Full report 
This annual report, submitted as a memorandum from the Inspector General
to the NASA Administrator, provides the Office of Management and Budget
(OMB) with our independent assessment of NASA's information technology
(IT) security posture. For FY 2010, we adopted a risk-based approach in
which we selected high- and moderate-impact non-national security Agency
systems for review. We examined 40 systems that included systems from
all 10 NASA Centers, NASA Headquarters, and the NASA Shared Services
Although our audit work identifies challenges to and weaknesses in
NASA's information technology (IT) security program, we believe that the
Agency is steadily working to improve its overall IT security posture.
Our report to OMB cited that NASA established a program for
certification and accreditation, security configuration management,
incident response and reporting, security training, Plans of Actions and
Milestones, remote access, account and identity management, continuous
monitoring, business continuity/disaster recovery, and overseeing
systems operated by contractors. However, we found that internal
controls for these areas needed improvements.
Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery
Network, Cisco Switches, SAS 70 Type II Datacenter.
Find peace of mind, Defend your Critical Infrastructure.