The Department of the Treasury has inconsistently

implemented security controls to protect its information

systems and data, said the General Accounting Office in

a report looking at the effectiveness of the agency’s

information security controls in protecting the

confidentiality, and ensuring the integrity and

availability of the department’s systems and data.

It said longstanding information security weaknesses in

access controls, software changes, segregation of duties,

and service continuity have regularly been identified at

key Treasury bureaus such as IRS and the Financial

Management Service, leaving the information they manage

open to unauthorized access, use, disclosure, disruption,

modification, or destruction.

It also said the bureaus have not consistently implemented

key information security requirements, saying that most

Treasury systems did not meet requirement s for fiscal

year 2003 and that the percentage of those that did

decreased from 2002. Get Report