The Department of the Treasury has inconsistently
implemented security controls to protect its information
systems and data, said the General Accounting Office in
a report looking at the effectiveness of the agency’s
information security controls in protecting the
confidentiality, and ensuring the integrity and
availability of the department’s systems and data.
It said longstanding information security weaknesses in
access controls, software changes, segregation of duties,
and service continuity have regularly been identified at
key Treasury bureaus such as IRS and the Financial
Management Service, leaving the information they manage
open to unauthorized access, use, disclosure, disruption,
modification, or destruction.
It also said the bureaus have not consistently implemented
key information security requirements, saying that most
Treasury systems did not meet requirement s for fiscal
year 2003 and that the percentage of those that did
decreased from 2002. Get Report