BankInfoSecurity.com - Banking Information Security News, Regulations, & Education  

Username:
Password:
Anti-Money Laundering
Business Continuity & Disaster Recovery
Leadership Management
Physical Security
Training & Education
Webinar Calendar
Vendor Directory
Products
Events
 

GAO

< Back

 Institutions Face Bewildering Web of Breach Notification Statutes: GAO Report

The latest disclosure of a data breach involving financial information points up the need for a comprehensive response program, including complying with federal and state notification laws. Fidelity National Information Services revealed in July that a former employee of its Certegy check processing unit stole consumer information and sold it to a data broker, who in turn sold it to several direct marketing organizations. The incident didn’t involve any intrusion into Certegy’s information systems.

> Read entire article (log in required - registration is free) TOP


 Government Information Security Reform

In addition, GAO is committed to fulfilling the objectives of the Federal Financial Management Improvement Act of 1996. Although not subject to FFMIA, GAO voluntarily complies with its requirements. We believe that we have implemented and maintained financial systems that comply substantially with federal financial management systems requirements, applicable federal accounting standards, and the United States Government Standard General Ledger at the transaction level as of September 30, 2001, and for the fiscal year then ended. GAO made this assessment based on criteria established under FFMIA and guidance issued by OMB. Also, GAO’s auditor reported that GAO had substantially complied with the applicable requirements of FFMIA for the fiscal year ended September 30, 2001.

GAO’s inspector general conducts audits and investigations and functions as an independent fact-gathering and technical adviser to the comptroller general. This year, as a result of the inspector general’s efforts, we have improved our policies and internal controls on the use of purchase and travel cards, oversight of unexpended prior-fiscal-year obligations, administering security clearances, and tracking continuing professional education credits earned by GAO employees.

> Read entire article (log in required - registration is free) TOP


 FDIC Information Security: Improvements Made but Weaknesses Remain

To the Board of Directors Federal Deposit Insurance Corporation:

We reviewed information systems general controls[Footnote 1] in connection with our calendar year 2001 financial statement audits of the Federal Deposit Insurance Corporation’s (FDIC) Bank Insurance Fund, Savings Association Insurance Fund, and FSLIC (Federal Savings and Loan Insurance Corporation) Resolution Fund.[Footnote 2] Effective information system controls are essential to ensuring that financial information is adequately protected from inadvertent or deliberate misuse, fraudulent use, improper disclosure, or destruction. Such controls also affect the security and reliability of nonfinancial information, such as personnel and bank examination information maintained by FDIC. Our evaluation included a follow-up review of the information security weaknesses identified at FDIC in our financial statement audits for calendar year 2000.[Footnote 3]

This report summarizes weaknesses in information systems controls over FDIC’s computer systems. We are also issuing a report designated for “Limited Official Use Only,” which describes in more detail the computer security weaknesses identified and offers specific recommendations for correcting them.

> Read entire article (log in required - registration is free) TOP







Terms of Service | Advertise | Archive | Site Map | Contact | Bank Information Security RSS Syndication RSS Syndication
Copyright © 2007 BankInfoSecurity.com