The Financial Crimes Enforcement Network (FinCEN) relies extensively on its own computer systems, as well as those at the IRS to administer the Bank Secrecy Act (BSA) and fulfill its mission of safeguarding the U.S. financial system from financial crimes. Effective info. security controls over these systems are essential to ensuring that BSA data, which contains sensitive financial info. used by law enforcement agencies to prosecute financial crime, is protected from inappropriate or deliberate misuse, improper disclosure, or destruction. This report evaluated whether security controls that effectively protect the confidentiality, integrity, and availability of the info. and systems that support FinCEN's mission have been implemented. Illus.

NASA relies extensively on information systems and networks to pioneer space exploration, scientific discovery, and aeronautics research. Many of these systems and networks are interconnected through the Internet, and may be targeted by evolving and growing cyber threats from a variety of sources. This report: (1) determines whether NASA has implemented appropriate controls to protect the confidentiality, integrity, and availability of the information and systems used to support NASA¿s mission directorates; and (2) assesses NASA¿s vulnerabilities in the context of prior incidents and corrective actions. The report examined network and system controls in place at 3 centers; and analyzed IS policies, plans, and reports.

Weaknesses in information security (IS) in the fed. gov¿t. are a problem with potentially devastating consequences -- such as intrusions by malicious users, compromised networks, & the theft of personally identifiable info; it is a high-risk issue. Concerned by reports of significant vulnerabilities in fed. computer systems, Congress passed the Fed. Info. Security Mgmt. Act of 2002 (FISMA), which authorized & strengthened the IS program, eval¿n., & reporting require. for fed. agencies. This testimony discusses security incidents reported at fed. agencies, the continued weaknesses in IS controls at major fed. agencies, agencies¿ progress in performing key control activities, & oppor. to enhance FISMA reporting & independent evaluations. Tables.