About | HeinOnline Law Journal Library | HeinOnline Law Journal Library | HeinOnline
LOG IN
LOG IN

IMTEC-93-10R 1 (1992-12-14)

handle is hein.gao/gaobackeq0001 and id is 1 raw text is: United States GAD4I General Accounting Office Wahington, D.C. 2048 Information Manaement and Technology Division B-[25 14 54 December 14, 1992 148127 Mr. Dallas L. Peck Director U.S. Geological Survey Dear Mr. Peck: We recently tested the use of an automated auditing software package, Expert Auditor, to assess technical and operational security controls of the National Earthquake Information Service's Seismic Data Analysis System (SEDAS). This test, which was conducted in cooperation with the Geological Survey, was valuable in helping us to assess how well this software worked. In addition, the test yielded some information about SEDAS security that you might find useful. This letter describes the results of our audit of SEDAS using Expert Auditor. Details of our objective, scope, and methodology are discussed in enclosure I SEDAS is a mission-critical system that provides information on the location of earthquakes to the academic community, the private sector, and to other government agencies throughout the U.S. and the world. This information is used to trigger rapid deployment of rescue teams and resulted in saving thousands of lives in the recent earthquakes in Romania and Iran. SECURITY CONTROLS ARE GENERALLY ADEQUATE SEDAS, in most respects, has adequate safeguards and controls in place to mitigate many of the security risks, such as loss of data and availability of service, associated with automation. Officials responsible for managing .and-operating the system were generally knowledgeable of computer security issues. These officials have appropriately put in place a variety of technical security controls, including passwords, backups, access controls, and physical security controls, to protect SEDAS and its computer resources. Although we identified security weaknesses concerning privacy data, GAO/IMTEC-93-10R, Geological Survey: Computer Security oq1tq to 1;

What Is HeinOnline?

HeinOnline is a subscription-based resource containing thousands of academic and legal journals from inception; complete coverage of government documents such as U.S. Statutes at Large, U.S. Code, Federal Register, Code of Federal Regulations, U.S. Reports, and much more. Documents are image-based, fully searchable PDFs with the authority of print combined with the accessibility of a user-friendly and powerful database. For more information, request a quote or trial for your organization below.



Contact us for annual subscription options:

Contact Us

Already a HeinOnline Subscriber?

Log In

profiles profiles most