Energy struggles with IT security, financial systems
- By Patience Wait
- Dec 19, 2005
Two reports just released by the Energy Department's inspector general are critical of the department's cybersecurity efforts.
In a special report
released Dec. 19, cybersecurity is one of seven areas that IG Gregory Friedman considers a significant management challenge for the department.
'[O]ur annual evaluation of the department's unclassified cybersecurity program noted weaknesses that could compromise critical systems if left uncorrected,' the report stated. 'We found problems with ensuring that: (1) only authorized individuals could access information resources; (2) duties and responsibilities for processing financial transactions were properly segregated; and (3) modifications to applications and systems were authorized and properly controlled.'
Other significant challenges facing Energy include national security issues, contract administration, project management, and financial management and reporting.
In the area of financial management, in a separate memo to Energy secretary Samuel Bodman dated Nov. 14 but posted
to the IG's Web site in the past few days, Friedman reported that the department failed its financial audit for fiscal 2005. He attributed much of the failure to problems in implementing a new accounting system.
Friedman included the problems with cybersecurity in unclassified networks in his report on the audit.
'The identified weaknesses and vulnerabilities increased the risk that malicious destruction or alteration of data or unauthorized processing could occur,' he wrote.