GAO: Security, privacy controls threaten U.S. Visit

The Homeland Security Department has been so slow in assessing and testing basic system security and privacy controls for the U.S. Visitor and Immigrant Status Indicator Technology that it may be jeopardizing the success of the program, according to a new report from the Government Accountability Office.

U.S. Visit uses sophisticated technology systems to check fingerprints and photographs from foreign visitors arriving in the United States to verify their identities. The multibillion-dollar program is intended to serve as one of the cornerstones of the nation's immigration and border control policy.

GAO has been reviewing the program's effectiveness since 2002, and has made 18 strategic recommendations for management improvements.

The key recommendation, which GAO issued about 30 months ago and that has yet to be adopted, is to develop and begin implementing a system security plan and a privacy impact assessment.

Overall, DHS has implemented just two of the 18 recommendations, partially completed 11 and is just beginning on five, GAO said.

'Although considerable time has passed since the recommendations were made, key actions have not yet been taken,' GAO said. The department lags in assessing security risks and planning cost-effective controls to address the risks, weighing the project's value against its cost and risk, and testing the controls, the report said.

The department has been stalled for two years or more on seven of the 11 partially finished goals, and for more than 10 months on seven of the other goals, the GAO said.

'The longer that U.S. Visit takes to implement the recommendations, the greater the risk that the program will not meet its stated goals on time and within budget,' the report states.

Alice Lipowicz is a staff writer for Government Computer News' sister publication, Washington Technology.

About the Author

Alice Lipowicz is a staff writer covering government 2.0, homeland security and other IT policies for Federal Computer Week.

inside gcn

  • Phishing

    Phishing is still a big problem, but users can help shrink it

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group