Nearly half of the 34 departmental posts and bureaus audited by the inspector general from April to September 2006 displayed shortcomings in IT security, according to the report.
These shortcomings were apparent in classified data being stored in unclassified systems, inadequate separation of duties among IT employees and missing or inadequate documentation on security settings used to protect data.
Despite progress in addressing privacy and in reporting computer hacking incidents, the department also shows inadequacies in its Federal Information Security Management compliance and documentation.
The link for this article located at GCN is no longer available.
