Put together, two IRS audits illustrate a major concern many security pros have about FISMA audits: They're checklists of whether organizations comply with regulations that require specific processes but do not determine if the processes are effective.
Federal government auditors have identified weaknesses in the technical controls protecting the security of the federally run Obamacare HealthCare.gov website and systems, which they say create increased and unnecessary risks.
Because of increasing cyber-attacks against government agencies, the inspector general says it's crucial for the State Department to address the continuing weaknesses in its information security program.
A combination of technical and managerial problems set the stage for hackers to breach a Department of Energy database last summer, a new report shows. The incident cost the department millions of dollars.
All businesses, regardless of industry, need to manage the exploding universe of identities, devices and data that employees require to do their jobs. And the growing use of mobile devices and cloud computing means risk management and compliance is extending beyond traditional enterprise boundaries. Add regulatory...
Federal regulators plan to launch a permanent HIPAA compliance audit program in 2014 that targets a larger number of organizations but covers a narrower scope of issues. Learn the details the nation's top HIPAA enforcer revealed.
A government audit reveals that the Census Bureau does not do a good enough job protecting the confidentiality of its data - a stinging conclusion, considering the bureau collects personal information about every individual residing in the United States.
The Government Accountability Office is preparing a comprehensive analysis of the nation's cybersecurity strategy to determine its effectiveness in securing government IT and critical information infrastructures.
More than half of U.S. Department of Energy desktop systems tested by the inspector general failed to apply security patches for known vulnerabilities, though the software fixes were issued months earlier.