GAO COMMITS TO REPORT TO DINGELL, BARTON, OTHER KEY LAWMAKERS BY APRIL 15, 2005, ON INFORMATION SECURITY AT CRITICAL FINANCIAL MARKET ORGANIZATIONSWashington, D.C. – Rep. John D. Dingell (D-Mich), Ranking Member of the House Committee on Energy and Commerce, today released a commitment letter dated November 22, 2004, from the Government Accountability Office (GAO), agreeing to submit a report by April 15, 2005, to Energy and Commerce requesters on the findings of GAO’s in-depth review of the adequacy of the information security programs at seven critical financial market organizations. According to GAO, these organizations either perform a unique function necessary to the markets or operate on such a large scale that disruption in the operations of one of these organizations would severely impair the ability of the financial markets to function. Because of the highly sensitive nature of these operations, the organizations will not be identified by name in the report and the results of this work will be summarized in correspondence that will describe actions being taken by the organizations to address problems identified by GAO. GAO’s work will assess whether the information security programs at these organizations have (1) appropriate policies and management oversight, (2) controls that appear to be sufficient to prevent unauthorized access, (3) intrusion detection systems capable of identifying cyber attacks on all critical systems, and (4) regular vulnerability assessments that review all relevant aspects of all critical systems. This report was requested by letter dated February 12, 2003, from Reps. Barton, Dingell, Upton, Markey, Stearns, and Schakowsky, and is a companion to GAO’s September 27, 2004 report, Potential Terrorist Attacks: Additional Actions Needed to Better Prepare Critical Financial Market Participants. The Committee on Energy and Commerce has jurisdiction over the communications networks on which financial markets and other strategic industries rely. -30- |
||
|