Audits
NTSB Information Security Program
September 28, 2004
Project ID: FI-2004-097
Summary
We issued our final report on NTSB’s Information Security Program required by Federal Information Security Management Act of 2002. We found that NTSB needs to implement an agency-wide information security program and strengthen network security to prevent unauthorized access by insiders. We recommend that NTSB designate a Chief Information Officer, implement an information security management program and enhance NTSB network security.