U.S. Department of Energy Evaluation Report: The Department's Unclassified Cyber Security Program - 2008 [open pdf - 402KB]
The Federal Information Security Management Act (FISMA) required the Office of Inspector General (IG) of the Department of Energy to conduct annual evaluations of the Department's unclassified cyber security program. This report presents the results of the evaluation for FY 2008. The IG concludes that "[t]he Department continues to make incremental improvements in its unclassified cyber security program. Our evaluation disclosed that various sites had taken action to address weaknesses previously indentified in our FY 2007 evaluation report by strengthening configuration management of networks and systems and by updating local policies and procedures related to laptop computers and incident reporting. […]. While these are positive accomplishments, additional action is required to further enhance the Department's unclassified cyber security program and help reduce risks to its systems and data."
Department of Energy, Office of Inspector General 0801; DOE/IG-0801
Office of the Inspector General, Department of Energy: http://www.ig.energy.gov/