"This report presents the results of our annual audit of the information security program at the Department of Transportation. In accordance with the Federal Information Security Management Act of 2002 (FISMA), our objective was to determine the effectiveness of the Department's information security program, especially in the areas of (1) meeting the minimum Government security standards to protect sensitive information systems and data, (2) establishing a secure network operating environment at the Department's new Headquarters building and other key locations, (3) correcting security weaknesses identified previously in the air traffic control system, and (4) implementing earned value management to better monitor major information technology (IT) investment projects."
Department of Transportation, Office of Inspector General, Report No. FI-2008-001
Dept. of Transportation Office of Inspector General: http://www.oig.dot.gov