ABSTRACT

Information Security: SEC Needs to Improve Controls over Financial Systmes and Data, Report to the Chair, U.S. Securities and Exchange Commission   [open pdf - 567KB]

From the Highlights: "SEC [Securities and Exchange Commission] is responsible for enforcing securities laws, issuing rules and regulations that protect investors, and helping to ensure that securities markets are fair and honest. In carrying out its mission, the commission relies extensively on computerized systems that collect and process financial and sensitive information. Accordingly, it is essential that SEC have effective information security controls in place to protect this information from misuse, fraudulent use, improper disclosure, manipulation, or destruction. As part of its audit of SEC's fiscal years 2013 and 2012 financial statements, GAO assessed the commission's information security controls. The objective was to determine the effectiveness of information security controls for protecting the confidentiality, integrity, and availability of SEC's key financial systems and information. To do this, GAO [Government Accountability Office] assessed security controls in key areas by reviewing SEC documents, testing selected systems, and interviewing relevant officials."

Report Number:
GAO-14-419
Publisher:
Date:
2014-04
Copyright:
Public Domain
Retrieved From:
Government Accountability Office: http://www.gao.gov/
Format:
pdf
Media Type:
application/pdf
URL:
Help with citations