Information Security: Securities and Exchange Commission Needs to Continue to Improve Its Program

United States Government Publishing Office publisher pbl distributor dst United States Government Accountability Office author aut Government Organization text government publication eng GAOREPORTS Legislative Agency Publications gao legislative 2010-08-12 U.S. Government Printing Office 2006-03-31 monographic deposited born digital 30 p. GA 1.13:GAO-06-408 https://www.govinfo.gov/app/details/GAOREPORTS-GAO-06-408 P0b002ee18038b6cb f:d06408 DGPO 2010-08-12 2011-03-24 GAOREPORTS-GAO-06-408 machine generated eng fdlp REPORT GAOREPORTS-GAO-06-408 GAO-06-408 Baseline security controls Computer security Information security Information security management Information systems Internal controls Security assessments System vulnerabilities Classified information Data integrity Risk management Other Written Product A50565

Information Security: Securities and Exchange Commission Needs to Continue to Improve Its Program The Securities and Exchange Commission (SEC) has a demanding responsibility enforcing securities laws, regulating the securities markets, and protecting investors. In enforcing these laws, SEC issues rules and regulations to provide protection for investors and to help ensure that the securities markets are fair and honest. It relies extensively on computerized systems to support its financial and mission-related operations. Information security controls affect the integrity, confidentiality, and availability of sensitive information maintained by SEC. As part of the audit of SEC's fiscal year 2005 financial statements, GAO assessed (1) the status of SEC's actions to correct or mitigate previously reported information security weaknesses and (2) the effectiveness of the commission's information system controls in protecting the confidentiality, integrity, and availability of its financial and sensitive information. https://www.govinfo.gov/content/pkg/GAOREPORTS-GAO-06-408/html/GAOREPORTS-GAO-06-408.htm https://www.govinfo.gov/content/pkg/GAOREPORTS-GAO-06-408/pdf/GAOREPORTS-GAO-06-408.pdf GAO-06-408 https://www.govinfo.gov/app/details/GAOREPORTS-GAO-06-408 Other Written Product GAO-06-408; Information Security: Securities and Exchange Commission Needs to Continue to Improve Its Program; Baseline security controls Computer security Information security Information security management Information systems Internal controls Security assessments System vulnerabilities Classified information Data integrity Risk management United States Code Title 31 Section 720 31 U.S.C. 720