Coast Guard said to fall short on IT security

The Coast Guard showed little progress in 2007 in correcting more than 40 weaknesses in its information technology security that pertains to its financial systems, according to a recent audit.

Auditors found 42 IT-related control deficiencies, of which 40 were repeated deficiencies, either partially or fully, from the year before. The 52-page IT Management Letter with that conclusion was released by KPMG LLP auditing firm as part of the 2007 Homeland Security Department Financial Systems Audit.
Among the problems the audit found:

  • Thirteen outside contractors were foreign nationals with sensitive IT security positions who did not have appropriate waivers from DHS;

  • System change requests from the Coast Guard’s Personnel Service Center were not always being appropriately documented;

  • A major financial application was not properly certified and accredited in compliance with departmental policies.

In general, problems were found with excessive access to financial applications, too few controls on processes to change applications, completeness of personnel background checks, weaknesses in patch management for software, and lack of testing for system recovery after a disaster, the report said.

“Several significant and serious IT general control weaknesses remain that collectively limit Coast Guard's ability to ensure that critical financial and operational data is maintained in a manner to ensure confidentiality, integrity, and availability,” KPMG wrote.

About the Author

Alice Lipowicz is a staff writer covering government 2.0, homeland security and other IT policies for Federal Computer Week.


  • People
    Dr. Ronny Jackson briefs the press on President Trump

    Uncertainty at VA after nominee withdraws

    With White House physician Adm. Ronny Jackson's withdrawal, VA watchers are wondering what's next for the agency and its planned $16 billion health IT modernization project.

  • Cybersecurity

    DHS floats 'collective defense' model for cybersecurity

    Homeland Security Secretary Kirstjen Nielsen wants her department to have a more direct role in defending the private sector and critical infrastructure entities from cyberthreats.

  • Defense
    Defense Secretary James Mattis testifies at an April 12 hearing of the House Armed Services Committee.

    Mattis: Cloud deal not tailored for Amazon

    On Capitol Hill, Defense Secretary Jim Mattis sought to quell "rumors" that the Pentagon's planned single-award cloud acquisition was designed with Amazon Web Services in mind.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.