From: InfoSec News (alertsinfosecnews.org)
Date: Thu Jun 10 2010 - 01:27:26 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

http://www.informationweek.com/news/government/enterprise-apps/showArticle.jhtml?articleID=225600134

By Elizabeth Montalbano
InformationWeek
June 9, 2010

Federal auditors have criticized the security and design of a General
Services Administration e-travel system, suggesting changes to it as
part of a yearly review of the agency's IT process.

In the Office of the Inspector General's semiannual report to Congress,
auditors said that the GSA's implementation of the E2 Solutions travel
management system has security and usability issues that, among other
things, don't properly measure the performance of the system and make it
unfriendly for users, particularly disabled ones.

"GSA's implementation of E2 has not provided the level of scrutiny
necessary to ensure that internal and financial controls adequately
mitigate operational risks," auditors wrote in the report. "In addition,
targeted goals and performance measures necessary to comprehensively
assess how well E2 meets GSA's travel management needs are not yet in
place."

Specifically, the report said the GSA needs to assess the costs incurred
with E2's implementation against the multiple contracts used to
facilitate operations of the system. Also, the agency needs more
oversight and control points when it comes to distributing funds.

[...]

_________________________________________________________________
Attend Black Hat USA 2010, hosted at Caesars Palace in Las Vegas, Nevada
July 24-29th, offering over 60 training sessions and 11 tracks of Briefings
from security industry elite. To sign up visit http://www.blackhat.com

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]