trending Market Intelligence /marketintelligence/en/news-insights/trending/somKIKfBlj9Ah-T8dmnO4A2 content esgSubNav
In This List

GAO: Room for improvement exists in SEC controls

Blog

Insight Weekly: Earnings learnings; Duke Energy hits back; PE activity surges

Blog

Banking Essentials Newsletter: July Edition - Part 3

Blog

Q&A: Data That Delivers - Automating the Credit Risk Workflow

Blog

Gauging Supply Chain Risk In Volatile Times


GAO: Room for improvement exists in SEC controls

A recently released report from the U.S. Government AccountabilityOffice said that while the SEC has improved its information security by addressingpreviously identified weaknesses, there is still room for improvement in its controlsover financial systems and data.

The GAO identified weaknesses in the SEC's controls such as failureto consistently protect its network from outside intrusions as well as impropermanagement of systems configurations. The report also indicated that the SEC didnot fully update, review or complete its information system's contingency and disasterrecovery plans, in addition to failing to always appropriately separating incompatibleand critical duties in its three computing environments.

According to the GAO, the problems partly stem from the agency'sfailure to fully implement a federally required organizationwide information securityprogram. In addition, among other things, the GAO also called out the SEC for notregularly updating and reviewing its policies on information security and failingto implement a means to have its systems and networks continuously monitored.

The GAO said that of 20 weaknesses it previously identified thatremained unresolved as of Sept. 30, 2014, the SEC had resolved five and made progressin addressing the other 15 as of Sept. 30, 2015. Two resolved weaknesses were importantto improving SEC security.