Independent Evaluation of GAO's Information Security Program and Practices--Fiscal Year 2008

This is a publication by GAO's Inspector General that concerns internal GAO operations. The Office of Inspector General (OIG) performed an independent evaluation of GAO's information security program and practices for fiscal year 2008 as prescribed by the Federal Information Security Management Act of 2002 (FISMA). GAO is not obligated by law to comply with FISMA, but has adopted the law's requirements to strengthen its information security program and demonstrate its ongoing commitment to lead by example.