Two reports just released by the Energy Department's inspector general are critical of the department's cybersecurity efforts.
In a special report released Dec. 19, cybersecurity is one of seven areas that IG Gregory Friedman considers a significant management challenge for the department.
"[O]ur annual evaluation of the department's unclassified cybersecurity program noted weaknesses that could compromise critical systems if left uncorrected," the report stated. "We found problems with ensuring that: (1) only authorized individuals could access information resources; (2) duties and responsibilities for processing financial transactions were properly segregated; and (3) modifications to applications and systems were authorized and properly controlled."
In the area of financial management, in a separate memo to Energy secretary Samuel Bodman dated Nov. 14 but posted to the IG's Web site in the past few days, Friedman reported that the department failed its financial audit for fiscal 2005. He attributed much of the failure to problems in implementing a new accounting system.