Safeguarding of Proprietary Data at Minerals Management Service OCS Regional Offices

Gao ID: 124360 May 24, 1984

GAO reviewed the Minerals Management Service's (MMS) procedures for ensuring the confidentiality of proprietary data, focusing on both physical and computer security.

GAO found that many Department of the Interior requirements for physically safeguarding proprietary data are not being met. Although GAO found no instances where proprietary data have been improperly disclosed, GAO found several instances where access to such data by unauthorized persons is not adequately controlled. In addition, GAO found that MMS regional offices have inadequate internal controls in computer operations using proprietary data. GAO believes that MMS regional offices need to: (1) establish procedures for backing up computerized data; (2) establish proper controls over access to computer systems; (3) properly identify computer tapes and output that contain proprietary data; and (4) protect computer equipment which can be accessed by telephone. GAO also found that MMS regional offices have not completed risk analyses to determine the appropriate levels of security over proprietary data.



The Justia Government Accountability Office site republishes public reports retrieved from the U.S. GAO These reports should not be considered official, and do not necessarily reflect the views of Justia.