Review of the Department of Justice’s Reporting Procedures for Loss of Sensitive Electronic Information
Evaluation and Inspections Report I-2007-005
Office of the Inspector General
|U. S. Department of Justice
United States Marshals Service
Washington, DC 20530-1000
May 25, 2007
|MEMORANDUM TO:||Paul A. Price
Assistant Inspector General for Evaluation and Inspections
|FROM:||Diane C. Litman (signature)
|SUBJECT:||Assistant Director for Information Technology Response to Assignment # A-2006-010, Review of the Department of Justice's Reporting Procedures for Loss of Sensitive Electronic Information
In response to your memorandum dated May 2, 2007, the United States Marshals Service (USMS) concurs with the eight recommendations in the report, although there are reservations about the practicality of the 1 hour reporting requirement in a real-world environment. With regard to those recommendations that require immediate component vs. Department action, the USMS will take the described actions by the dates noted:
Recommendation #1: The USMS will update its IT security policy not later than June 30, 2007, to include the procedures to be followed for reporting computer security incidents after hours.
Recommendation #2: Nothing in the audit report indicated that there was a problem with USMS reporting procedures for classified information, so no action is planned.
Recommendation #8: The USMS will ensure that not later than June 30, 2007, the procedures issued by various organizations within the agency do not have conflicting or inconsistent chain-of-command reporting procedures, and that staff titles and internal department designations are correct and up-to-date.
Questions concerning this response should be directed to Claire Adams on 202-307-9566.
|cc:||Kevin Deeley, DOJ OCIO, ITSS
Claire Adams, USMS, ITS
Alfred (Bud) Clark, USMS, ITS
Maria Alicia Ortiz, USMS, Audit Liaison
|« Previous||Table of Contents||Next »|