WHID 2005-20: Security gaps found in EPA contracting system

An audit of a major Environmental Protection Agency contract management system uncovered significant security lapses that, if exploited by hackers, could have serious consequences for the agency's operations, assets and personnel. The audit focused on lack of monitoring for known vulnerabilities on these systems.

Additional information:

• Security gaps found in EPA contracting system [GovExec, Feb 3 2006]
• Information Security Series: Security Practices - Integrated Contract Management System [EPA, Jan 31 2006]