Federal agencies are making “significant strides” in dealing with longstanding IT security issues but much work remains, according to the Office of Management and Budget’s (OMB) FY 2002 Report to Congress on Federal Government Information Security Reform. Although the report says the Bush administration has “applied more rigorous IT security reviews, more threats and vulnerabilities have also materialized.” The OMB is required by law to conduct annual federal IT security reviews under the Government Information Security Reform Act (GISRA). The law also mandates Inspector Generals to perform annual independent security reviews of agency programs and systems and report the results to the OMB. Full Story