VA awards contract for security test

The Department of Veterans Affairs has awarded Corbett Technologies a one-year

contract to assess the VA's computer security systems.

The small, veteran-owned company will evaluate every VA security system

and develop recommendations to make sure the agency complies with federal

regulations. The criteria will be used by the VA's 172 hospitals and 500

other VA facilities.

In addition, four area offices and 58 regional offices as well as the National

Cemetery Administration will use the recommendations to help develop a comprehensive

information systems security program, according to Corbett, an Alexandria,

Va.- based security consulting firm.

"This contract demonstrates the VA's commitment to implement a comprehensive,

integrated security management program to ensure that the VA's information

assets are adequately protected against unauthorized access, theft, misuse

or loss," said Barry Stauffer, Corbett's president and chief executive officer.

The federal government requires every federal agency to undergo an independent

technical evaluation every three years. It also requires that the system

be approved for operations.

The VA has come under repeated criticism for failing security tests. Earlier

this year, an independent consulting company hired by the government was

able to break into the VA computer system and obtain confidential data about

veterans.