Government auditors certified and accredited 77% of the federal government’s 8,623 IT systems after undergoing risk assessments and security-control testing last fiscal year, up from 62% in fiscal year 2003, according to White House. 85% of federal IT systems had security costs incorporated into their life-cycle planning costs, up from 77% in 2003.
77% had management, operational, and technical controls tests, up from 64%. 75% had contingency plans designed to ensure continuity of operation. Officials tested 57% of these systems. In 2003, 68% had contingency plans and only 48% were tested. All agencies have begun developing and implementing security-configuration policies for at least some of their operating systems, the first time that claim can be made. 88% of all federal-government employees received some IT security training 2004 at a cost of $55 million, or $13.33 for each worker.