The GAO found that many Department of the Interior requirements for physically safeguarding proprietary data are not being met. Although the GAO found no instances where proprietary data have been improperly disclosed, the GAO found several instances where access to such data by unauthorized persons is not adequately controlled. In addition, the GAO found that MMS regional offices have inadequate internal controls in computer operations using proprietary data. The GAO believes that MMS regional offices need to: (1) establish procedures for backing up computerized data; (2) establish proper controls over access to computer systems; (3) properly identify computer tapes and output that contain proprietary data; and (4) protect computer equipment which can be accessed by telephone. The GAO also found that MMS regional offices have not completed risk analyses to determine the appropriate levels of security over proprietary data.