Skip to main content

Revisions to OMB's Circular A-130

AIMD-95-151R Published: Jun 01, 1995. Publicly Released: Jun 01, 1995.
Jump To:
Skip to Highlights

Highlights

GAO commented on the proposed revision to Office of Management and Budget (OMB) Circular A-130 regarding the security of federal automated information systems. GAO noted that: (1) it endorses holding management and users accountable for the security of their information resources, particularly regarding rules of behavior, system-specific training for users, reporting material information security weaknesses, and mandating National Institute of Standards and Technology assistance before agencies adopt new technologies; and (2) OMB could improve its revision by providing a specific risk assessment requirement that describes the role of risk assessments in the context of an agency's overall security program, ensures the independence and structure of, and accountability for security reviews, and provides guidance on how agencies could ensure the security of shared information.

Full Report

Office of Public Affairs

Topics

AccountabilityAutomated security systemsComputer networksComputer securityFederal regulationsInformation resources managementInformation securityInformation systemsInteragency relationsInternal controlsReporting requirementsSystems designRisk assessments