Skip to main content

Computer Security: Governmentwide Planning Process Had Limited Impact

IMTEC-90-48 Published: May 10, 1990. Publicly Released: May 10, 1990.
Jump To:
Skip to Highlights

Highlights

Pursuant to a congressional request, GAO reviewed the governmentwide computer security planning and review process that the Computer Security Act of 1987 required, focusing on: (1) 10 civilian agencies' planning processes and implementation of planned controls in 22 selected plans; and (2) the National Institute of Standards and Technology's (NIST) and the National Security Agency's (NSA) review of plans.

Full Report

Office of Public Affairs

Topics

Baseline security controlsComputer securityConfidential communicationsFederal agenciesInformation systemsInternal controlsReporting requirementsStandards evaluationComputer resources managementRight of privacy