Computer Security: Governmentwide Planning Process Had Limited Impact
IMTEC-90-48
Published: May 10, 1990. Publicly Released: May 10, 1990.
Skip to Highlights
Highlights
Pursuant to a congressional request, GAO reviewed the governmentwide computer security planning and review process that the Computer Security Act of 1987 required, focusing on: (1) 10 civilian agencies' planning processes and implementation of planned controls in 22 selected plans; and (2) the National Institute of Standards and Technology's (NIST) and the National Security Agency's (NSA) review of plans.
Full Report
Office of Public Affairs
Topics
Baseline security controlsComputer securityConfidential communicationsFederal agenciesInformation systemsInternal controlsReporting requirementsStandards evaluationComputer resources managementRight of privacy