Impact of the Governmentwide Computer Security Planning and Review Process
T-IMTEC-90-11
Published: Jul 10, 1990. Publicly Released: Jul 10, 1990.
Skip to Highlights
Highlights
GAO discussed the governmentwide computer security planning and review process implemented under the Computer Security Act of 1987. GAO found that: (1) agency plans developed under the act are reporting requirements, rather than tools for managing agency security programs; and (2) National Institute of Standards and Technology and National Security Agency review comments on agency plans were general and of limited use with regard to specific computer security problems. GAO believes that the planning and review process has little impact on agency computer security programs.
Full Report
Office of Public Affairs
Topics
Computer securityFederal agenciesInformation disclosureInformation systemsInteragency relationsInternal controlsStandards evaluationSensitive informationInformation managementTechnical assistance