Skip to main content

Lapse in Appropriations

Please note that a lapse in appropriations has caused GAO to shut down its operations. Therefore, GAO will not be able to publish reports or otherwise update this website until GAO resumes operations. In addition, the vast majority of GAO personnel are not permitted to work. Consequently, calls or emails to agency personnel may not be returned until GAO resumes operations. For details on how the bid protest process will be handled during the shutdown, please see the legal decisions page. For information related to the GAO Personnel Appeals Board (PAB), please see the PAB webpage.

Information Security Risk Assessment: Practices of Leading Organizations

AIMD-00-33 Published: Nov 01, 1999. Publicly Released: Nov 01, 1999.
Jump To:

Highlights

This document is a supplement to GAO's May 1998 executive guide on information security management. It is intended to help federal managers implement an ongoing information security risk assessment process by providing examples, or case studies, of practical risk assessment procedures that have been successfully adopted by four organizations known for their efforts to implement good risk assessment practices.

Full Report

Full Report (50 pages)

Media Inquiries

Sarah Kaczmarek
Managing Director
Office of Public Affairs
media@gao.gov

Public Inquiries

Contact Us

Topics

Information Security
Best practicesBest practices reviewsComputer securityData integrityInformation resources managementInformation security managementInformation technologyInternal controlsRisk managementRisk assessment