Information Security Risk Assessment: Practices of Leading Organizations

AIMD-00-33 Published: Nov 01, 1999. Publicly Released: Nov 01, 1999.
Jump To:
Highlights

This document is a supplement to GAO's May 1998 executive guide on information security management. It is intended to help federal managers implement an ongoing information security risk assessment process by providing examples, or case studies, of practical risk assessment procedures that have been successfully adopted by four organizations known for their efforts to implement good risk assessment practices.

Full Report

Full Report (50 pages)
Office of Public Affairs
Topics
Information Security
Best practicesBest practices reviewsComputer securityData integrityInformation resources managementInformation security managementInformation technologyInternal controlsRisk managementRisk assessment