Information Security: Answers to Posthearing Questions

AIMD-99-272R Published: Aug 09, 1999. Publicly Released: Aug 09, 1999.
Jump To:
Skip to Highlights

Pursuant to a congressional request, GAO responded to congressional questions regarding its June 24, 1999, testimony on the need for stronger information security management, focusing on: (1) the effectiveness of federal agencies' implementation of the 1987 Computer Security Act; (2) what gaps the Presidential Decision Directive (PDD) No. 63 will fill within existing federal programs that would improve the security of federal computer systems; (3) how GAO's Information Security Management guide differ from existing National Institute of Standards Technology (NIST) issued guidelines and bulletins, and how agencies responded to the guidelines; and (4) whether the 1992 information security audits conducted by NIST and National Security Agency (NSA) were effective and useful and whether NIST and NSA should perform these audits on a regular basis.

Full Report