Impact of the Governmentwide Computer Security Planning and Review Process

Gao ID: T-IMTEC-90-11 July 10, 1990

GAO discussed the governmentwide computer security planning and review process implemented under the Computer Security Act of 1987. GAO found that: (1) agency plans developed under the act are reporting requirements, rather than tools for managing agency security programs; and (2) National Institute of Standards and Technology and National Security Agency review comments on agency plans were general and of limited use with regard to specific computer security problems. GAO believes that the planning and review process has little impact on agency computer security programs.

The Justia Government Accountability Office site republishes public reports retrieved from the U.S. GAO These reports should not be considered official, and do not necessarily reflect the views of Justia.