Computer Security

Status of Compliance With the Computer Security Act of 1987 Gao ID: IMTEC-88-61BR September 22, 1988

Pursuant to a congressional request, GAO reviewed whether federal agencies complied with provisions of the Computer Security Act of 1987, specifically whether, by July 8, 1988: (1) the Office of Personnel Management (OPM) had issued regulations prescribing the procedures and scope of training for federal civilian employees; and (2) federal agencies had identified which computer systems contained sensitive information.

GAO found that: (1) OPM distributed an interim training regulation on July 8, 1988, which did not become effective until July 13, 1988; (2) 65 of 84, or about 77 percent of the federal agencies subject to the act, reported that, as of July 8, 1988, they had identified all of their computer systems that contained sensitive information; (3) nine agencies reported that they had identified all of their systems as of September 8, 1988; (4) six agencies estimated that they would complete identification by December 1988; and (5) four agencies did not respond to the questionnaire.



The Justia Government Accountability Office site republishes public reports retrieved from the U.S. GAO These reports should not be considered official, and do not necessarily reflect the views of Justia.