Information Security: Progress Made on Harmonizing Policies and Guidance for National Security and Non-National Security Systems

Abstract

Historically, civilian and national security-related information technology (IT) systems have been governed by different information security policies and guidance. Specifically, the Office of Management and Budget and the Department of Commerce's National Institute of Standards and Technology (NIST) established policies and guidance for civilian non-national security systems, while other organizations, including the Committee on National Security Systems (CNSS), the Department of Defense (DOD), and the U.S. intelligence community, have developed policies and guidance for national security systems. GAO was asked to assess the progress of federal efforts to harmonize policies and guidance for these two types of systems. To do this, GAO reviewed program plans and schedules, analyzed policies and guidance, assessed program efforts against key practices for cross agency collaboration, and interviewed officials responsible for this effort.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Sep 01, 2010
Accession Number
ADA530094

Entities

Organizations

  • United States Government Accountability Office

Tags

Communities of Interest

  • Cyber
  • Space
  • Weapons Technologies

DTIC Thesaurus Topics

  • Air Force
  • Application Software
  • Commerce
  • Congress
  • Cybersecurity
  • Department Of Defense
  • Electronic Mail
  • Information Security
  • Information Systems
  • Intelligence Community (United States)
  • Interagency Coordination
  • Law
  • National Security
  • Security
  • Teamwork
  • United States
  • United States Government

Readers

  • Defense Acquisition Program Management
  • Defense Technology Research and Development.
  • Government and Public Administration Law.