Executive Guide: Information Security Management, Learning from Leading Organizations, Accounting and Information Management Division [open pdf - 239KB]
"Increased computer interconnectivity and the popularity of the Internet are offering organizations of all types unprecedented opportunities to improve operations by reducing paper processing, cutting costs, and sharing information. However, the success of many of these efforts depends, in part, on an organization's ability to protect the integrity, confidentiality, and availability of the data and systems it relies on. Deficiencies in federal information security are a growing concern. In a February 1997 series of reports to the Congress, GAO designated information security as a government wide high-risk area. In October 1997, the President's Commission on Critical Infrastructure Protection described the potentially devastating implications of poor information security from a broader perspective in its report entitled Critical Foundations: Protecting America's Infrastructures. Since then, audit reports have continued to identify widespread information security weaknesses that place critical federal operations and assets at risk. This guide is one of a series of GAO publications that are intended to define actions federal officials can take to better manage their information resources."
Government Accountability Office (GAO): http://www.gao.gov/