Sorry, your browser is not compatible with this application. Please use the latest version of Google Chrome, Mozilla Firefox, Microsoft Edge or Safari.
Cybersecurity: Agencies Need to Fully Establish Risk Management Programs and Address Challenges
Federal agencies face a growing number of cyber threats to their systems and data. To protect against these threats, federal law and policies emphasize that agencies take a risk based approach to cybersecurity by effectively identifying, prioritizing, and managing their cyber risks. In addition, OMB and DHS play important roles in overseeing and supporting agencies’ cybersecurity risk management efforts.
Key practices for establishing an agency-wide cybersecurity risk management program include designating a cybersecurity risk executive, developing a risk management strategy and policies to facilitate risk-based decisions, assessing cyber risks to the agency, and establishing coordination with the agency’s enterprise risk management (ERM) program.
| Format: |
|
| Topics: | |
| Website: | Visit Publisher Website |
| Publisher: | Government Accountability Office (GAO) |
| Published: | July 1, 2019 |
| License: | Public Domain |
Featured Content
Contact Publisher
Claim Content