GovWhitePapers Logo

Sorry, your browser is not compatible with this application. Please use the latest version of Google Chrome, Mozilla Firefox, Microsoft Edge or Safari.

Cybersecurity: Agencies Need to Fully Establish Risk Management Programs and Address Challenges

Federal agencies face a growing number of cyber threats to their systems and data. To protect against these threats, federal law and policies emphasize that agencies take a risk based approach to cybersecurity by effectively identifying, prioritizing, and managing their cyber risks. In addition, OMB and DHS play important roles in overseeing and supporting agencies’ cybersecurity risk management efforts.

Key practices for establishing an agency-wide cybersecurity risk management program include designating a cybersecurity risk executive, developing a risk management strategy and policies to facilitate risk-based decisions, assessing cyber risks to the agency, and establishing coordination with the agency’s enterprise risk management (ERM) program.

  • Author(s):
  • Government Accountability Office (GAO)
  • Share this:
  • Share on Facebook
  • Share on Twitter
  • Share via Email
  • Share on LinkedIn
Cybersecurity: Agencies Need to Fully Establish Risk Management Programs and Address Challenges
Format:
  • White Paper
Topics:
Website:Visit Publisher Website
Publisher:Government Accountability Office (GAO)
Published:July 1, 2019
License:Public Domain

Featured Content

Contact Publisher

Claim Content