See Links BelowCIT

The United States General Accounting Office (GAO)

GAO works for Congress by evaluating federal programs and advising Congress and the heads of executive agencies about ways to make federal programs more effective and responsive. GAO's guidance and reports to Congress can be found on the GAO Website.

Selected Relevant GAO Guides:

Management Planning Guide for Information Systems Security Auditing, A Joint Initiative of the National State Auditors Association and GAO, December 10, 2001 (No GAO number was assigned to this guide; you can find it on the GAO website under Special Publications, topic Government Policy and Guidance)

GAO-01-376G, Executive Guide: Maximizing the Success of Chief Information Officers: Learning from Leading Organizations, February 2001

GAO/AIMD-00-33, Information Security Risk Assessment: Practices of Leading Organizations, November 1999

GAO/AIMD-99-32, Executive Guide: Leading Practices in Capital Decision-making, December 1998

GAO/AIMD-98-68, Executive Guide: Information Security Management: Learning from Leading Organizations, May 1998

GAO/AIMD-98-89, Executive Guide: Measuring Performance and Demonstrating Results of Information Technology Investments, March 1998

GAO/AIMD-10.1.13, Information Technology Investment Evaluation Guide. Assessing Risks and Returns: A Guide for Evaluating Federal Agencies' IT Investment Decision-making, February 1997

GAO/GGD-96-118, Executive Guide: Effectively Implementing the Government Performance and Results Act, June 1, 1996

AIMD-94-115, Executive Guide: Improving Mission Performance Through Strategic Information Management and Technology, May 1994

GAO/IMTEC-8.1.4, Information Technology: An Audit Guide for Assessing Acquisition Risk, December 1992

AIMD-10.1.23, Information Technology Investment Management: A Framework for Assessing and Improving Process Maturity (Exposure Draft)

AIMD-00-155, Information Technology Investment Management: An Overview of GAO's Assessment Framework (Exposure Draft)

Selected Relevant GAO Reports:

Information Technology

GAO-02-6, Enterprise Architecture Use Across the Federal Government Can Be Improved, February 19, 2002

GAO-02-214, Leading Commercial Practices for Outsourcing of Services, November 30, 2001

AIMD-00-270, Selected Agencies' Use of Commercial Off-the-Shelf Software for Human Resources Functions, July 31, 2000

AIMD-99-228R, Comments on Proposed OMB Guidance for Implementing the Government Paperwork Elimination Act, July 2, 1999

T-AIMD-97-38, Best Practices Can Improve Performance and Produce Results, January 31, 1997

Information Resources Management

GAO-02-292, Comprehensive Strategic Plan Needed to Address Mounting Challenges, February 22, 2002

AIMD-00-183R, Revisions to OMB's Circular A-130, May 23, 2000

T-AIMD-00-128, Implementing Effective CIO Organizations, March 24, 2000

T-AIMD-98-22, Chief Information Officers: Ensuring Strong Leadership and an Effective Council, October 27, 1997

Security

GAO-02-407, Additional Actions Needed to Fully Implement Reform Legislation, May 2, 2002

GAO-02-677T, Comments on the Proposed Federal Information Security Management Act of 2002, May 2, 2002

GAO-02-649R, Subcommittee Post-Hearing Questions Concerning the Additional Actions Needed to Implement Reform Legislation, April 16, 2002

GAO-02-231T, Improvements Needed to Reduce Risk to Critical Federal Operations and Assets, November 9, 2001

GAO-02-24, Information Sharing: Practices That Can Benefit Critical Infrastructure Protection, October 15, 2001

AIMD-00-295, Serious and Widespread Weaknesses Persist at Federal Agencies, September 6, 2000

AIMD-00-194R, Software Change Controls at the Department of Health and Human Services, June 30, 2000

T-AIMD-00-171, "ILOVEYOU" Computer Virus Emphasizes Critical Need for Agency and Governmentwide Improvements, May 10, 2000

T-AIMD-00-135, Actions Needed to Address Widespread Weaknesses, March 29, 2000

T-AIMD-00-107, Comments on Proposed Government Information Act of 1999, March 2, 2000

T-AIMD-99-302, The Proposed Computer Security Enhancement Act of 1999, September 30, 1999

T-AIMD-99-223, Recent Attacks on Federal Web Sites Underscore Need for Stronger Information Security Management, June 24, 1999

GAO/AIMD-98-92, Serious Weaknesses Place Critical Federal Operations and Assets at Risk, September 1998

GAO/HR-97-1, Resolving Serious Information Security Weaknesses, February 1997

Electronic Government

GAO-02-327, Challenges to Effective Adoption of the Extensible Markup Language, April 5, 2002

GAO-01-1100, Better Information Needed on Agencies' Implementation of the Government Paperwork Elimination Act, September 28, 2001

GAO-01-959T, Challenges Must Be Addressed With Effective Leadership and Management, July 11, 2001

AIMD-00-282, Government Paperwork Elimination Act Presents Challenges for Agencies, September 15, 2000

T-AIMD/GGD-00-179, Federal (E-Gov) Initiatives Are Evolving Rapidly But They Face Significant Challenges, May 22, 2000

Internet Privacy

GAO-01-424, Implementation of Federal Guidance for Agency Use of Cookies, April 27, 2001

GAO-1-147R, Federal Agency Use of Cookies, October 20, 2000

GAO-01-113T, Comparison of Federal Agency Practices with FTC's Fair Information Principles, October 11, 2000

AIMD-00-296R, Comparison of Federal Agency Practices with FTC's Fair Information Principles, September 11, 2000

GGD-00-191, Agencies' Efforts to Implement OMB's Privacy Policy, September 5, 2000

Information Management

GAO-02-493, Update on Implementation of the 1996 Electronic Freedom of Information Act Amendments, August 30, 2002

GAO-02-586, Challenges in Managing and Preserving Electronic Records, June 17, 2002

GAO-01-428, Electronic Dissemination of Government Publications, March 30, 2001

GAO-01-378, Progress in Implementing the 1996 Electronic Freedom of Information Act Amendments, March 16, 2001

DHHS     GSA     OMB     CIO Council

Home | Search | Index | Map | Comments | Disclaimers | Privacy

Page last updated: 11/05/2002