Computer Security Act of 1987

The Computer Security Act of 1987, Public Law No. 100-235 (H.R. 145), (Jan. 8, 1988), was a United States federal law enacted in 1987. It was intended to improve the security and privacy of sensitive information in federal computer systems and to establish minimally acceptable security practices for such systems. It required the creation of computer security plans, and appropriate training of system users or owners where the systems would display, process or store sensitive information.

Computer Security Act of 1987
Long titleAn Act to provide for a computer standards program within the National Bureau of Standards, to provide for Government-wide computer security, and to provide for the training in security matters of persons who are involved in the management, operation, and use of Federal computer systems, and for other purposes.
Acronyms (colloquial)CSA
Enacted bythe 100th United States Congress
EffectiveJanuary 8, 1988
Citations
Public law100-235
Statutes at Large101 Stat. 1724
Codification
Titles amended15 U.S.C.: Commerce and Trade
U.S.C. sections amended
Legislative history
  • Introduced in the House as H.R. 145 by Dan Glickman (D-KS) on January 6, 1987
  • Committee consideration by House Government Operations, House Science, Space and Technology
  • Passed the House on June 22, 1987 (passed voice vote)
  • Passed the Senate on December 21, 1987 (passed voice vote)
  • Signed into law by President Ronald Reagan on January 8, 1988
Major amendments
Repealed by the Federal Information Security Management Act of 2002

History

It was repealed by the Federal Information Security Management Act of 2002 SEC. 305. (a)

Provisions

  • Assigned the National Institute of Standards and Technology (NIST, At the time named National Bureau of Standards) to develop standards of minimum acceptable practices with the help of the NSA
  • Required establishment of security policies for Federal computer systems that contain sensitive information.
  • Mandatory security awareness training for federal employees that use those systems.

References

  • "Information Security: The Computer Security Act of 1987--H.R. 145" (PDF). U.S. GAO ~ T-IMTEC-87-2. U.S. Government Accountability Office. February 25, 1987. OCLC 16999161.
  • "Computer Security: Status of Compliance With the Computer Security Act of 1987" (PDF). U.S. GAO ~ IMTEC-88-61BR. U.S. Government Accountability Office. September 22, 1988. OCLC 19256725.
  • "Computer Security: Compliance With Training Requirements of the Computer Security Act of 1987" (PDF). U.S. GAO ~ IMTEC-89-16BR. U.S. Government Accountability Office. February 22, 1989. OCLC 27992135.
This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.