The IT Law Wiki
Register
Advertisement

Citation[]

Office of Management and Budget, Security of Federal Automated Information Resources (OMB Memorandum M-99-20) (June 23, 1999) (full-text).

Overview[]

The purpose of this memorandum was to remind agencies that, consistent with the principles embodied in OMB Circular No. A-130, Appendix III, "Security of Federal Automated Information Resources," they must continually assess the risk to their computer systems and maintain adequate security commensurate with that risk. This process should include specific procedures to ensure the timely implementation of security patches for known vulnerabilities, especially for those systems that are accessible via the Internet. Installing such patches is a proven way of avoiding disruptions to systems.

Advertisement