Computer Security Act of 1987

The Computer Security Act of 1987, as amended, provides for improving the security and privacy of sensitive information in federal computer systems.

The Act requires federal agencies to identify their computer systems that contain sensitive information, establish training programs to increase security awareness and knowledge of security practices, and establish a plan for the security and privacy of each computer system with sensitive information. The Act also requires the National Institute of Standards and Technology (NIST) to develop standards and guidelines for the security and privacy of sensitive information in federal computer systems.