Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Audit and Evaluation of Computer Security II: System Vulnerabilities and Controls



Zella G. Ruthberg


The National Bureau of Standards, with the support of the U.S. General Accounting Office, sponsored a second invitational workshop on computer security audit, entitled "Audit and Evaluation of Computer Security II: System Vulnerabilities and Controls," In Miami Beach, Florida, on November 28-30, 1978. A cross-section of highly qualified people In the computer science and EDP audit fields was assembled to develop material that would be directly usable for a Federal Information Processing Standard (FTPS) Guideline on the subject. Tn order to cover the material in a systematic fashion, the workshop was partitioned into three management sessions and five technical sessions. The management sessions addressed Managerial and Organizational Vulnerabilities and Controls at the Staff Level (1 session) and the Line Level (2 sessions). The technical sessions addressed vulnerabilities and controls in the areas of Terminal and Remote Peripherals, Communication Components, Operating Systems, Applications and Non- Integrated Data Files, and Data Base/ Data Base Management Systems. These Proceedings are the reports developed by the eight sessions of the workshop.
Special Publication (NIST SP) - 500-57
Report Number


applications controls, computer vulnerabilities, data base controls, data base management systems controls, EDP audit, internal audit, operating system controls, system controls, system vulnerabilities, terminal controls


Ruthberg, Z. (1980), Audit and Evaluation of Computer Security II: System Vulnerabilities and Controls, Special Publication (NIST SP), National Institute of Standards and Technology, Gaithersburg, MD, [online], (Accessed April 19, 2024)
Created April 1, 1980, Updated November 10, 2018