As of April 21, 1982, OMB Circular A-71, Transmittal Memorandum No. 1, is not sufficiently comprehensive to provide needed policy and guidance to executive agencies for establishing a reasonable level of protection over their automated information systems. Moreover, the central agencies have not been effective in fulfilling their automated information security program responsibilities, and executive agencies are doing little to implement information security program policy and guidance. Further, executive agencies have not developed and maintained a total system of controls to eliminate the fraudulent, wasteful, abusive, and illegal practices to which their automated information system have been and are being subjected. OMB Circular A-71, Transmittal Memorandum No. 1, should be revised to (1) identify the minimum control necessary for ensuring a reasonable level of protection for sensitive information, (2) clarify the interrelationship between this memorandum and policy and guidance on safeguarding information classified for national security, (3) clarify when the same level of protection must be accorded sensitive information as is given national security information, and (4) establish policy and guidance for achieving protection of those systems (using telecommunication networks). Also, executive agencies should submit to OMB for approval new plans for establishing and maintaining protection of their automated information systems. Also, procedures for implementing security plans must be developed. Overall, central agencies must cooperate in coordinating policies, principles, standards, and guidelines for information protection. A detailed description of the evaluation methodology used for this report is appended. (Author summary modified)