Discussion on the need for security focuses on trends in computing, information as a corporate asset, business impact and loss assessment, and trends in computer abuse and data privacy. Technical aspects of computer systems security covered include risks and safeguards, physical security, hardware protection, software and data security, terminal and communications security, contingency planning, and computer insurance. Topics reviewed under security management include security as a corporate function requiring a corporate policy, the structure of security management, the methodology of security and management controls, personnel practices and procedures, and the role of the security coordinator and the security budget. Chapters on the security review cover external and internal audits, as well as the preevent and postevent reviews. Also highlighted are current weaknesses and requirements in computer systems security, new risks and developments, future requirements in legislation and law enforcement, and privacy and transborder data flow. The 16 papers portray the experiences and views of experts in the computer systems security field on these same topics. An annotated bibliography of 255 citations, case histories, analyses of threats and countermeasures, and an index conclude the volume. For separate papers, see NCJ 88618-33.