Which of the following acts promote a risk-based policy for cost effective security? Each correct answer represents a part of the solution. Choose all that apply.

A.
Lanham Act

B.
Computer Misuse Act

C.
Paperwork Reduction Act (PRA)

D.
Clinger-Cohen Act

Explanation:

The Paperwork Reduction Act (PRA) and the Clinger-Cohen Act promote a risk-based policy for cost effective security.

Answer option A is incorrect. The Lanham Act is a piece of legislation that contains the federal statutes of trademark law in the United States.
The Act prohibits a number of activities, including trademark infringement, trademark dilution, and false advertising. It is also called Lanham Trademark Act.

Answer option B is incorrect. The Computer Misuse Act 1990 is an Act of the UK Parliament, which states the following statements:

Unauthorized access to the computer material is punishable by 6 months imprisonment or a fine "not exceeding level 5 on the standard scale" (currently 5000).
Unauthorized access with the intent to commit or facilitate commission of further offences is punishable by 6 months/maximum fine on summary conviction or 5 years/fine on indictment. Unauthorized modification of computer material is subject to the same sentences as section 2 offences.

What is the Clinger-Cohen Act? Hide

The Clinger-Cohen Act (CCA), formerly the Information Technology Management Reform Act of 1996 (ITMRA), is a 1996
United States federal law, designed to improve the way the federal government acquires, uses, and disposes information technology.

The Clinger-Cohen Act supplements the information resources management policies by establishing a comprehensive approach for executive agencies to improve the acquisition and management of their information resources in the following ways:

Focusing information resource planning to support their strategic missions Implementing a capital planning and investment control process that links to budget formulation and execution
Rethinking and restructuring the way they do their work before investing in information systems What is the Paperwork Reduction Act? Hide
The Paperwork Reduction Act (PRA) of 1980 as amended by the Paperwork Reduction Act of 1995 is a United States federal law enacted in 1980 that gave authority over the collection of certain information to the Office of Management and Budget (OMB). Within the OMB, the Office of Information and Regulatory Affairs (OIRA) was established with specific authority to regulate matters regarding federal information and to establish information policies. These information policies were intended to reduce the total amount of paperwork handled by the United States government and the general public.

The PRA mandates that all federal government agencies must obtain a Control Number from OMB before promulgating a form that will impose an information collection burden on the general public. Once obtained, approval must be renewed every three years. In order to obtain or renew such approval, an agency must fill out OMB Form 83-I, attach the proposed form, and file it with OIRA. On Form 83-I, the agency must explain the reason why the form is needed and estimate the burden in terms of time and money that the form will impose upon the persons required to fill it out.