The National Computer Security Survey (NCSS): Final Methodology

Front Cover
Rand Corporation, 2008 - Political Science - 75 pages
The Bureau of Justice Statistics (BJS) in the Office of Justice Programs (OJP) of the U.S. Department of Justice (DOJ) conducted a pilot survey in 2001 -- the Computer Security Survey (CSS) -- to collect information about computer infrastructure and security measures from a sample of 500 businesses across a range of economic sectors. Based on the pilot-survey results, BJS, along with the U.S. Department of Homeland Security (DHS), decided to field a National Computer Security Survey (NCSS), a nationally representative sample of 36,000 businesses across 36 industry sectors. In 2004, RAND was selected to conduct the NCSS. The survey itself was fielded in 2006 with the data collected representing the experiences of companies in 2005. The survey collected data on the nature, extent, and consequences of computer-security incidents, monetary costs and other consequences of these incidents, incident details (such as types of offenders and reporting to authorities), and computer-security measures used by companies. The goal was to produce reliable national estimates of the incidence and prevalence of computer-security incidents against businesses and businesses' resulting losses from such incidents. This RAND report details the methodology used to develop and field the NCSS, as well as the sampling design and weighting methodology used.

From inside the book

What people are saying - Write a review

We haven't found any reviews in the usual places.


Frame Definition
Multiple Fielding Waves

3 other sections not shown

Common terms and phrases

About the author (2008)

Lois M. Davis (Ph.D., Public Health, UCLA) is a health policy researcher at RAND, a former National Institute of Mental Health (NIMH) postdoctoral fellow, and a former Pew Health Policy Fellow.

Bibliographic information