Download eBook for Free

Full Document

FormatFile SizeNotes
PDF file 0.7 MB

Use Adobe Acrobat Reader version 7.0 or higher for the best experience.

Summary Only

FormatFile SizeNotes
PDF file 0.1 MB

Use Adobe Acrobat Reader version 7.0 or higher for the best experience.


Purchase Print Copy

 FormatList Price Price
Add to Cart Paperback90 pages $24.00 $19.20 20% Web Discount

The Bureau of Justice Statistics (BJS) in the Office of Justice Programs (OJP) of the U.S. Department of Justice (DOJ) conducted a pilot survey in 2001 — the Computer Security Survey (CSS) — to collect information about computer infrastructure and security measures from a sample of 500 businesses across a range of economic sectors. Based on the pilot-survey results, BJS, along with the U.S. Department of Homeland Security (DHS), decided to field a National Computer Security Survey (NCSS), a nationally representative sample of 36,000 businesses across 36 industry sectors. In 2004, RAND was selected to conduct the NCSS. The survey itself was fielded in 2006 with the data collected representing the experiences of companies in 2005. The survey collected data on the nature, extent, and consequences of computer-security incidents, monetary costs and other consequences of these incidents, incident details (such as types of offenders and reporting to authorities), and computer-security measures used by companies. The goal was to produce reliable national estimates of the incidence and prevalence of computer-security incidents against businesses and businesses' resulting losses from such incidents. This RAND report details the methodology used to develop and field the NCSS, as well as the sampling design and weighting methodology used.

Table of Contents

  • Chapter One


  • Chapter Two

    Frame Definition

  • Chapter Three

    Sampling Strategy

  • Chapter Four

    Survey Methods and Fielding

  • Chapter Five

    Weighting Methodology and Nonresponse Analysis

  • Appendix A

    Range and Edit Checks and Other Data Cleaning Procedures

  • Appendix B


This report was prepared for the Bureau of Justice Statistics and conducted under the auspices of the Safety and Justice Program within RAND Infrastructure, Safety, and Environment (ISE).

This report is part of the RAND Corporation technical report series. RAND technical reports may include research findings on a specific topic that is limited in scope or intended for a narrow audience; present discussions of the methodology employed in research; provide literature reviews, survey instruments, modeling exercises, guidelines for practitioners and research professionals, and supporting documentation; or deliver preliminary findings. All RAND reports undergo rigorous peer review to ensure that they meet high standards for research quality and objectivity.

Permission is given to duplicate this electronic document for personal use only, as long as it is unaltered and complete. Copies may not be duplicated for commercial purposes. Unauthorized posting of RAND PDFs to a non-RAND Web site is prohibited. RAND PDFs are protected under copyright law. For information on reprint and linking permissions, please visit the RAND Permissions page.

The RAND Corporation is a nonprofit institution that helps improve policy and decisionmaking through research and analysis. RAND's publications do not necessarily reflect the opinions of its research clients and sponsors.