Seeking clarity on security
Members of the federal Chief Information Security Officers Forum have sent a memo to the Office of Management and Budget seeking clarification of OMB's security reporting policies.
The security officials said much is still open to interpretation in OMB's guidelines for helping agencies comply with the Federal Information Security Management Act of 2002. The confusion, they said, has given some agency officials an excuse to treat the new law as a burdensome reporting exercise, while others are trying hard to comply with the law's requirements.
Daniel Galik, chief of mission assurance at the Internal Revenue Service, belongs to the latter group. "FISMA is pretty clear on the major systems," he said. "It's all the other little cats and dogs, the minor systems," about which the rules are unclear, he said.
By Florence Olsen at FCW.
[ Read more ]
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.