Seeking clarity on security
Members of the federal Chief Information Security Officers Forum have sent a memo to the Office of Management and Budget seeking clarification of OMB's security reporting policies.
The security officials said much is still open to interpretation in OMB's guidelines for helping agencies comply with the Federal Information Security Management Act of 2002. The confusion, they said, has given some agency officials an excuse to treat the new law as a burdensome reporting exercise, while others are trying hard to comply with the law's requirements.
Daniel Galik, chief of mission assurance at the Internal Revenue Service, belongs to the latter group. "FISMA is pretty clear on the major systems," he said. "It's all the other little cats and dogs, the minor systems," about which the rules are unclear, he said.
By Florence Olsen at FCW.
[ Read more ]