Enforcement, not flawlessness, key to security
Surviving a security audit requires good policies, procedures and practices — and auditors look unfavorably on federal agencies with policy and procedural deficiencies, a security compliance official said today at a conference in Washington, D.C.
Todd Fitzgerald, systems security officer for United Government Services, a claims processing company for Medicare and Medicaid Services, said federal officials cannot avoid information security deficiencies altogether, but they should strive to make auditors scour for deficiencies.
By Florence Olsen at FCW.
[ Read more ]