Originally published June 22 2005
Government agencies must now display strength of privacy programs in FISMA report
by Mike Adams, the Health Ranger, NaturalNews Editor
Government Computer News reports that agencies making their Federal Information Security Management Act report must now give a detailed account of the strength of their privacy programs.
For the first time, agencies will include a detailed report on the strength of their privacy programs in their annual Federal Information Security Management Act report.
Departments have until Oct. 7 to submist a FISMA report to the Office of Management and Budget.
Administration officials then will create a report to send to Congress by March 2006.
"The privacy program questions shall be completed by the senior agency official for privacy, in consultation with other agency privacy officials as appropriate," said Clay Johnson, OMB's deputy director for management, in a memo to agency executives.
Along with privacy, the FISMA report includes separate IT security evaluations by the agency's inspector general and the CIO.
Under the IT security section, agencies will find two new questions on the use of the National Institute of Standards and Technology's Special Publication 800-53, which lays out security controls for federal systems, and on whether the agency has developed security procedures for emerging technologies such as wireless, Internet Protocol Version 6, spyware and malware.
OMB also updated questions about NIST's Federal Information Processing Standards 199 for assessing security risks; the tools or techniques used to detect incidents and how many systems the agency is using the tools for; and the number of successful outside attacks in 2005, including the number reported to law enforcement and the number reported to the U.S. Computer Emergency Response Team.
Incidents may include denial of service attacks, unauthorized access, malicious code or improper usage.
"OMB uses the information to help evaluate agency-specific and governmentwide security performance, develop its annual security report to Congress, assist in improving and maintaining adequate agency security performance and inform development of the E-Government's scorecard under the President's Management Agenda," Johnson said.
All content posted on this site is commentary or opinion and is protected under Free Speech. Truth Publishing LLC takes sole responsibility for all content. Truth Publishing sells no hard products and earns no money from the recommendation of products. NaturalNews.com is presented for educational and commentary purposes only and should not be construed as professional advice from any licensed practitioner. Truth Publishing assumes no responsibility for the use or misuse of this material. For the full terms of usage of this material, visit www.NaturalNews.com/terms.shtml