CIO Council folds security panel

[InfoSec News <isn () c4i org>]

http://www.fcw.com/fcw/articles/2001/1112/web-cio-11-13-01.asp

By Diane Frank 
Nov. 13, 2001

The Office of Management and Budget and the federal CIO Council have
decided to disband the council's Security, Privacy and Critical
Infrastructure Committee to move beyond general issues to the
"nitty-gritty details," said Mark Forman, OMB's associate director for
information technology and e-government.

Such details include making sure agencies have adequate training
programs, the right people and the proper security architectures in
place to address governmentwide security vulnerabilities.

The CIO Council completed a total reorganization last month to better
focus on e-government issues and eliminated all but three committees.
Jim Flyzik, vice chairman of the council, said at the time that the
group had not decided what to do with the security committee. But last
week, Forman said security and privacy issues will be folded into the
council's other committees.

During the past two years, the committee completed a framework to
assess agencies' security status and assembled a best practices guide
for security practices. A review of governmentwide security shows that
having a chief information officer or deputy CIO as a member of the
committee has not raised the security level at agencies, Forman said.

Security now will be part of each CIO Council committee's priorities.
The council has developed a five-page list of things the committees
need to work on in the security area and ideas on how to handle them,
Forman said.

* The workforce committee will look at the issue of security skills
  and awareness.

* The best practices committee will include studies of security best
  practices.

* The architecture committee will work on security standards.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.