Security steers DOT plans
- By Paula Shaki Trimble
- Mar 19, 2000
Transportation Department information technology investments should include
risk criteria that specify how a security plan factors into an investment's
cost and management, according to a version of the agency's Capital Programming
Manual under review by DOT's operating units.
The manual states that IT investment criteria should include:
* IT architecture and infrastructure.
* Security, as it links to IT architecture.
* A security plan that includes consideration of life-cycle costs.
* An assessment of how security risks will be managed.
* An approach for protecting privacy and confidentiality.
* Strategic and technological issues, including a strong preference
for commercial alternatives.
The capital plan will be finalized for the first budget cycle for fiscal
2002, which begins this summer, said George Molaski, DOT's chief information