Security steers DOT plans

Transportation Department information technology investments should include

risk criteria that specify how a security plan factors into an investment's

cost and management, according to a version of the agency's Capital Programming

Manual under review by DOT's operating units.

The manual states that IT investment criteria should include:

* IT architecture and infrastructure.

* Security, as it links to IT architecture.

* A security plan that includes consideration of life-cycle costs.

* An assessment of how security risks will be managed.

* An approach for protecting privacy and confidentiality.

* Strategic and technological issues, including a strong preference

for commercial alternatives.

The capital plan will be finalized for the first budget cycle for fiscal

2002, which begins this summer, said George Molaski, DOT's chief information

officer.

Featured

  • Cybersecurity
    cybersecurity (Rawpixel/Shutterstock.com)

    CMMC clears key regulatory hurdle

    The White House approved an interim rule to mandate defense contractors prove they adhere to existing cybersecurity standards from the National Institute of Standards and Technology.

  • Comment
    cloud (Phaigraphic/Shutterstock.com)

    A call for visionary investment

    Investing in IT modernization is not an either-or proposition, Rep. Connolly writes. This pandemic has presented Congress a choice: We can put our head in the sand and pretend these failures didn't happen, or we can take action to be prepared for the future.

Stay Connected