Group offers guide for secure e-gov

Government and industry have teamed to show how agencies have handled security on some of the most common electronic government initiatives, offering their experiences as examples for others.

"Securing Electronic Government," a resource guide prepared by the CIO Council's Security, Privacy and Critical Infrastructure Protection Committee, is the joint effort of many organizations. Last May, the CIO Council, the Chief Financial Officers Council and the Information Technology Association of America came together to share experiences and discuss the security challenges agencies face in the e-government arena.

The group wound up focusing on three areas

Web-based information services. Electronic procurement. Financial transactions. The group discussed the common issues under each area and then found examples of an agency or a company that had gone through the process of assessing risk and defining solutions.

The guide defines five security goals, under which each agency program can have a different level of risk: availability, authentication and identification, confidentiality, integrity and non-repudiation.

The importance of security goals varies in each area. For example, under Web-based information services, ensuring data availability and integrity are of primary importance. But depending on the information or service offered, confidentiality, identification and non-repudiation can also be factors, said David Nelson, deputy CIO at NASA.

All examples in the guide are from the federal sphere, but the discussions include an examination of instances when commercial products and services are viable options for security solutions.

The guide is intended to provide a starting point for agencies to work from and for auditors to use as examples to measure against.

The CIO Council will look for feedback from agencies on how to improve or expand upon the guide, said John Gilligan, co-chairman of the CIO Council Security committee.

The CFO Council also will solicit comments, said Sky Lesher, deputy CFO at the Interior Department and chairman of the financial systems committee on the council. And because most of the 24 agency CFOs are political appointees, the guide also will be a useful reference for the officers with the Bush administration, Lesher said.


  • Veterans Affairs
    Blue Signage and logo of the U.S. Department of Veterans Affairs

    VA health record go-live pushed back to July

    The Department of Veterans Affairs is delaying a planned initial deployment of its $16 billion electronic health record project by four months, but is promising added functionality at the go-live date.

  • Workforce
    The Pentagon (Photo by Ivan Cholakov / Shutterstock)

    Esper says he didn't seek the authority to gut DOD unions

    Defense Secretary Mark Esper told lawmakers he was waiting for a staff analysis of a recent presidential memo before deciding whether to leverage new authority.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.