Security Checklist

1. Show that system security is an integral part of the agency's IT architecture.

2. Report the costs of security and show how the security plan is part of the life-cycle of the system. Develop a security plan that includes the security rules for the system and the consequences of violating the rules and a way to identify, limit and control connections to other systems.

3. Identify security risks and how risks will be assessed and minimized. Demonstrate how security controls are commensurate with the risk.

4. Use appropriate security for systems that permit public access. Ensure personal information is consistent with relevant federal policies.

5. Account for departures from National Institute for Standards and Technology guidance.

Featured

  • IT Modernization
    shutterstock image By enzozo; photo ID: 319763930

    OMB provides key guidance for TMF proposals amid surge in submissions

    Deputy Federal CIO Maria Roat details what makes for a winning Technology Modernization Fund proposal as agencies continue to submit major IT projects for potential funding.

  • gears and money (zaozaa19/Shutterstock.com)

    Worries from a Democrat about the Biden administration and federal procurement

    Steve Kelman is concerned that the push for more spending with small disadvantaged businesses will detract from the goal of getting the best deal for agencies and taxpayers.

Stay Connected